Rest API Service problem from javascript

3studio · ‎Sep 26, 2017

Hi,

I'm trying to create a function call to a service with javascript.

This is my code:

var data = "{\n\t\"input\":{\n\t\t\"space\": \"Hki Pa A 109\",\n\t\t\"type\": \"TEMP\"\n\t}\t\n}";

var xhr = new XMLHttpRequest();

xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {

if (this.readyState === 4) {

console.log(this.responseText);

}

});

xhr.open("POST", "https://server-address/Thingworx/Things/PWIMAPI/Services/GetMeasurementPoints");

xhr.setRequestHeader("accept", "application/json");

xhr.setRequestHeader("content-type", "application/json");

xhr.setRequestHeader("appkey", "my-app-key");

xhr.setRequestHeader("cache-control", "no-cache");

xhr.send(data);

If I run this in postman it returns the correct json-content, but when I run it in a HTML-file on the server I get:

Status Code:

401 Unauthorized

Have anyone had a similar problem before? Any suggestion how to solve this?

posipova · ‎Sep 26, 2017

How are you authenticating?

3studio · ‎Sep 26, 2017

No extra authentication, just with the appkey.

posipova · ‎Sep 26, 2017

Appkey in the url? Is it an 8.0 instance?

If so, https://community.thingworx.com/community/developers/blog/2017/06/08/new-technical-changes-in-thingworx-800#comment-3989

"The Allow Application Key as URL Parameter option can be enabled or disabled on the ThingWorx PlatformSubsystem’s configuration page, accessible at System > Subsystems > PlatformSubsystem > Configuration."

3studio · ‎Sep 26, 2017

No it's not an 8.0 instance.

I haven't tried to pass it in the URL, I would rater pass it as it in the header. I mean it's working if I use the Postman plugin (in chrome). I also have it working from a Unity3D project, but when I add it as a javascript function that is run when a webpage loades then it won't authenticate.

posipova · ‎Sep 26, 2017

If you open your browser developer tools, can you see any more detailed errors in the activity?

3studio · ‎Sep 27, 2017

Failed to load "My Service URL": Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin "Webpage domain URL" is therefore not allowed access. The response had HTTP status code 401.

Am I missing some header tag on my webpage?

CarlesColl · ‎Sep 27, 2017

We have an Ionic App working, the only difference between our code and yours:

xhrfetchdata.open("POST", "url" ,true);

//setting up headers

xhrfetchdata.setRequestHeader("Content-Type", "application/json");

xhrfetchdata.setRequestHeader("Accept", "application/json");

xhrfetchdata.setRequestHeader("x-thingworx-session", "true");

xhrfetchdata.setRequestHeader("appKey", token);

3studio · ‎Sep 27, 2017

Is your URL also a https or is it a http?

CarlesColl · ‎Sep 27, 2017

https of course.

pkg · ‎Apr 04, 2018

i am Also facing the similar error. please help..

Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access. The response had HTTP status code 401.

My code

<!DOCTYPE html>
<html>
<body>
<h2>Calling ThingWorx Restful Api using XMLHttpRequest Object</h2>

<div id="demo">
<button type="button" onclick="loadXMLDoc()">Call Thingworx Restful Service</button>
</div>
<script>
function loadXMLDoc() {
var xmlhttp;
var Data = JSON.stringify({
"ExtendFlag": "173"
});

</body>
</html>

I am using this stand alone Page.

ThingWorx version - 7

Tomcat version - tomcat 8

@CarlesColl

pselvaraj-1 · ‎Dec 08, 2017

Try, append method=POST in your URL.

POST - to execute/invoke tx services via url.