Unable to use Acumatica's REST API in a website

0
votes

I am trying to use Acumatica REST API (2020 R1) in a website using the below code.

async function loginAcumatica(){
    try{
        const { apiUrl, clientId, clientSecret, username, password } = await getCredentials();
        const url = `${apiUrl}/identity/connect/token`;
        const result = await axios.post(url, {
            headers: {
                'content-type': 'application/x-www-form-urlencoded'
            },
            body: `grant_type=password&client_id=${clientId}&client_secret=${clientSecret}&username=${username}&password=${password}&scope=api`
        });
        console.log(result);
        return result;
        
    }catch(err){
        console.log(err);
    }
}

Client ID and Client Secret values are from Acumatica's Connected Application. I have used the Resource Owner Password Credentials Auth type while creating a new record in the Connected Application. Username and Password are user login credentials.

However, I am not able to connect to API and always keep getting errors. Is there something that I am missing or it's not feasible?

Thanks.

2
acumatica
It would help if you shared the error message you are gettingGabriel
I get HTTP Status code 415 with above request. But, even if I send the request in object format, I would get HTTP Status Code 400.Bikash Lama
Did you look with the Chrome developer tools what is the full request and response? Is your page running in the same domain as your Acumatica website? If not I suspect this is failing due to CORS - Acumatica does not have CORS headers set by default and browsers will block cross-origin requests.Gabriel
Yeah, I have checked the request and verified with the records passed on API Endpoint and also checked the response. Unfortunately, both are not in the same domain. And yes, we have requested Acumatica to enable CORS and they have confirmed it's been enabled. Also, we are now not getting the CORS error but only related to API request.Bikash Lama

2 Answers

0
votes

Error 415 suggests an error with body content type.

Acumatica Documentation has the parameters passed in the URL instead of the body when using the identity/connect/authorize endpoint.

It is not specified which body content type to use with identity/connect/token endpoint. It could be different than: application/x-www-form-urlencoded

0
votes

Acumatica REST API is designed in a way that it can't be consumed with Javascript with API Libraries such as fetch as it's deemed as unsafe since the login credentials and secrets would be exposed.