I am new to the ClearPass API, and having issues with the CORS requests.
Using XMLHTTPRequest I have been trying to send a POST request to the ClearPass server but the preflighted OPTIONS request returns a 403 Forbidden.
var xmlhttp = new XMLHttpRequest();
var url = "https://websitename/api/oauth";
xmlhttp.onreadystatechange = function () {
if (this.readyState == 4 && this.status == 200) {
console.log(this.responseText);
}
};
xmlhttp.open("POST", url, true);
xmlhttp.setRequestHeader("Content-Type", "application/json");
xmlhttp.send(JSON.stringify({
"grant_type": 'password'
, "username": username
, "password": password
, "client_id": 'NameOfAPIClient'
}
));
In API Framework > Allowed Origins
I have tried to specify both * and a specific domain with no luck. I have created a API client, with a grant_type = password, and set the client as a public (trusted) client.
All the documentation and examples that I have seen use curl to test the clien which bypasses this OPTIONS request issue. Is it possible to make these API calls using just javascript?