csmith
July 14, 2015, 9:46am
2
This might be because your AJAX query is not sending the Origin header. This is mandatory for CORS to work. See the following… let us know if that does fix your issue?
In your API key registration, did you configured the domain (s) that you are making the Ajax request from? If you do not do this, our API will not negotiate permission with the CORS protection implemented by your client.
Generally, an API with CORS protection will compare the Origin: header sent by a JS client against an authorisation list. If a match is made, an Access-Control-Allow-Origin: matched-domain is sent back which authorises the client.
Log onto the developer hub and edit your API k…