1

I'm working with some API points set-up to grab data. The first end point I have to hit returns an auth code, which to be passed into the rest of the calls header.

I seem to have issues hitting first call with ajax and it works well with postman. I keep getting back errors, but no message.

Am I setting this up properly? It's using oauth2 and I don't have any experience with that.

A jsfiddle example https://jsfiddle.net/7f5dgn08/

var url = 'http://webaddress';

 $.ajax({
    type: "oauth2",
    url: url,
    cache: false,
    async: true,
    crossDomain: true,
    headers: {
        username: "username",
        password: "pass"
    },
    dataType: "json",
     success: function (data) {

        localStorage.setItem('aCode', JSON.stringify(data))
    },
     error: function (jqXHR, exception) {
        console.log(jqXHR.responseJSON);
    }
 });
Khushit Shah
  • 546
  • 6
  • 20
zazvorniki
  • 3,512
  • 21
  • 74
  • 122
  • I think you are missing some data, google oAuth2 and you will see you will need to pass grant_type (probably password) and client_id. Pass them through a payload, i don't think you should pass them through headers. Also type should be POST – Verthosa Nov 07 '19 at 16:01
  • Which API are you refering to? The parameter ' type' is an alias for ' method' which should be something like 'post' or 'get'. You should know what you are doing if you request the access token on the client side, as you will expose all data to any user which has access. – ju_ Nov 07 '19 at 17:07
  • @Verthosa, You mean pass them through in the data? I'm using postman to try and guide me (because I'm not having issues getting back the auth code through there) and it has separate fields for the grant type along with the username and password. So I'm assuming they are not the same. I did add in the grant type and it doesn't seem to be helping. The only reason I have the type as oath2 here was because I was trying anything and everything. If you look at the jsfiddle you'll see I have it as a post there. – zazvorniki Nov 07 '19 at 18:52
  • @ju_, I am working with an internal api. If you look at the jsfiddle you'll see that I have the type as post there. I only had it different here is because I was trying anything and everything to get it working. – zazvorniki Nov 07 '19 at 18:53
  • What do you mean with internal API? Did you implement/integrate an oauth server yourself? If you don't provide info, we can't provide help ;-) – ju_ Nov 07 '19 at 20:41
  • @ju_, it was something created in our company. I don't have any access to that code. – zazvorniki Nov 07 '19 at 20:56
  • @zazvorniki trying anything and everything will not work, look at your internal API documentations, https://www.digitalocean.com/community/tutorials/an-introduction-to-oauth-2 – Khushit Shah Nov 08 '19 at 13:48
  • @KhushitShah, when you hit a wall and nothing is working you try everything you can think of. There is no api documentation, for that our company would have to be organized. Why I was asking if my ajax call is set up correctly. – zazvorniki Nov 08 '19 at 14:17
  • @zazvorniki can you post your console and postman request with links blurred, that might help us to understand the problem better :-) – Khushit Shah Nov 09 '19 at 08:27
  • Hi @zazvorniki you might want to look at this example. [basic-authentication-using-javascript](https://stackoverflow.com/a/35043887/5833433) – Manik Nov 14 '19 at 16:40

1 Answers1

1

If it works in postman, but not in browser, may be a CORS error is occurred. Check out in dev tools of your browser if the Request Method of the call is POST or OPTION.

If the verb is OPTION you could receive an error without response body but you'll get also a log in console related to CORS issues.

If the error is CORS related you have to add CORS policies to your endpoint, and in the response header a Access-Control-Allow-Origin header that has as value the address where your frontend is located.

Mosè Raguzzini
  • 15,399
  • 1
  • 31
  • 43