3rd Party API

Lucent · January 29, 2024, 8:14am

I’m trying to implement 3rd party API and its working on localhost. But after deployment on oxygen server refusing API due to content security policy, Can you please help me to resolve it.

Liam · January 29, 2024, 12:06pm

Hi Lucent,

In Oxygen, you have to take care of Content Security Policy (CSP) headers by yourself. These headers dictate which resources can be loaded by your web application. It’s likely that the 3rd-party API you’re trying to connect to is not listed in your CSP header and is therefore being blocked. To resolve this issue, you need to update your CSP header and add your 3rd-party API there.

Lucent · January 29, 2024, 1:21pm

Can I have example code please?

Liam · January 30, 2024, 12:07pm

We have an example implementation of Oxygen with a Hydrogen store in our docs, if this is helpful?

jamalsoueidan · April 24, 2024, 8:12am

Because you are doing it client side, you need to call your 3rd party server side, either in action or loader, then you dont need to modify the CSP

Topic		Replies	Views
Hydrogen \| 3rd party API calls not working on Oxygen Custom Storefronts	3	16	March 23, 2023
Blockiert von der Inhaltsicherheitsrichtlinie Technische Fragen & Antworten	16	31	April 20, 2020
Issue while Implementing Content-Security-Policy in an public app Shopify Apps	5	99	March 31, 2022
How can I resolve a CORS policy error when calling a third-party API? Shopify Discussion troubleshooting	2	17	September 10, 2021
How can I make an API call from the payment page? Technical Q&A	0	4	January 11, 2021

3rd Party API

Related topics