Differences

This shows you the differences between two versions of the page.

--- 712:collector_data_rest_api [2026/02/06 09:48] – ST-37703: Added section on CORS configuration Deutschmann, Niklas
+++ 712:collector_data_rest_api [2026/02/18 09:33] (current) – [Cross-Origin Resource Sharing] Deutschmann, Niklas
@@ Line 268: / Line 268: @@
 ==== Cross-Origin Resource Sharing ====
-Starting with Stages 7.12.5, CORS (Cross-Origin Resource Sharing) can be configured for collector data API requests. This configuration change is **only** needed when another web application needs to make **client-side HTTP** requests to the API (because the same-origin policy is only enforced in web browsers)
+Starting with Stages 7.12.5, CORS (Cross-Origin Resource Sharing) can be configured for collector data API requests. This configuration change is **only** needed when another web application needs to make **client-side HTTP requests** to the API (because the same-origin policy is only enforced in web browsers)
-The following configuration can be added to ''web-customer.xml'' (at the beginning right after the opening ''<web-app>'' tag). The ''cors.allowed.origins'' parameter can ''not'' be set to "*", so you can not allow API requests from any origin.
+The following configuration can be added to ''web-customer.xml'' (at the beginning right after the opening ''<web-app>'' tag). The ''cors.allowed.origins'' parameter can **not** be set to "*", so you can not allow API requests from any origin.
 <code xml>
 <filter>
@@ Line 299: / Line 299: @@
 </code>
+**Testing your configuration:**
+The best way to test the configuration:
+  * Go to the website that should be the origin of the API requests (https://stages-api-client1.example.com in the example above)
+  * Open the browser's developer tools (F12)
+  * In the "Console" tab, execute the following request
+<code>
+fetch("https://<Stages Server URL>/stages/api/1/collectordata/<Record Key>", { headers: { "Authorization": "Bearer <API Token>" }}).then(r => r.json()).then(console.log);
+</code>