Dynamics CRM Web API from external site (javascript)

0
votes

I'm currently developing a javascript app and I'm trying to access the Dynamics CRM Web API to fetch some information from the CRM.

My app hosted inside an Azure App Service (and testing in localhost), and it's accessible only authenticated users (by microsoft), so when users try to load the app, the azurewebsites redirect them to the microsoft's common OAUTH login page (https://login.microsoftonline.com/common/oauth2/authorize?...).

After a successful login, users redirect back to my javascript app, and then when the document is ready, I would like to call the dynamics CRM web api to fetch some entity (via jQuery's ajax request), but I get the following error message in the JS console:

XMLHttpRequest cannot load https://MYTENANTID.crm4.dynamics.com/api/data/v8.1/contacts. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://MYAPP.local' is therefore not allowed access. The response had HTTP status code 401.

I know this is bacause of the same origin policy, the question is: is it possible access the API from client side at all, or I need to do it in a server side?

1
javascriptazureoauthdynamics-crm
Have you seen this SDK page? - Polshgiant
Thanks, I only find the Angular version of this ADAL.js tutorial, it seems I didnt googled enough. Thanks again! - RobbeR

1 Answers

0
votes

According to your error message, it seems to be a common CORS issue when we calling a request from the client side application to our backend server.

Usually, we will add response headers in backend server to support the CORS. And you can refer to https://www.asp.net/web-api/overview/security/enabling-cross-origin-requests-in-web-api for more info about how to enable Cross-Origin Requests in ASP.NET Web API.

And CRM 2016 has support CORS setting, please refer to https://msdn.microsoft.com/en-us/library/gg309589%28v=crm.8%29.aspx?f=255&MSPPError=-2147217396#bkmk_corsSupport for more info.