REST API CORS block

Hi

I can successfully connect to Anaplan using Postman. Can do all the necessary calls and get returned data. However, if I try to access the REST API via REACT, Angular or even regular webpage I am always blocked by CORS.

Can anyone offer some advice on this?

Best Answer

  • I did a try in Meteor.js and my requests are actually going out via the node server so I haven't encountered that problem

Answers

  • Web browsers implement the same-origin policy (https://en.wikipedia.org/wiki/Same-origin_policy) for good reasons. I expect that policy is what is preventing you from accessing the API from a script in a browser page. Cross-origin resource sharing (CORS) is a selective relaxation of that policy so you are not so much blocked by CORS as by an absence of it. Postman is a different scenario as the requests route through it rather than passing directly from the browser to Anaplan's API.

  • Thanks for the feedback Ben. Agree with what you said.

    I am hoping to confirm with someone in the know that the functionality is actually blocked for web access... I did try to implement the REST calls in Ionic but as that also implements a mobile web view I suspect that I am getting the same CORS block.

    Question then is... Has anyone implemented Anaplan REST APIi in a native mobile app?

  • Thanks Nathan.

    That answered it for me.

  • @stefangas  Hi ,

    Modify the server to add the header Access-Control-Allow-Origin: * to enable cross-origin requests from anywhere (or specify a domain instead of *). This should solve your problem.

    Or else you can install a extension for chrome or any other browser which can bypass the CORS process.

     

    Thanks 

    Abhay