Since I develop the api of the xero, when I get then token is right[https://identity.xero.com/connect/token], but then i request tenantId[https://api.xero.com/connections] show me the error "cross-origin", but it can run in postman. I do not want to use only sdk e.g Nodejs, C#, but ajax
Asked
Active
Viewed 279 times
1 Answers
0
It's probably the same answer as in this question: Connecting to Xero OAuth2 from localhost give CORS Erros
"The Xero Identity provider doesn't currently support the PKCE flow from SPAs and Mobile devices – it only supports code flow from server-side web applications (where you provide the client_secret). This means you can't currently access the xero API directly from a browser-based application."
Note that the server which accepts your connection is identity.xero.com, for which you're probably using Basic authorisation containing a client id & secret, whereas the server that doesn't accept your connection, api.xero.com, requires Bearer authorisation containing just the access key.
UglyBlueCat
- 439
- 1
- 7
- 22