All components require the generation of a single use token to verify the identity of the request owner. Before calling the service to retrieve an app_token, a Bearer access_token must first be generated using our OAuth 2.0 authorization service, with your client_id and client_secret. Please see the No-Code Quickstart Guide for more details on generating the app token.
Here are some common errors with app tokens and how to fix them:
- Error: App loads but doesn’t display the user’s data
-
Fix: App token generated with the wrong grant type (client_credentials instead of password)
-
- Error: CORS error
- Fix: See whitelisting for more information
-
Error: App CSS loads but with no data
-
Fix: Make sure public-key is added as a data attribute. By default, the embed modal will include this in the code snippet. Make sure a valid app-token is added as a data attribute (see tutorial). Make sure you generate a new app token on each component load, as they expire after one use
-
Learn More
How does the API whitelisting work?
How do I troubleshoot a 'CORS policy' error when I try to deploy a Web Component or Mobile WebView?