We are facing cross domain issues while accesing SalesForce APIs using AngularJS.

When we try to access the token API, we are getting "200 OK" as status, but we will not be able to read the response because "access-control-allow-origin" header is not present in the SF server response. This issue is happening only while fetching the access token api.

Only If a browser that supports CORS makes a request to an origin in the Salesforce CORS whitelist, Salesforce returns the origin in the "Access-Control-Allow-Origin" HTTP header, along with any additional CORS HTTP headers. If the origin is not included in the whitelist, Salesforce returns HTTP status code 403.

We found an alternative to this by accessing the api by calling a PHP file from AngularJS and fetching the api data using cURL.

Is this a good approach or is there any other alternative with direct method?

We are facing cross domain issues while accesing SalesForce APIs using AngularJS.

When we try to access the token API, we are getting "200 OK" as status, but we will not be able to read the response because "access-control-allow-origin" header is not present in the SF server response. This issue is happening only while fetching the access token api.

Only If a browser that supports CORS makes a request to an origin in the Salesforce CORS whitelist, Salesforce returns the origin in the "Access-Control-Allow-Origin" HTTP header, along with any additional CORS HTTP headers. If the origin is not included in the whitelist, Salesforce returns HTTP status code 403.

We found an alternative to this by accessing the api by calling a PHP file from AngularJS and fetching the api data using cURL.

Is this a good approach or is there any other alternative with direct method?