API V2 integration 401 error

Hi There.

We have a test script connecting to our current VitalPBX.
Currently we get the 401 error not authorised, this doesn’t make sense as the below paramaters are in line with standards we use on other postman based API’s,

Any assistance will be much appreciated.

Did you read the API documentation.

You can get examples in different programming language from there.

Hi Miguel.

We have referenced the documentation yes.
I find the response to be rather deflective.

There is an issue with CORS on the API interface of our current vitalpbx host this is a pre documentation issue. Meaning, we are unable to connect to the API and we have reflected against all documentation online as well as Postman documenter and related Forums, but keep getting CORS issues.

This is a last resort for us as we are unable to successfully connect to our vitalpbx APIv2 instance.


Hi @NaasF,

Please provide detailed information of your setup, network and how you are attempting to connect. So we can help you troubleshoot your issue.

Hi PitzKey.

We have a self hosted pbx and we need api access for tenant creation etc.
Attached is the code example of the connection to our api host also attached the error we are getting.

Please advise if we are doing something wrong or where on our api host we are supposed to whitelist traffic in cors as this is not part of the current documentation.



See the JavaScript fetch examples


Just an update this is not a coding issue but the way in which a browser is currently handling CORS.
See below links that assisted in resolving this issue.
Running Chrome without CORS: Run Chrome browser without CORS

Apache engine allow header paramaters: How to Set Access-Control-Allow-Origin (CORS) Headers in Apache - Ubiq BI

Note a more permanent solution for Node JS proxy support needs to be added to said documentation.

Permanent resolution perhaps?:Fixing the CORS error by hosting your own proxy on Heroku - DEV Community


Again, the VitalPBX API works fine. We have built APIs on top of the VitalPBX API (due to a lot of API feature lacking by the VitalPBX API, for example: source address whitelist/blacklist, permissions to specific endpoint(s) only, access to specific tenant(s) only, rate limiting etc etc) and also have it built in in a lot of applications.

It seems that you are trying to do something with CORS, but you didn’t explain what exactly you are trying to achieve. You seem to be having a unique requirement of CORS.

CORS is a API limitation as far as I understand.

And it is something that is shipped in API.

If we didn’t have to use it we wouldn’t we are forced to do so.

We have an internal billing engine and all we are trying to do is to create tenants and extensions (With certain functions like IVR Recording etc. based on package.) Via API.

SImple requirement but at this stage we were struggling just to establish a connection. (We are able to connect now and any further queries will be sent.)

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.