5

so far as I can tell my issue is that my GET request is not authorised. But my attempts to add authorisation in headers or as values in the URL (api key, username, password) are not being successful.

eg.

$.ajax({
  type: 'get',
  async:   false,
  beforeSend: function(xhr){
    xhr.setRequestHeader('Authorization', 'Basic encodedusername:passwordhere');
  },
  url: "https://api.pingdom.com/api/2.0/checks",
  success: function(Data) {
    console.log(Data);
  },
    error: function(Data) { 
  }
});

Can anyone advise as to correct Javascript syntax for interacting with the Pingdom API? I believe I'm trying to authorize incorrectly Their documentation focuses on PHP which I'm unable to use in this situation.

https://www.pingdom.com/services/api-documentation-rest/#authentication

Gavin
  • 2,214
  • 2
  • 18
  • 26
  • As far as I know, you should provide not encodeBase64(login) + ":" + encodeBase64(pass), but encodeBase64(login + ":" + pass); also, it looks like your dataprovider requires another one header App-Key; and step away: async:false is a very bad practice. – Tommi Apr 11 '13 at 11:42
  • That's what I'm using. Sorry I suppose it's hard to be clear with a placeholder like I've used. Just returns "Failed to load resource: the server responded with a status of 401 (Unauthorized)" And I'm certain that the user and pass are correct as navigating to https://api.pingdom.com/api/2.0/checks and entering them in the popup works fine. – Gavin Apr 11 '13 at 11:47
  • Ensure you also send App-Key header. And try to use some web-debugger (I recommend fiddler, but it possible to use webinspector from chrome) to check your request contains required headers indeed. – Tommi Apr 11 '13 at 11:51
  • Ah interesting, adding `xhr.setRequestHeader('App-Key', 'myapikeyhere');` in the beforesend function returns a similar but different error `OPTIONS https://api.pingdom.com/api/2.0/checks 401 (Unauthorized)` I will definitely check out fiddler and webinspector right now. – Gavin Apr 11 '13 at 11:56

2 Answers2

0

I don't think it's possible to use the Pingdom API from Javascript in a web browser.

You'll need to use jsonp to get your browser to allow ajax requests across sites, but according to this response it's impossible to set headers in a jsonp request.

Community
  • 1
  • 1
neomindryan
  • 126
  • 2
  • 3
0

Use CORS Anywhere.

I wanted to get a simple jQuery request working that checked the last Pingdom result for our platform. Because of CORS and the need to specify custom headers for authentication, this didn't seem possible.

I didn't want to setup a proxy server for something so simple so I found this answer and was able to use the CORS Anywhere method, which looks something like this: 

// Will use the cors-anywhere proxy if jQuery supports it and crossDomain option is passed in.
$.ajaxPrefilter( function (options) {
  if (options.crossDomain && jQuery.support.cors) {
    var http = (window.location.protocol === 'http:' ? 'http:' : 'https:');
    options.url = http + '//cors-anywhere.herokuapp.com/' + options.url;
    // options.url = "http://cors.corsproxy.io/url=" + options.url;
  }
});

// Use ajax requests as normal.
$.ajax({
  type: 'get',
  async:   false,
  crossDomain: true,
  beforeSend: function(xhr){
    xhr.setRequestHeader('Authorization', 'Basic encodedusername:passwordhere');
  },
  url: "https://api.pingdom.com/api/2.0/checks",
  success: function(Data) {
    console.log(Data);
  },
    error: function(Data) { 
  }
});

NOTE: Do not use this if you're passing or retrieving confidential information. You should use your own proxy if you're doing that. But if you're just getting public data, like we were, then this should be a nice and clean method to get around the CORS limitation.

Joshua Pinter
  • 45,245
  • 23
  • 243
  • 245