These forums have now been archived and will be removed Monday, 16th April, 2018. We now have new and improved forums located here to discuss everything Elvanto.

CORS Support


The OAuth supports user_agent authentication which is most commonly used by in-browser applications that authenticate and work directly with the Elvanto API rather than going via a server.  Using that approach a single-page JavaScript app can get an access token easily enough but the API calls don't allow cross origin requests so it can't actually access any of the APIs (absent a server proxying the requests).

It would be really useful if the API endpoints used CORS to allow cross origin requests. With the right set up, any origin could be allowed securely but if there are concerns, an allowed origin could be specified as part of configuring the integration.


Adrian Sutton

Hi Adrian,

Just to let you know that this will be added into V2 of our API. At this point we won't be adding it into V1.

Hope this helps,


Hi Adrian,

Thanks for the email.

I'll pass this along to the developers and see what their thoughts on the matter are. We are currently working on V2 of the API so it may not make an appearance in the current API and it may have to wait until V2. Once I hear back from the developers I'll update this thread.