Synopsis: Leverage the Online API JSON Callback parameter to make multiple/chained asynchronous JavaScript Cross-domain REST requests without an HTTP proxy, external AJAX library, or cross-domain policy file.
Workflow: Using only basic JavaScript and dynamic HTML, make a secure Online API REST request to obtain a token; then, using the token, make a subsequent request to obtain the list of report templates which are available with the authenticated and validated Online API subscription credentials.
Details: This is an unsupported sample which demonstrates the use of the Online API Callback parameter to make cross-domain requests from basic JavaScript code. Typically, browsers restrict cross-domain requests. In this sample code, a <script> tag containing a cross-domain URL is dynamically generated in JavaScript and placed in the Document Object Model (DOM). The JavaScript interpreter of the client is then able to submit the REST request without the typical restrictions associated with cross-domain requests. Since the Online API REST URL contains a Callback parameter value, the JavaScript code is able to programmatically "handle" the Web service response (when it arrives) since the response is "wrapped" in a named JavaScript function by the service. If the named JavaScript function exists in the client-side JavaScript code, the client application will call the function on receipt of the response data payload and process it accordingly.
This simple demo also demonstrates one way in which Online API subscription credentials can be secured. In this case, username and password fields are provided so the user can enter credentials information instead of needing to save it in the source code or elsewhere. When the user submits the credentials information, it is transmitted over SSL-encrypted HTTPS which is the save technology that secures e-commerce and financial transactions over the Web.