Freshworks CRM - Documents API - CORS error


We are trying to upload .wav files containing call recordings via the / documents API as shown in the documentation here: Freshsales | Refreshingly new CRM & Deal Management Software, and we are running into some issues. We have tried an xhr and a fetch() approach but we get cors errors returned on both.

We tried to do this with the following code:

function saveCallRecording(contactId, recordingRef, recording, succeshandler, errorHandler) {
    let filename = `${recordingRef}.wav`;
    let url = `https://${domain}`;

    let data = new FormData();
    data.append("file", new Blob([recording], { type: `multipart/form-data` }));  // also tried 'audio/wav'
    data.append("file_name", filename);
    data.append("is_shared", "true");
    data.append("targetable_id", contactId);
    data.append("targetable_type", "Contact");

    let xhr = new XMLHttpRequest();
    xhr.withCredentials = true;

    xhr.addEventListener("readystatechange", function () {
        if (this.readyState === 4) {
            console.log('Upload recording response: ' + this.responseText);
            if (this.status === 200) succeshandler(this.responseText);
            else errorHandler(this.responseText);
    });"POST", url);
    xhr.setRequestHeader("Authorization", "Token token=<%= iparam.apiKey %>");

We also tried the client request method to upload the file, but on this we get a ‘FormData object could not be cloned.’ response. (In here the body object is the same formdata object as shown above)

function callFreshsaleSuiteApi(body) {
  return new Promise(function (resolve, reject) {
    let url = `https://${domain}`;
    let headers = { "Authorization": "Token token=<%= iparam.apiKey %>", "Content-Type": "multipart/form-data" }; // also tried 'audio/wav'
    let options = { headers: headers, body: body };
    return, options).then(
      function (data) {
      function (error) {

Anyone know how to solve this?

For future reference.

We have been on this with the Technical team and found that ,for now, uploading files should be done from a backend service and not from a front-end app. This is the only way to get around te CORS issue.

1 Like

Thank you for updating this thread with your findings @Timothy . This API request is indeed a CORS request from the browser’s perspective and will have to go via a proxy. We would ideally recommend using the platform’s Request Method for this purpose, but as you have found, that does not yet support form data and multi-part data types.

One approach you could try is to use Server Method Invocation to make this same API request from server.js in your app, as long as the data can be passed to the SMI method from the browser and the request can complete within 5s (the default timeout for the SMI method).

We will meanwhile endeavor to find better ways to address this through the platform.

This topic was automatically closed 6 days after the last reply. New replies are no longer allowed.