0
I need to use the Olist API, through a callback, but I’m getting error when performing the POST request that would return the access_token.
The flow would be:
- Use callback/getlink to send client_id via GET to https://id-sandbox.olist.com/openid/authorize
- To https://id-sandbox.olist.com/openid/authorize automatically opens callback/Olist? code=codereturned&&secret=secretreturned
- The callback/Olist requests via POST the access_token, sending the secret and code returned in step 2
- With the return of step 3, the callback/Olist saves the access_token in the database to use
However, in step 3, I cannot send the POST request through the browser, returning the previous image error. Using POSTMAN and sending the data directly to the API I can, but it is necessary to go through the callback/Olist to save the token. In the GET request, I used dataType: 'jsonp', thus avoiding CORS, but in the POST request it is not possible to use it.
The code for the request is:
$.ajax({
url: url,
method: 'post',
dataType: 'json',
processData: false,
data: function(){
var formDataAuth = new FormData();
configJson = JSON.parse('<?= $configJson ?>');
formDataAuth = new FormData();
formDataAuth.append('client_id', configJson.code);
formDataAuth.append('grant_type', 'authorization_code');
formDataAuth.append('client_secret', configJson.secret);
formDataAuth.append('redirect_uri', configJson.callback);
formDataAuth.append('code', configJson.key);
return formDataAuth;
}(),
success: function(data) {
savetoken(data);
console.log(data);
},
error: function(data) {
console.log('erro', data);
},
});
Does the error occur because some information is missing from the request? Can it occur because you do not have an SSL? Or for another reason?
So there’s nothing I can do to fix this, right?
– João Mário
Is this site you’re requesting for yours? Is it an API with an access key? I believe there must be some section in their documentation about CORS
– Sergio Carvalho
It’s an API, Olist is the name. https://dev.olist.com/docs/authentication this is the documentation, I searched but found nothing
– João Mário