A user can make a direct REST call to Thingworx platform, but when it comes to a website trying to make a REST call. The platform server blocks the request as it is a Cross-Origin request. To enable this feature, the platform server needs to allow Cross-Origin request from all/specific websites. Enabling Cross-Origin request can be done by adding CORS filter to the server.
CORS (Cross-Origin Resource Sharing) specification enables the cross-origin requests from other websites deployed in a different server. By enabling CORS filter, a 3rd party tool or a website can retrieve the data from Thingworx instance. Follow the below steps inorder to update the CORS filter:
Update web.xml file (located in $CATALINA_HOME/conf/web.xml)
For Minimal Configurations, add the below code:
<url-pattern>/*</url-pattern> // "*" opens platform to all URL patterns, recommended to use limited patterns.
NOTE: the url-pattern - /* opens the Thingworx application to every domain.
For advanced configuration, follow the below code: