Working with client credentials and a website - not an API.
Ajax post will allow me to add a custom header with an access token, but I need the behavior of a standard form post. The result of the post should be a web page.
We’ve secured our website but while testing from a client app, doing a typical browser form post with ajax and custom header - the html returned contains links relative to the website which won’t work when the html is loaded into a new tab after the request from the client app is complete.
I’m hoping I’m just overlooking something simple. When originally researching our use case, I found that it’s not that common. Typically, client credentials might be used to secure API access for example not for accessing an actual website. Ajax posts would of course, be ideal for API requests - but in our case there are some pretty big shortcomings.
Can you give me any recommendations for this use case?
Thank you in advance.