ANNOUNCEMENT effective June 19th, 2019:
In preparation for the release on June 19th, we have a change that will be introduced that MIGHT require some action on your part.
As you may be aware, LoanPro has developed its own API, allowing users to build and integrate their own solutions with LoanPro. This is the same API that the LoanPro Website uses, so the full power of LoanPro is at your disposal.
The LoanPro API is an HTTP based system, and as such it has to adhere to the Cross-Origin Resource Sharing standard. Traditionally LoanPro would respond with the header Access-Control-Allow-Origin: * allowing any origin (your website for example) to call LoanPro API endpoints. In an effort to boost the security of our users, this behavior will be changed effective June 19th, 2019. ACTION MAY BE REQUIRED TO AVOID INTERRUPTION OF SERVICE.
What do I have to do?
If you do need to send cross-origin requests, the only thing to do is:
1 - Log in to LoanPro as an administrator.
2 - Navigate to Company Settings.
3 - Specify one or multiple domains to use as the origin.
4 - Save changes.https://articles.simnang.com/#/articles/5af068f13fa59700247dad07
Once this is set, LoanPro will compare the origin received with the list you provided, and set the Access-Control-Allow-Origin header accordingly. If the origin doesn’t match, the header will not be included as part of the response, and the request will fail.
And that’s all. For more information on CORS and why it’s needed, please consult the following MDN Network article. If you have further questions don’t hesitate to contact LoanPro support.
César Olea - Director of Software Development