I'd like to build an website, which communicates through the target API in this manner: (https://mc.adobe.io/xxxxxxxxxxx/target/activities) and responds with a JSON I can then display in a table format on the frontend. However I'm blocked by CORS policy and I've read, that this is like this because of security reasons.
Is there any best-practice on how to achieve on what I want?
Kind regards and thanks a lot for your answers in advance,
You may have to call the admin APIs through your back-end server, considering CORS policy and the security risk of exposing "client secret" and your private key on the website.
I would implement it this way:
1. Your team sets up a custom endpoint (let us call it "/activities") in your backend server.
2.Page calls "/activities" endpoint in your back-end server.
3.Back-end takes care of jwt token authentication for accessing admin api, renews token if necessary.
3. Calls the adobe.io endpoint to retrieve activities list.
4. Process the response on server itself if required.
5. Back-end server responds back to the page with the results.
Hope this helps.