Forum Discussion

vmalla's avatar
vmalla
Adept
7 years ago

Invalid Cross-Origin Request when trying to retrieve Session Key

Hi,

 

I'm trying to retrieve session key as per https://community.lithium.com/t5/Developer-Documentation/bd-p/dev-doc-portal?section=sessionauth

 

I was trying this using postman client(for testing).

 

<response status="error">
<error code="307">
<message>
Invalid Cross-Origin Request. Request origin: &apos;chrome-extension://fhbjgbiflinjbdggehcddcbncdddomop&apos; contains no matching allowed origin(s).
</message>
</error>
</response>

 

My aim is to write a set of API extractors to retrieve the data from lithium community via API.

 

 

 

8 Replies

Sort By
  • TariqHussain's avatar
    TariqHussain
    Boss
    7 years ago

    vmalla - Can you try to hit Get request and passing the user.login and password on URL? 

     

    /vc/authentication/sessions/login?user.login=login&user.password=pwd

  • vmalla's avatar
    vmalla
    Adept
    7 years ago

    Hi,

     

    Thanks for quick reply.

    I've tried as you suggested. I'm getting below error.

     

    <response status="error">
    <error code="302">
    <message>
    User authentication failed.
    </message>
    </error>
    </response>

  • TariqHussain's avatar
    TariqHussain
    Boss
    7 years ago

    vmalla - 

     

    Below is postman collection file. Save this file as .json and import it on POSTMAN tool.  After importing the file just update the URL and credentials. 

     

    {
	"variables": [],
	"info": {
		"name": "DEMO TEST",
		"_postman_id": "e2e70e34-333c-7fd3-59a1-9489427af7de",
		"description": "",
		"schema": "https://schema.getpostman.com/json/collection/v2.0.0/collection.json"
	},
	"item": [
		{
			"name": "API0AuthV1",
			"request": {
				"url": {
					"raw": "https://community.url/restapi/vc/authentication/sessions/login?user.login=USERNAME&user.password=PASSWORD",
					"protocol": "https",
					"host": [
						"community",
						"demo",
						"com"
					],
					"path": [
						"restapi",
						"vc",
						"authentication",
						"sessions",
						"login"
					],
					"query": [
						{
							"key": "user.login",
							"value": "USERNAME",
							"equals": true,
							"description": ""
						},
						{
							"key": "user.password",
							"value": "PASSWORD!",
							"equals": true,
							"description": ""
						}
					],
					"variable": []
				},
				"method": "GET",
				"body": {},
				"description": ""
			},
			"response": []
		}
	]
}
  • vmalla's avatar
    vmalla
    Adept
    7 years ago

    Hi TariqHussain,

     

    I'm still getting the same response !!

    302 if I use get and 'Invalid Cross-Origin Request.' if I use post method.

  • luk's avatar
    luk
    Boss
    7 years ago

    Same happens if you just enter the GET url into the browser address field and request it without the Postman extension?

  • vmalla's avatar
    vmalla
    Adept
    7 years ago

    Yes, If I use get request then I'm getting 302 error.

     

  • vmalla's avatar
    vmalla
    Adept
    7 years ago

    I'm able to get session key if I'm logged into my instance and turn on the interceptor in Postman. If I'm not logged into community or if I turn off my interceptor, I'm getting '302 User Authentication Failed' error.