CORS Support for smarsheet API Access

Hi Folks, I am trying to invoke SmartSheet API from one of my web based application hosted on corporate domain inside javascript container using standard and XMLHttpRequest methods.

How ever i am getting an issue when accessing api.smartsheet.com over HTTP Post where its not allowed because the Allow-Access-Control-Origin header in response is not set AFAIK.

Any help is appreciated in getting this working on browser side.

Find more posts tagged with

API and Developers

Integrations

Comments

Jeff S

You'll likely need to modify your own application to provide the appropriate CORS header. CORS blocks requests from scripts running on the current domain to other domains. So in your case, whichever server is serving up your webpage on your corporate domain will need to provide the appropriate CORS header to allow requests to external domains, possibly by setting the Access-Control-Allow-Origin header to include api.smartsheet.com.

chgajjar65206

Well i am pretty sure its api.smartsheet.com is not including Allow-Access-Control-Origin in its response to pre-flight HTTP OPTION sent by javascript. I can double check and confirm.

chgajjar65206

Hi Jeff,

My code is otherwat around, user access the application first on our corporate web server and that application serves javascript code which try to access the api.smartheet.com.

I quickly checked and its actually api.smartsheer.com is not allowing request from my domain.

below is the error i see in Chrome browser console

Failed to load https://api.smartsheet.com/2.0/sheets/764503XXXX5662212/rows: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://fin-abc-def1.xyz.com' is therefore not allowed access.

I believe this is because the response header from api.smartsheet.com for the HTTP OPTIONS preflight request does not have Access-Control-Allow-* headers present for the browser to allow the access.

Punith C S

https://community.smartsheet.com/discussion/comment/108851#Comment_108851

How do I add header in api.smartsheet.com

Sign in to join the conversation!

Quick Links

Trending discussions

Does a view-only user need a license to use the API?
Hello everyone, I will need to use Smartsheet API to ingest data from Smartsheet to an object storage. To do that, my client will create a view only account for me. If I understand correctly, to use the API the account needs to be licensed, so we will need to pay for this "service account". That is correct?
Using Control Center to Track Folder Updates?
Hello, I am unsure of the feasibility of this goal but am hoping someone could provide some insight. Within my organization we have the following structure Workspace → Workspace → Folder. Within this folder we have additional folders that are added through an API integration we have setup. I am hoping we would be able to…
Will and API token for a report give access to the Sheet the Report generated from?
Hi, I have a large Smartsheet, I want to generate a row report that reduces information displayed down to a specific group. For that Row Report, if I were to generate an API token and share it to a third party, will that third part have access to the information on the original 'Grid' sheet, or will it be reduced to what…