Forum Discussion

Leader

10 years ago

Making secure connection b/w Custom component and Endpoint using AJAX

Hi All, We are calling an endpoint from a custom component using Ajax. It works fine but we have one query - Is there a way we can authenticate the call at the endpoint that it was made from the ...

Gursimrat

Leader

10 years ago

Hi PaoloT, may be you can provide some insights to this?

PaoloT
Lithium Alumni (Retired)
10 years ago
Hi Gursimrat

ultimately if you make an AJAX call to any HTTP endpoint from the browser, it means that the endpoint itself must be accessible to the browser by definition. What the browser in question "can / cannot see" depends on who is using that browser, so ultimately I think the best way to secure it is to verify that the user accessing the Studio Endpoint has the right level of access for seeing the content provided by the endpoint.

In the endpoint you can use freemarker code to verify for example whether the user is registered or anonymous, or whether the user in question has a certain role etc... Would this give you enough power to control the access to your endpoint?

Cheers,

Forum Discussion

Making secure connection b/w Custom component and Endpoint using AJAX

Related Content

Aurora OpenID Connect/OAuth 2.0 setting descriptions

Passing multiple parameters to the endpoint from Component

Any cons of NOT using LITHIUM.jQuery when calling an endpoint from a component?

Call Endpoint from Custom Component

Unable to invoke a custom endpoint from another custom endpoint

Recent Discussions

Boosting a User

Google Tag Manager and Google Analytics Setup in Aurora platform

In Aurora, add additional <script> and <meta> tags

Incremental data for attachments in messages and replies

Incremental data for users data