In order to integrate Indyco Explorer with other tools and to use its API across different domains. it is necessary to enable CORS on Indyco Explorer.
To enable CORS you have to:
Enable Anonymous autentication on your site
Add to web.config file the following lines
To delimit anonymous autentication only for HTTP OPTIONS method that is used only for cors handshake
Under configuration > system.web > authorization element:
<allow verbs="OPTIONS" users="*" /> <deny users="?" verbs="GET, POST, PUT, DELETE" />
Under configuration > system.webServer > httpProtocol > customHeaders element:
<add name="Access-Control-Allow-Origin" value="<your-domains-request>" /> <add name="Access-Control-Allow-Methods" value="*" /> <add name="Access-Control-Allow-Credentials" value="true" /> <add name="Access-Control-Allow-Headers" value="Accept,Content-Type,X-Requested-With" />
<your-domains-request> includes the request's origin domains allowed. (only one domain is allowed)
How to call indyco Explorer APIs from jQuery
Here is a cample POST call:
$.ajax({
url : '<url-to-your-server>',
type : 'POST',
dataType : 'json',
data : json,
contentType : 'application/json;charset=utf-8',
success : <your-success-callback>,
error : <your-error-callback>,
crossDomain : true,
xhrFields: {
withCredentials: true
}
});Among other parameters, you have to check for the crossDomain and xhrFields values:
- crossDomain must be set to true (this will force a cross domain request allowing, for example, server-side redirections to other domains)
- xhrFields must contains a 'withCredentials' property set to true in order to force an authenticated request to the indyco web server.