Forum

Hello,

First of all, I would like to say that I am new to the subject of javascript, ajax, xhr and auth2.

I have now understood the principle and I succeeded without difficulty to activate a light at home thanks to Postman.

I develop an HTML/JAVASCRIPT client application on my Synology NAS.

I try to use your API but it doesn’t work at all in the second step of auth2 protocol, I got the message : “Access to XMLHttpRequest at ‘https://partners-login.eliotbylegrand.com/token’ from origin ‘https://xxxx.synology.me:nnnnn’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.”

My Browser add the Header “Origin” and the request is blocked by Eliot server. Postman does not add the header “Origin” and it works.

Could you help me, please.

Hello Jean-Michel,

Maybe you can try to add to the Header of your request :
Access-Control-Allow-Origin: *
Or you can try to add the URL of your server in order of the “*”

(information found here : https://cypressnorth.com/programming/cross-domain-ajax-request-with-json-response-for-iefirefoxchrome-safari-jquery/

Tell me if it worked 😉

Have a good day,
Leslie – Community Manager

Hello,

I have the same issue from Angular http client …

It is not sufficient to modify the header of the http call.
The API server must accept CORS requests from a specific url or from any source..

Where can I set the domains of origin to enable CORS ?

Have a good day !

Federico

Hello Frederico,

I try to see with the development teams about your question. I’ll tell you as soon as I have more information

Maybe you can try to add Access-Control-Allow-Methods in your header ? (found on : https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods)

Have a good day,

Leslie – Community Manager

Did you find a solution to the problem, I’m having a similar issue now

Hello,

Can you please give me more details ? As the request sent for instance

Thanks and have a good day,
Leslie – Community Manager

Thank you for your prompt response Leslie.

I was referring to the post made by Federico Verdi

———————–

Hello,

I have the same issue from Angular http client …

It is not sufficient to modify the header of the http call.
The API server must accept CORS requests from a specific url or from any source..

Where can I set the domains of origin to enable CORS ?

Have a good day !

Federico

—————-

Hello,

CORS policies are not activated on our side (I thought it was OK)

I asked our developers to activate it in Azure. I’ll warn you as soon as it’s done

Have a good day,

Leslie – Community Manager

Hello,

I initiated this discussion few months ago.

Please could you answer to me if you have activated CORS policies on your side ?

Thanks for advance.

Have a good day.

Jean-Michel.

Hello J.M,

Good news : CORS policies are now activated since last month

Have a good day,

Leslie – Community Manager

Hello Leslie,

It works, thanks a lot.

Have a good day.

Jean-Michel.