2 of 2 people found this helpful
You're trying to connect directly to the API from a browser that enforces CORS?
This means you are revealing your API secret key to the world. Very, very bad idea. The APIs must not be connected to directly from a browser. They're meant for server-to-server access.
Thanks Sanford - I was never going to push it live, I just wanted to get test the API through JS and then build the server code for it.