Javascript calling Turnkey rest

If your Javascript is on the same domain, there is no issue to call the ViewModels exposed with Rest. If it is from a cross-domain, your Turnkey server needs to enable cors for the particular domains you will be calling from.

We cannot allow every domain since that will not work with login credentials (web standards).

To set allowed domains in TurnkeyCore, follow the model pattern described here: Cors.

ViewModels with RestAllowed will check access groups - and most likely, use the IsLoggedIn access group - and have SysSingleton.oclSingleton.CurrentUser in your ViewModel to access user-specific data. For this to work, ensure that the user is first logged into Turnkey.

We suggest one of the following scenarios to ensure user login:

  1. Put the URL to your app on a Turnkey page - and only show the URL if the user is logged in
  2. Send the user from your app to the Turnkey app and have a link on that page to redirect once logged in
  3. Have a Turnkey RestEnabled ViewModel without an access group that can answer if the user is logged in or not - and know whether to send the user to login pages or not

You may now call Turnkey from a valid origin with code like this:

    <input type="button" value="Try it" onclick="sendRequest()" />
    <span id='value1'>(Result)</span>

@section scripts {
      var serviceUrl = 'http://localhost:5052/TurnkeyRest/Get?command=ViewModel1';
      function sendRequest() {

            type: "get",
            url: serviceUrl,
            xhrFields: { withCredentials: true }
        }).done(function (data) {
        }).fail(function (jqXHR, textStatus, errorThrown) {
            $('#value1').text(jqXHR.responseText || textStatus);

If the TurnkeyServer has a Cors error, it will just say "error". If the requested ViewModel has been blocked by AccessControlGroup, it will say AccessDenied.

The returned data is Json.

The xhrFields: { withCredentials: true } is important to reuse the session cookie from the user login.

This page was edited 108 days ago on 02/10/2024. What links here