I am encountering an issue while attempting to make client-side JS calls to Uber API endpoints that require the OAuth Bearer token, such as /v1/me. The problem arises due to the absence of the Access-Control-Allow-Origin header in the response.
I have successfully acquired a Bearer token (server-side) to include in the Authorization header of my GET request.
In the settings of my Uber API application, I have specified my Origin URI as my development server (https://localhost:9000).
Below is the code snippet for calling the /v1/me endpoint:
var xhr = new XMLHttpRequest();
xhr.open('GET', 'https://api.uber.com/v1/me');
xhr.setRequestHeader("Authorization", "Bearer MY_BEARER_TOKEN");
xhr.send();
The Chrome developer console displays the following error message:
No 'Access-Control-Allow-Origin' header is present on the requested resourceTo verify the validity of my Bearer token, I used curl and the test was successful:
curl -H 'Authorization: Bearer MY_BEARER_TOKEN' 'https://api.uber.com/v1/me'
Interestingly, I can successfully access API endpoints that do not require an OAuth Bearer token, like /products and /estimates/price, by utilizing the Authorization Token header in the following manner:
var xhr = new XMLHttpRequest();
xhr.open('GET', 'https://api.uber.com/v1/products');
xhr.setRequestHeader("Authorization", "Token MY_SERVER_TOKEN");
xhr.send();
This leads me to believe that the root cause may not be related to any misconfiguration within the Uber API app settings, such as an incorrect Origin URI.
In addition, when obtaining the OAuth token, I initiated the request from a Node Express app located on my development server at https://localhost:8080, which differs from the location of my client-side JS app running at https://localhost:9000. However, making the request from the same port did not resolve the issue.
Any insights or suggestions would be greatly appreciated. Thank you!