By: Master Kumar user 29 Aug 2018 at 1:17 p.m. CDT

2 Responses
Master Kumar gravatar
I am trying to call SCIM API https://mydomain.com/identity/restv1/scim/v2/Users/<inum> by passing the Authorization header, http method as post from Postman its working fine. But the same when trying to call the same API using ajax call in a html page (file:///D:/test/index.html) its doing preflight (http method: OPTIONS) check and failing. I did check the cors filter configuration and was not sure why its still failing. I think its because in response to preflight check request Location with some url is coming Do let me know if i am missing something or doing wrong here

By Michael Schwartz staff 29 Aug 2018 at 1:27 p.m. CDT

Michael Schwartz gravatar
You should not be able to call SCIM from a javascript client. There would be no way to sufficiently hide a client secret.

By Master Kumar user 30 Aug 2018 at 4 a.m. CDT

Master Kumar gravatar
I agree with you, in my case i have client applications that are developed using HTML5,CSS, Javascript/JQuery/Ajax/.. which would be making the API calls directly. So please let me know how to proceed in this case.