How I do do a fetch request with custom headers to a 3rd party API?

I am trying to make a get fetch request using the following code

    getJSON("https://apis-staging.dunzo.in/api/v1/token",
    {
        "method": "get",
        "headers": {
            'Accept-Language': 'en_US',
            'client-id': 'xxxxxx-xxxx-xxxx-xxxx-xxxx',
            'client-secret': 'xxxxx-xxxxx-xxxx-xxxx-xxxxxxx',
            'Content-Type': 'application/json'
        }
    })
    .then(jsonResponse => console.log('JSON response',jsonResponse))
    .catch(err => console.log('Failed',err));   

But i get a CORS console error that the headers ‘client-secret’ and ‘client-id’ are not allowed… Is this not allowed at all by wix or is there a way around this? I am new to http fetch requests so I don’t have an idea how to deal with this, thanks for any help

I think ‘client-id’ and ‘client-secret’ should be on the body of the request, and the header has to have an ‘Authorization’ bearer if it is needed.

You can read more about it here: Cross-Origin Resource Sharing

The API provider has stated in their documentation that the way to do this in cURL is

curl -H 'client-id: <CLIENT_ID>' \
-H 'client-secret: <CLIENT_SECRET>' \
-H 'Accept-Language: en_US' \
-H 'Content-Type: application/json' \
'https://<dunzo_host>/api/v1/token'

I never use cURL but it is my understanding that -H means extra header and I tried to make this request in wix using my getJSON as headers. Is my understanding of this even correct?

Anyways, I think I need to understand this a little better first before posting. I will get back to this thread later if I haven’t the right way to do it. It seems I need to get a access token first before making fetch requests so I could have skipped some steps.

@avinashmurthy you are right that this cURL command translates to what you tried, checked in Convert curl commands to JavaScript .

fetch('https://<dunzo_host>/api/v1/token', {
    headers: {
        'client-id': '<CLIENT_ID>',
        'client-secret': '<CLIENT_SECRET>',
        'Accept-Language': 'en_US',
        'Content-Type': 'application/json'
    }
});

But I would try adding those client properties to the body anyway.

@bwprado Nevermind, I just did a cURL command on reqbin.com and got a successful token as discussed in the API. I will test the remaining API commands using fetch and see how it goes, thanks for your help

In Postman app
Under Authorization: Bearer Token
Under Headers : add keys client-id and client-secret and their values
Leave Token Blank
Send the GET command and you will GET the Token