Skip to content


No ‘Access-Control-Allow-Origin’ header is present on the requested resource.


‘I’m trying to call the SmartConnect API from my web app, but I receive this error…’

This error is returned, because Cross-origin resource sharing (CORS) is not allowed by the SmartConnect API. If the service allowed this, it would expose you to Cross-Site Request Forgery (CSRF) attacks. If we look beyond the security concerns when accessing the SmartConnect web service from a browser, there are also performance concerns, due to the nature of the SmartConnect API.

  • MapRun endpoints can be long running. What happens while the map runs?
    • Will the browser freezes?
    • Will it lose the result of success/failure if the user browses away from the page?
  • GetData endpoints will load large XML data tables to your browser that will be parsed, by the browser.


Because we can’t interact with the SmartConnect API from the browser, we need to write the app so it will run the calls to the SmartConnect API as background tasks on the server. Once the process completes, the result can be sent back to the browser. The browser should never attempt to directly access the SmartConnect API.

This is how the SmartConnect real-time integrations use the API. This will resolve both the security and performance concerns.

Security: The credentials for the SmartConnect API are not stored in the browser or passed from an unsecured location to SmartConnect. They are instead processed from the server directly.

Performance: Long running endpoints are going to be handled by the server even if a user navigates from the active page. If the GetData endpoint is called, the resulting data can be filtered/formatted on the server before being sent to the browser.

If you have any further questions, you can email us at


Creating an Integration in
eConnect error - Login failed for user
32 bit Excel Add-in for SmartConnect 21 does not appear after installing.
Connection could not be validated when using Excel data source
Salesforce Error: Unable to create/update fields check security settings


SSL Security error using OLEDB Connection
This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms
Removed Part: /xl/vbaProject.bin part. (Visual Basic for Applications (VBA))
The server process could not be started because the configured identity is incorrect.
Using WINSCP and a task to upload or download files from an SFTP site



Business Central CRM D365 Business Central Dynamics 365 dynamics crm Dynamics GP Dynamics NAV Econnect Employee Spotlight eone eOne News error Error Message Events Excel Excel Report Builder Extender Flexicoder GP integration Map Meet the Team Microsoft dynamics crm Microsoft Dynamics GP Navigation List Builder Office Relationships Partner All Hands Call Popdock promotions release SalesForce SmartConnect SmartConnect Bootcamp SmartConnect Maps SmartConnect Office Hours SmartList SmartList Builder SmartPost SmartView SQL Tech Tuesday Templates training

Integrate & Automate without Any Code.

SmartList Data has Never Been Faster.

The Easiest Way to Report on GP Data.