CORS In get all deals api endpoint




I was trying to setup a http get request to the<API_KEY>&includeAssociations=true&limit=250&properties=dealname

endpoint and I am able to do so on the browser and with curl, but when I try doing it using Angular2 http client and I get the following error:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at<API_KEY>&includeAssociations=true&limit=250&properties=dealname. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).

could some one help me with this? Not sure what I am doing wrong.


Hi @FilipeFerreira

Our APIs do not support cross-origin AJAX requests, since that could expose your API key to anyone viewing that page. You’ll need to make the AJAX request to your server, which would then add the api key to the request URL and make the request to the HubSpot API server-side.


Would I have to use a node server to get the data and pass it on to the angular2 app?


If you’re already running a node server, then yes that server could get the data and pass it to the angular app.


@dadams Thank you for the help, yes I am already using a nodejs server so will try an make the calls on the backend, do you know if in the future Ajax requests will be allowed?


It’s something we’ll likely take another look at next year, but even if we do start supporting this it’s unlikely CORS would be supported for requests using hapikeys, as exposing that key to a client poses a considerable security risk.


I would like to get blog details of your website through ajax call but I am getting "Uncaught SyntaxError: Unexpected identifier" please address it as soon as possible.
dataType: “jsonp”,
success: function (data) {} });


I wrote a post about a simple way to enable CORS for any HubSpot api if anyone is still struggling with this.

The basic idea is you use PHP to make the server side request, then you can enable CORS on your server and make all the AJAX requests that you need. It only takes a couple lines of PHP so it's pretty simple to do.