Hello,
I am using the new Write API to push data to Primic from my own application. I have a React application, running on local machine http://localhost:3000/. When I try to POST data to Prismic using Write API feature I get the following error:
Access to fetch at 'https://if-api.prismic.io/if/write/fanduel-casino-dev--write_test_catalog' from origin 'http://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
I've never seen this issue in relation to the Integration Fields write API.
I talked with the team and this is related to the fact that you're trying to send information through a react app in the browser. This isn't the intended use of this API, it's meant to be sent from a server or using a CURL request. It's the expected behaviour that chrome or whatever blocks it with the CORS error.
We could discuss further with the team to allow requests coming from the browser. I'm not sure it's something that the team would want to do, but it would be really useful to understand your use case here so that I can communicate it with the team.
Thanks for the response. I have a web admin written in React, where users with various roles should CRUD an config object to custom types in Prismic through Integration fields. We need this to reduce the access to Prismic (currently we have a lot of users in Prismic). But it is not a problem, I can bypass it to a node server and from there to establish the communication with the Prismic integration fields.
Thanks for detailing your use case for me Paun This is really helpful.
All though this isn't the intended use case for Integration Fields. This feature is designed for product catalogs, this is reflected in the accepted JSON structure. So you can select catalog items to add to a document within Prismic but you can't edit them from within Prismic, this must be done where the product catalog is created. *EDITED
If you want to restrict user access to certain things, first we have user roles for a publisher workflow:
We also have roles per locale:
And if you want to restrict user access to certain Custom Types in the document writing dashboard, then the best way to model this is to have different repositories for different Custom Types and then restrict access based on the repository. So something like:
Thanks for the response. I saw that you said : "So you can select catalog items to add to a document within Prismic but you can edit them from Prismic." Did you mean "So you can select catalog items to add to a document within Prismic but you cannot edit them from Prismic." ?
How can you edit them from prismic?
So there's no way to edit your catalog items in Prismic. If you have a catalog item from Shopify linked in your Prismic document and you update it on Shopify it will automatically update in the Prismic document.
This is really helpful.