CloudSign provides support for CORS to make it easier to also use Web API from JavaScript.

1.Log into CloudSign and access your team.

2.An input field for the CORS Origin URL is available, so enter details into the web app URL scheme and host name fields that use the CloudSign Web API. (E.g.: https://origin.example.com)

When JavaScript is used to access the CloudSign Web API spanning domains, browsers automatically append the following header.

When the CloudSign Web API checks the details of the Authorization header, it also checks the details of the Origin header. When doing so, the Origin header responds with a value, and if it is the same as the value specified in 2., the request is processed normally.

If the value specified for the Origin header differs to that specified in 2., it returns a HTTP 400 bad response status.

Each API can be used with the access token obtained from the CloudSign Web API.Each API supports CORS, however from a security perspective, obtaining an access token does not ensure CORS-compatibility.

CORS is an abbreviation of Cross-Origin Resource Sharing that was developed to allow browsers to access resources (images, style sheets, JSON, etc.) that exist on domains outside the site actually being accessed.Please see Cross-Origin Resource Sharing for more details.