CORS (Cross-origin resource sharing) in Salesforce

Cross-origin resource sharing (CORS) is a mechanism that allows restricted resources on a web page to be requested from another domain outside the domain from which the first resource was served.

To allow client applications running in a web browser to access Salesforce information, you need to register the origin first. On your Salesforce ORG, go to Setup -> Security -> CORS. Include all the domains that need to access Salesforce resources through a web browser.

Salesforce will return the origin in the "Access-Control-Allow-Origin HTTP" header, along with any additional CORS HTTP headers, hence the browser will allow the request.

These Salesforce technologies support CORS.
Analytics REST API
Bulk API
Chatter REST API
Salesforce IoT REST API
Lightning Out
User Interface API

No comments:

Post a Comment