How to use resources from another domain?

I would like to use cross-origin HTTP requests on the Things service. Is this supported?

The Bosch IoT Things service supports cross-origin resource sharing (CORS) for some whitelisted hosts.

You can benefit from this mechanism by enabling client-side cross-origin requests. If your Web application is hosted on one of those whitelisted hosts, you can use the Bosch IoT Things HTTP API (i.e. our REST-like resources) directly from your Web UI without the need for a proxy mechanism on your back end.

Example:
The following example shows how your application could fetch cross-origin resources from the Things service.
The user dialog would require authentication and then list all Things, which the specific user is allowed to see.
See https://jsfiddle.net/eet7dyac/ .

Whitelisted hosts:
Currently we have whitelisted “well-known” hosts from our perspective, e.g. *.bosch-iot-cloud.com.
On demand, we could of course enlarge the trusted circle. In case of interest, please let us know which domain you need whitelisted.

Customers can contact us via https://www.bosch-iot-suite.com/support/.