How to Enable Cross-Domain Requests

About Cross Domain Communication for SmartHub

In case you are calling the SmartHub APIs from a different domain via JavaScript code, web browsers block the requests unless you enable Cross Domain communication (for example, CORS) for SmartHub.

You must configure the domains that are allowed to call the SmartHub API.

Valid options:

• One specific domain such as https://domain1.com
• Wild-card ( * ) that permits all the domains

How to Configure SmartHub for Cross-Domain Requests

First, navigate to the web.config file and open it.

1. Uncomment the section about cross-domain requests:
   
   
   
   

2. Edit the value of the Access-Control-Allow-Origin and change it to the URL of your site.
   Note! the URL cannot end with a "/" character. Also, the URL must always start with the protocol ("http" or "https") or * to allow any domain to make requests to the API.

   Note: Even though * is a valid Origin value, it is not the best practice.

   There is no alternative way in the header specification to provide comma separated values for multiple domains.

   BA Insight recommends you follow the steps in the section "Enable Cross-domain Requests for Multiple URLs" below which enables you to specify specific domains that are allowed to make the cross-domain requests to the API.

Enable Cross-domain Requests for Multiple URLs

To support multiple URLs for Cross-domain requests:

1. Open and modify the file web.config 

2. Uncomment the section EnableCorsModule: