Clover implements Cross-origin Resource sharing (CORS), which enables you to:

  • Build pure HTML/JavaScript-based client applications without an app server to intermediate between your browser and the Clover Server, and then
  • Make requests from your client-side app to Clover’s REST API using XmlHttpRequests, AJAX requests, etc.

Troubleshooting CORS

If you are experiencing difficulties:

  • Verify that you have specified the Site URL and CORS Domain for your app in the Developer Dashboard.

  • Verify that you are using an OAuth token that is retrieved using OAuth and not using the Setup app. If you want OAuth to provide you with a token (rather than a code), set response_type=token in the OAuth request.

  • Verify that in your request to Clover’s REST API, you send the API Token using the access_token query parameter in your request and not in the Authorization: Bearer request header.

  • Note that Clover’s REST API does not support JSONP.