Reputation: 11
Asana API Cross-Domain Request Access Control Headers
I'm trying to make a GET request to the Asana API from the browser. Because this is a cross-domain request, the client first sends an OPTIONS request. I'm running into the same issue that was described in this Stack Overflow question a year ago, ASANA API and Access-Control-* headers, where the Asana API doesn't respond with the Access-Control parameters.
I'm wondering whether the new release of the Asana Connect and OAuth2 addresses this problem and I'm simply doing something wrong or if this is still unsupported.
Upvotes: 1
Views: 291
Answers (1)
Reputation: 2079
(I work at Asana.) Sorry, looks like this slipped through the cracks.
We currently do not allow Cross-Origin requests. However, we do support JSONP if you use Oauth2 and authenticate with a bearer token. This allows you to make secure requests from a JS client.
Just append opt_jsonp=CALLBACK as a parameter to the request, where CALLBACK is the name of the javascript function you would like to be called back with the response data.
Upvotes: 1
Related Questions
- Unable to add Access-Control-Allow-Origin header on API response
- How do I enable custom headers with CORS?
- Set CORS header in ASP.NET HTTP response
- How to allow Access Control Header to access a remote API in cross-domain?
- How to implement "Access-Control-Allow-Origin" header in asp.net
- Multiple Access-Control-Allow-Origin headers
- Allow headers in cross-domain ajax request
- set access control headers for same domain requests
- Access-Control-Request-Header: - x-requested-with
- Can I set headers in cross domain json requests?