Enable CORS for oauth_token.do?

nickg111
Kilo Contributor

‎05-25-2017 12:03 AM

Hi all,

We're currently building a bespoke (angular) Web Portal, and are authenticating the users with SNOW (Geneva) using the oauth_token.do service...

Unfortunately, we're hitting the following CORS issue:

XMLHttpRequest cannot load https://myserver.service-now.com/oauth_token.do. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://thebespokewebportal.com:9999' is therefore not allowed access. The response had HTTP status code 401.

Normally when we hit these issues with REST services, I'd Define a CORS rule... unfortunately I can't find out how to do this for the oauth_token.do service.

Can anyone point me in the right direction?

Thanks,

Nick

P.S.

Labels:
  • 2,600 Views
12 REPLIES 12

joeho
Kilo Contributor

‎08-28-2017 12:01 PM

Any updates on this? Seems silly that CORS would work for other portions of the API, but you cant use any of the API since the OAuth2 endpoint doesn't support CORS, which prevents you from getting a valid token.


0 Helpfuls

Dan Franko2
Kilo Contributor
In response to joeho

‎10-18-2017 01:10 PM

Did you ever figure this out?


0 Helpfuls

ben_amiot
Kilo Explorer
In response to Dan Franko2

‎01-15-2018 07:32 PM

No, we're using a NodeJS to process the query through an HTTP proxy...


0 Helpfuls

Community Alums
Not applicable

‎01-17-2018 06:35 PM

No answers yet? we are having the same problem from a hybrid application with Kingston


0 Helpfuls

Lucas Vieites
Tera Guru
In response to Community Alums

‎03-26-2024 08:28 AM

Yes, there is an answer, see my previous post: it seems CORS is not supported for the call to /oauth_token.do. See: KB0685152

0 Helpfuls