You might have a look at how the example with Google Calendar (demo is included) is implemented as for authentication & authorization of the Google Calendar REST API, OAuth (v2) is used.
Thanks, I'll take a look at that. I might need some help later!
LRequest:=TRESTRequest.Create(LClient);
LRequest.Method:=TRESTRequestMethod.rmPOST;
LRequest.Accept:='application/vnd.hmrc.1.0+json';
LRequest.Params.AddHeader('Authorization','Bearer '+SA_ServerToken).Options:=[TRestRequestParameterOption.poDoNotEncode];
jArr:=TJSONArray.Create;
jArr.Add('mtd-vat');
jObj:=TJSONObject.Create;
jObj.AddPair('serviceNames',jArr);
LRequest.AddBody(jObj);
jObj.Free;
LRequest.Execute;
if LRequest.Response.StatusCode=201 then
begin
...
end;
LClient.Free;
You should be able to do this post request with the TWebHttpRequest component.
Yes but how do a set Accept as this is mandatory?
Further to this, when I add Accept=application/vnd.hmrc.1.0+json to the headers and execute the request. What is received the other end is Accept:/
Adding in TWebHttpRequest.Headers the line Accept=yourvalue is what should be used.
The browser should use this accept header normally when set this way.
Firefo. Have tried everyting I can think of.
Typo. it should be Firefox.
Maybe analyzing the request with a (free) tool like Fiddler will reveal where the issue is?
The doc from FireFox explicitly mentions that using setRequestHeader can set a different accept header
Test code:
Thanks but no, I don't think it does. I think this is happening because the accept is not being passed correctly.
Did you read up about the whole background, mechanism, reason of CORS?
Yes I did as I had to implement it for my own site but this is the HMRC VAT test site which is used by a couple of hundred developers most of which are web based. Please see https://developer.service.hmrc.gov.uk/api-documentation/docs/tutorials for details of the hello world non restricted request.
The examples at https://developer.service.hmrc.gov.uk/api-documentation/docs/tutorials are for server side API usage, NOT for client side usage. CORS is related to client side (browser) HTTP requests.
Damn. Thanks for looking into this!
Hi Ken ,