Announcement

Collapse
No announcement yet.

CORS support for API

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    CORS support for API

    We're looking to embed some EspoCRM data in another application.

    Postman works fine, but in a browser console we're getting this:
    Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:3000' is thereforenot allowed access. The response had HTTP status code 401. If an opaque response serves your needs, set the request's mode to "no-cors' to get the resource with CORS disabled.

    Does Espo's API support CORS? If not, how would anyone use it outside of Postman or just extracting data from a non-web-app?

    thanks,
    Mike

    1 Photo
    Tags: None
    • Likes 1
  • #2
    CORS is not supported for security reason. To get data from EspoCRM use API https://www.espocrm.com/documentation/development/api/.
    Job Offers and Requests

    Comment

  • #3
    We are using the API. The API is returning this...

    Comment

    • #4
      mikeg13 You could try to enable it manually but this would be a technical debt since they mentioned that it is a security risk.

      Check this link. https://github.com/espocrm/espocrm/issues/270

      Comment

      • #5
        I experienced this problem. You need to get it with the Get parameter and place the headers properly. mikeg13 If you write sample codes, we can help.

        Comment

        • #6
          gundogduyakici - is this on your own implementation or on a hosted EspoCRM instance? I was able to get it working by deploying on my own server, but doesn't look like Espo-hosted will do it?

          Comment

          • #7
            There is no problem with EspoCRM. I am logging in via the EspoCRM API. mikeg13

            Comment

            • #8
              Hi guys, reviving this thread to see if anyone manage to get some success, I"m currently playing with an low-code software call AppGyver ( https://platform.appgyver.com/ ), getting stuck linking to EspoCRM API, work fine if using Postman but always issue when trying to get API working elsewhere.

              Anyone know how to solve this issue or know how it can be done?

              The error I get when I do a test is:
              Error: TypeError: Failed to fetch. Does the server allow CORS?status: undefined

              Doing a search and came across this thread which is quite old so not sure if still valid.

              Comment

            • #9
              CORS middleware · Issue #2755 · espocrm/espocrm
              https://github.com/espocrm/espocrm/issues/2755
              Middleware class: Espo\Tools\Api\Cors\Middleware. Can be added to the global list or to specific routes or controllers. If added to the global list, you also need to add routes. Routes example: [ {...
              • Likes 1

              Comment

              Previous template Next
              Working...
              X