I am trying to make client-side JS calls to Uber API endpoints which require the OAuth Bearer token, such as /v1/me, but I am receiving an error that the Access-Control-Allow-Origin header is not present on the response.
I have successfully obtained a Bearer token (server-side) to use in the Authorization header in the GET request.
In my Uber API application settings, I have my Origin URI set to my development server (https://localhost:9000).
Here is how I call the /v1/me endpoint:
var xhr = new XMLHttpRequest();
xhr.open('GET', 'https://api.uber.com/v1/me');
xhr.setRequestHeader("Authorization", "Bearer MY_BEARER_TOKEN");
xhr.send();
In Chrome developer console I get the following error:
No 'Access-Control-Allow-Origin' header is present on the requested resource
To ensure that my Bearer token is valid, I successfully tested it using curl:
curl -H 'Authorization: Bearer MY_BEARER_TOKEN' 'https://api.uber.com/v1/me'
On a side note, I am able to successfully make calls to the API endpoints which do NOT require OAuth Bearer token, such as /products and /estimates/price using the Authorization Token header like so:
var xhr = new XMLHttpRequest();
xhr.open('GET', 'https://api.uber.com/v1/products');
xhr.setRequestHeader("Authorization", "Token MY_SERVER_TOKEN");
xhr.send();
This leads me to believe that the problem is not an Uber API app configuration setting such as incorrect Origin URI.
One final note, when I obtain the OAuth token I am making the request from a Node Express app running on my development server at https://localhost:8080, which is different from where I am running my client-side JS app at https://localhost:9000. Making the request from the same port did not solve the problem however.
Any ideas? Thanks!
After emailing with Uber tech support, the problem was that CORS was not properly setup on their end. As of yesterday the /v1/me endpoint is now working for me with no changes to my app configuration.