I am working on a project where I want to control a device from a my a page on my Wordpress website. See the high level design here.
The issue I am running into is with browser security. Since my website is running HTTPS and the Hubitat MakerAPI as my API endpoint is serving HTTP visors to my site will get an error "Mixed Content" security block. This cause the action button I want on the site to fail. I have considered building a proxy to receive the HTTPS and then generate the HTTP but this seems like a lot of work. Maybe I am just lazy. Has anyone else run into this issue and come up with any create ideas to resolved it?
Https endpoints are available. Look at your maker instance, you will see the cloud urls are https (local is http)
1 Like
HTTPS should also work locally, but you'll need a domain and cert to make most browsers not complain (but even the IP should work if you don't care).
2 Likes
This is really cool. I missed this completely because I did not have the cloud connectivity knob on. Cant wait to try this out.
1 Like
So I can call the cloud API from browser directly, but when I add it into the code on my website and click the button. I am seeing a 403 in the console along with CORS error.
I added the source site URL to CORS in MakerAPI does that update for CORS on the cloud endpoint also ?
I got it figure out. I needed to adjust my CORS entry. Thanks to google developer console AI debugging.
1 Like
That cloud API endpoint with HTTPS is really cool. Kudos to whoever came up with that.
2 Likes
And you can have multiple instances of maker api for different applications
1 Like
