I have created a REST API to create an object record. But the requirement is only one record can be created at a time since we are using the API for financial application. So if multiple user are hitting the API simultaneously, I need to apply some kind of a queueing mechanism so that only one request will  hit to Salesforce. Is there a singleton mechanism available in Salesforce? Also please provide information on whether object locking is available in Salesforce? Any suggestion on how I can implement the above scenario will be much appreciated.

We have a requirement where we need to connect to salesforce from an intranet website with code written in JavaScript. We have the ConnectedApp created in Salesforce and we are following Username-Password OAuth2 flow. We are passing all the required parameters given below. We are POSTing this to the request URL given below.

var requestUrl = 'https://login.salesforce.com/services/oauth2/token';
requestUrl += '?username=USERNAME&password=PASSWORD_SECURITY_TOKEN&grant_type=password&client_id=CLIENT_ID_FROM_CONNECTED_APP&client_secret=AGAIN_FROM_CONNECTED_APP;

We tried connecting using JQuery AJAX call and JSforce libraries. We have also whitelisted the required domain in Salesforce via Setup --> Security Controls --> CORS.

We tried connecting to salesforce via the intranet site as well as another salesforce org using the same code. for both of the situations we are getting below error. 



In case if image does not load 
 
The origin is there in the Request Header as checked in Browser Console, however, the 'Access-Control-Allow-Origin' parameter is not there in response header from Salesforce.

Am I missing any setting here or it is not something Salesforce currently supports? Any help appreciated, thanks.