Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Cannot access REST API via Javascript Client

Lyonis
Engager
‎05-05-2015 07:24 AM

Splunk 6.1.5

Writing a test application for using REST API using Client JavaScript I got this error

XMLHttpRequest cannot load https://localhost:8089/services/auth/login?output_mode=json. Request header field X-Splunk-Form-Key is not allowed by Access-Control-Allow-Headers.

The app is:

    var http = new splunkjs.JQueryHttp();

    var service = new splunkjs.Service(http,{
      scheme:"https",
      host: "localhost",
      port: 8089,
      username: "username",
      password: "password",
      version: "6.1"
    });

    service.apps().fetch(function(err, apps) {
        if (err) {
            alert("Error listing apps");
            return;
        }
        var myapps = "";
        var appsList = apps.list();
        for(var i = 0; i < appsList.length; i++) {
            myapps += "App " + i + ": " + appsList[i].name + "<br/>"
        } 

        document.getElementById("applist").innerHTML=myapps;
    });

In server.conf i enalbled cross origin

[httpServer]
crossOriginSharingPolicy = *

(If I set crossOriginSharingPolicy = https://localhost:8089 doesn't work)

Tags (2)
Reply

mgarciar
Path Finder
‎01-11-2017 06:48 AM

I had a similar issue and solved by replacing:

var http = new splunkjs.JQueryHttp();

with

var http = new splunkjs.SplunkWebHttp();

Of course is not documented anywhere as far as I can tell.

0 Karma
Reply

tfellinger
New Member
‎11-02-2016 12:01 AM

I know this is an old thread, but if someone is looking for a workaround, maybe they stumble upon this thread.

I tried to make AJAX calls to the REST API from within dashboard javascript with the same result. Seems like jQuery is always adding the "x-splunk-form-key" header (I thinks thats the CSRF token for the webgui). Since this header is not allowed, it results in a CORS violation. Everything I tried with jQuery's $.ajax() failed (setting the header to "", " " or null). If you try to remove the header completely with ajaxSetup the gui will break 😕

So the workaround I used was to use javascript's XmlHttpRequest object (var xhr = new XMLHttpRequest();). With this the header is not added and so the ajax request works like a charm.

0 Karma
Reply

jitendra0101
Engager
‎07-18-2017 07:19 AM

Please help. Every time I am getting error message as "Error Listing Apps".

0 Karma
Reply

Luke__Mcfly
New Member
‎07-19-2015 12:50 AM

Have you managed to make this work? I believe a solution to this would really help me out.

0 Karma
Reply

Lyonis
Engager
‎07-24-2015 01:09 AM

No sorry, I used a workaround creating a python controller that manager REST calls and use it like a forwarder that creates jobs

0 Karma
Reply
Get Updates on the Splunk Community!

App Platform's 2025 Year in Review: A Year of Innovation, Growth, and Community

As we step into 2026, it’s the perfect moment to reflect on what an extraordinary year 2025 was for the Splunk ...

Operationalizing Entity Risk Score with Enterprise Security 8.3+

Overview Enterprise Security 8.3 introduces a powerful new feature called “Entity Risk Scoring” (ERS) for ...

Unlock Database Monitoring with Splunk Observability Cloud

  In today’s fast-paced digital landscape, even minor database slowdowns can disrupt user experiences and ...