Survey API submission errors

Stephen Gouws 2

I'm struggling to get past 2 issues I'm having using the SurveyAPI in Luminate Online, directly in a pagebuilder page.

I've included the session identifier “[[S86]]”

• I tried submitting to the 'https://secure3.convio.net/mycustomorg/site/CRSurveyAPI' endpoint as called out in the documentation, but I get a CORS error: "Access to XMLHttpRequest at 'https://secure3.convio.net/mycustomorg/site/CRSurveyAPI?method=submitSurvey&v=1.0&api_key=[[S0:CONVIO_API_KEY]]&survey_id=9322&question_9921=ThisWorks' from origin 'https://mycustomorg.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource."
• I tried submitting the survey via Ajax to our subdomain(which is where the donation forms are served from), but get a mixed content error "The page at 'https://mycustomorg/site/Donation2?idb=1070576785&df_id=65723&mfc_pref=T&65723.donation=form1&NONCE_TOKEN=6AA99B399E1158975C167A58C15E39B1' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://mycustomorg/site/PageServer?pagename=page_not_found'. This request has been blocked; the content must be served over HTTPS.

My Ajax:

var APIKey = '[[S0:CONVIO_API_KEY]]';

function SubForm (){
jQuery.ajax({
url: 'https://secure3.convio.net/mycustomorg/site/CRSurveyAPI?method=submitSurvey&v=1.0&api_key=' + APIKey + '&survey_id=8991&question_8956=ThisWorks',
type: 'post',
success: function(){
alert("worked!");
}
});
}

I'm a little stumped and I'm looking for a little guidance or sample code to help get me on the right track.

Thanks so much!

Elizabeth Favre

@Stephen Gouws
Good afternoon!
I am hoping to rule out a couple of easy fixes before diving deeper. I am guessing these are not the issue, but it's good to rule them out.

1. Are you certain that your Luminate Online URL is a secure3 site and not a secure2 site? You can check by looking at the the URL where normally log in to Luminate Online as a site administrator. Identify your cluster by looking at the hostname in the admin URL. If you log in to secure2.convio.net, you are on cluster 2; if you log in to secure3.convio.net, you are on cluster 3.

2. In ‘https://secure3.convio.net/mycustomorg/site/CRSurveyAPI’ are you replacing “mycustomorg” with your URL?

3. If those two pieces look right in your calls, the next step I would suggest is comparing your code to the guidance in LO API Cross Domain Access and Fetch.

If you are still having trouble after that, please reach out again and I'll ask a dev to take a look at my documentation to see if something is obsolete or misleading.

Jeremy Reynolds

@Stephen Gouws
As Elizabeth mentioned, you'll want to make sure that you've got the URL details right, specifically the secure3.convio.net/mycustomorg should match the details of your website.

Second issue in your code is that you're missing the authorization token in the AJAX request URL. The token is used by LO to verify that the submission is attached to a valid session. Easiest way to do get the token is to do a getLoginUrl request, grab the getLoginUrlResponse.token from the response, and then pass that to your submitSurvey request as an &auth= parameter.