Controller (SaaS, On Premise)

Showing results for 
Search instead for 
Did you mean: 

Accessing Controller API from Web App


I'm running into issues making REST calls to our controller API when calling through a web app.  When I make the same call via Postman or Fiddler it authenticates and responds as expected.  When calling programatically via a web client, I get back a 401 Unauthorized response.


URL: https://<my Saas Controller host>:<port>/controller/api/accounts/<Account id>/users

Key: Authorization  Val: Username@AccountName:Password (Base64 encoded)


Any suggestions as to why the discrepancy?  Or what needs to change to allow calls from the web client?

Accessing Controller API from Web App

Posting some additional detail following research:


When I add the Authorization request headers, CORS causes the browser to treat this as a Preflight request and changes the request method to OPTIONS.  The thing I'm struggling with is if I remove the Authorization header, the API will not be able to authenticate me. 


The relevant angular code below is what I'm using, cut out unneccesary details:



const httpOptions = {
headers: new HttpHeaders({
'Content-Type': 'application/json',
'Authorization': 'Basic <Base64 encoded username@client:password>'

export class UserService {
private usersUrl = 'https://<controller><client id>/users';
getUsers(): Observable<User[]> {
return this.http.get<User[]>(this.usersUrl, httpOptions)
tap(_ => this.log('fetched users')),
catchError(this.handleError('getUsers', []))