Using Javascript

The obstacle of using the API with JavaScript is the same-origin security policy, that can make this usage scenario very troublesome.

The API service supports two techniques, that can make JavaScript work with the API on different domains.

CORS (Cross-Origin Resource Sharing)

CORS is a special protocol, which works over HTTP, that allows JavaScript and the API service to negotiate, whether the API request should be permitted or restricted.

The preflight mode of CORS is also supported by the API service.

To allow API requests from a specific domain, you need to add it to the the list of allowed domains using the Kayako UI.

The CORS interaction is handled by the web browser and the API service automatically, what means that you usually do not need to worry about technical details.

But, you can read more about CORS here.

JSONP (JSON with Padding)

Important: Consider using CORS instead.

JSONP is actually a hack, that allows to make an API request from JavaScript to another domain.

JSONP can be enabled by the _jsonp_callback argument, e.g.:


Here, the callbackName is the name of an existing JavaScript function, that will handle the API response.

JSONP requests can use only the GET HTTP method.

Also, JSONP does not work with HTTP status codes other than 200 (OK) (or 201 (Created)). That's why the status code of JSONP API responses is always 200 (OK). Therefore, in such cases you need to check the status field of the API response for the proper HTTP status code (see also Response).

You can read more about JSONP here.