cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

SharePoint Office 365 : CORS issue, REST API call to other application from SharePoint Online

amalwayscharan
Copper Contributor

‎Jul 29 2019 07:48 AM - edited ‎Jul 29 2019 12:39 PM

‎Jul 29 2019 07:48 AM - edited ‎Jul 29 2019 12:39 PM

SharePoint Office 365 : CORS issue, REST API call to other application from SharePoint Online

When trying to access 3rd party REST API (EasyVista) from SharePoint web page, it shows No 'Access-Control-Allow-Origin' header is present on the requested resource.

I've tried passing username and password in jQuery headers, I checked the access-that wasn't the issue. SO, I checked the developers tools to find that CORS is the issue.

function loadListItems() {
        var oDataUrl = "<Other applicaiton REST URL>";
        var username = "restapi";
        var password = "xxxxx"
      //  console.log(_spPageContextInfo);        $.ajax({                url: oDataUrl,                type: "GET",                dataType: "json",                crossDomain: true,                headers: {
                        "Authorization" : 'Basic' + btoa(username + ":" + password),
                        "accept": "application/json;odata=verbose"
                },                success: successFunction,                error: errorFunction
        });
}

Here is the complete error message : Access to XMLHttpRequest at '' from origin '' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

 

This is what I heard back from MS Support : In case of SharePoint Online, we need to use OAuth to get data from your custom api.

I do not know how to achieve this, any help would be greatly appreciated.

 

I've tried many other articles, I couldn't find a proper solution, any guidance would be much appreciated. @SharePoint dev @MTSharePoint 

28.3K Views
1 Like
3 Replies
Reply
3 Replies
best response confirmed by Beau Cameron (MVP)
Paul Pascha

‎Jul 29 2019 10:38 PM

‎Jul 29 2019 10:38 PM

Solution

Re: SharePoint Office 365 : CORS issue, REST API call to other application from SharePoint Online

CORS policies need to be configured on the EasyVista side to allow calls from JavaScript hosted in your SharePoint site which is in another domain. I don't know EasyVista and the options it provides for configuring CORS, maybe it provides support for JSONP as an alternative.

Alternatively you could develop your own Web API as a wrapper around the EasyVista service and configure CORS for your Web API. Server-side calls between your Web API and EasyVista won't be an issue.

Does this make sense?
0 Likes
Reply
amalwayscharan

‎Jul 30 2019 11:58 AM

‎Jul 30 2019 11:58 AM

Re: SharePoint Office 365 : CORS issue, REST API call to other application from SharePoint Online

Thank you @Paul Pascha, for your reply. I don't think EasyVista has a way to enable CORS on it's end. I checked their documentation, it doesn't mentioned anything related to CORS. 

 

I like you alternative suggestion, a quick question here : Is this the only way to access 3rd party API with CORS issue? Or should I research on SPFX/OAuth ? 

 

Pardon my ignorance if any, I'm still learning the SP framework

0 Likes
Reply
Toby Statham

‎Aug 05 2019 01:38 AM

‎Aug 05 2019 01:38 AM

Re: SharePoint Office 365 : CORS issue, REST API call to other application from SharePoint Online

@amalwayscharan Try using the SPHttpClient to make calls to the API (context.spHttpClient) . This is setup to send CORS friendly calls.

 

Have a look here for an overview of making calls to APIs with CORS setup - https://tahoeninjas.blog/2019/02/05/getting-around-cors-issues-in-spfx-with-sphttpclient/

0 Likes
Reply
1 best response

Accepted Solutions
best response confirmed by Beau Cameron (MVP)
Paul Pascha

‎Jul 29 2019 10:38 PM

‎Jul 29 2019 10:38 PM

Solution

Re: SharePoint Office 365 : CORS issue, REST API call to other application from SharePoint Online

CORS policies need to be configured on the EasyVista side to allow calls from JavaScript hosted in your SharePoint site which is in another domain. I don't know EasyVista and the options it provides for configuring CORS, maybe it provides support for JSONP as an alternative.

Alternatively you could develop your own Web API as a wrapper around the EasyVista service and configure CORS for your Web API. Server-side calls between your Web API and EasyVista won't be an issue.

Does this make sense?

View solution in original post

0 Likes
Reply