1

I'm trying to make a GET request to the Asana API from the browser. Because this is a cross-domain request, the client first sends an OPTIONS request. I'm running into the same issue that was described in this Stack Overflow question a year ago, ASANA API and Access-Control-* headers, where the Asana API doesn't respond with the Access-Control parameters.

I'm wondering whether the new release of the Asana Connect and OAuth2 addresses this problem and I'm simply doing something wrong or if this is still unsupported.

Community
  • 1
  • 1
user2293694
  • 11
  • 2

1 Answers1

1

(I work at Asana.) Sorry, looks like this slipped through the cracks.

We currently do not allow Cross-Origin requests. However, we do support JSONP if you use Oauth2 and authenticate with a bearer token. This allows you to make secure requests from a JS client.

Just append opt_jsonp=CALLBACK as a parameter to the request, where CALLBACK is the name of the javascript function you would like to be called back with the response data.

Greg S
  • 2,079
  • 1
  • 11
  • 10
  • Has JSONP support been implemented for all API calls? I'm able to get an authorization token via OAuth2. However, when I make API calls with "?jsonp=..." I just get a JSON object back rather than the expected JavaScript code. – jbl May 05 '13 at 23:41
  • Terribly sorry, the answer should have read you use ?opt_jsonp= instead of ?jsonp= as all of our options are prefixed with opt_. I've edited the answer, and apologize for any frustration that may have caused you. – Greg S May 06 '13 at 18:12