Skip to content
+1-888-319-3663

HELP ARTICLE

No ‘Access-Control-Allow-Origin’ header is present on the requested resource.


Issue

‘I’m trying to call the SmartConnect API from my web app, but I receive this error…’

This error is returned, because Cross-origin resource sharing (CORS) is not allowed by the SmartConnect API. If the service allowed this, it would expose you to Cross-Site Request Forgery (CSRF) attacks. If we look beyond the security concerns when accessing the SmartConnect web service from a browser, there are also performance concerns, due to the nature of the SmartConnect API.

  • MapRun endpoints can be long running. What happens while the map runs?
    • Will the browser freezes?
    • Will it lose the result of success/failure if the user browses away from the page?
  • GetData endpoints will load large XML data tables to your browser that will be parsed, by the browser.

Resolution

Because we can’t interact with the SmartConnect API from the browser, we need to write the app so it will run the calls to the SmartConnect API as background tasks on the server. Once the process completes, the result can be sent back to the browser. The browser should never attempt to directly access the SmartConnect API.

This is how the SmartConnect real-time integrations use the API. This will resolve both the security and performance concerns.

Security: The credentials for the SmartConnect API are not stored in the browser or passed from an unsecured location to SmartConnect. They are instead processed from the server directly.

Performance: Long running endpoints are going to be handled by the server even if a user navigates from the active page. If the GetData endpoint is called, the resulting data can be filtered/formatted on the server before being sent to the browser.

If you have any further questions, you can email us at support@eonesolutions.com.

RECENT POSTS


Use the REST Connector to parse nested Value Arrays
SmartConnect email task fails with error: An invalid character was found in the email header
Does SmartConnect import into Avalara Avatax software
Could not initialize a collection when launching SmartConnect
ERROR [HY000] [Microsoft][ODBC Excel Driver]General error Unable to open registry key when you open a SmartConnect map.

POPULAR POSTS


SSL Security error using OLEDB Connection
This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms
Removed Part: /xl/vbaProject.bin part. (Visual Basic for Applications (VBA))
The server process could not be started because the configured identity is incorrect.
Using WINSCP and a task to upload or download files from an SFTP site

CATEGORIES

TAGS

Business Central CRM D365 Business Central Dynamics 365 dynamics crm Dynamics GP Dynamics NAV Econnect Employee Spotlight eone eOne News error Error Message Events Excel Excel Report Builder Extender Flexicoder GP integration Map Meet the Team Microsoft dynamics crm Microsoft Dynamics GP Navigation List Builder Office Relationships partners Popdock release Reporting SalesForce SalesForce.com SmartConnect SmartConnect.com SmartConnect Bootcamp SmartConnect Maps SmartConnect Office Hours SmartList SmartList Builder SmartPost SmartView SQL Tech Tuesday Templates training

Integrate & Automate without Any Code.

SmartList Data has Never Been Faster.

The Easiest Way to Report on GP Data.