403 Forbidden when retrieving interview transcript

Hello,

I wrote a client web application that should display a pdf of a given interviewer, and from Postman the API works fine, but when I call the API using Javascript code it returns 403 Forbidden.

Please find the code I’m trying below:

var myHeaders = new Headers();

myHeaders.append(“Authorization”, “Basic YWRtaW46UXdlcnR5QDEyMzQ1”);
var requestOptions = {
method: ‘GET’,
headers: myHeaders,
redirect: ‘follow’
};

fetch(“ipadress/api/v1/interviews/70cee141-dc32-424b-bdbe-fbf780e35fb1/pdf”, requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log(‘error’, error));

You cannot do this in the pure client-side code, browsers do not allow accessing resources from one domain to another (you can read more about CORS) unless the server side code allows the access. In the case of Survey Solutions, you should see ‘same-origin’ value in the sec-fetch-site header in the response, meaning, only requests coming from the same site would be allowed to fetch data.

So the best way to achieve what you’re trying to do would be to have a server-side code in your application that fetches the data and then serves to your frontend.