Forum Discussion

Leader

10 years ago

Making secure connection b/w Custom component and Endpoint using AJAX

Hi All, We are calling an endpoint from a custom component using Ajax. It works fine but we have one query - Is there a way we can authenticate the call at the endpoint that it was made from the ...

Gursimrat

Leader

10 years ago

Hi PaoloT, may be you can provide some insights to this?

PaoloT
Lithium Alumni (Retired)
10 years ago
Hi Gursimrat

ultimately if you make an AJAX call to any HTTP endpoint from the browser, it means that the endpoint itself must be accessible to the browser by definition. What the browser in question "can / cannot see" depends on who is using that browser, so ultimately I think the best way to secure it is to verify that the user accessing the Studio Endpoint has the right level of access for seeing the content provided by the endpoint.

In the endpoint you can use freemarker code to verify for example whether the user is registered or anonymous, or whether the user in question has a certain role etc... Would this give you enough power to control the access to your endpoint?

Cheers,

Forum Discussion

Making secure connection b/w Custom component and Endpoint using AJAX

Related Content

Passing multiple parameters to the endpoint from Component

Any cons of NOT using LITHIUM.jQuery when calling an endpoint from a component?

Call Endpoint from Custom Component

Unable to invoke a custom endpoint from another custom endpoint

how to make implement endpoint with ajax?

Recent Discussions

Not able to access V1 API's form reference index.

Will adding/changing a custom tag trigger a Community event?

How to convert Endpoints to GraphQL queries?

Seeking Advice on Restricting Access to a posts to those who have the permalink.

How do I get the article ID in Freemarker in a TkbArticle?