🌐 Opensolr AJAX & HTTP Authentication Requests

AJAX-based HTTP requests are a modern, secure way to interact with Opensolr from your own web applications and client-side scripts.
To ensure maximum security for our users and infrastructure, Opensolr implements a strict CORS (Cross-Origin Resource Sharing) and origin whitelisting policy for all AJAX requests that require HTTP Authentication.

🔒 Why Whitelisting Is Required

• Security First:
  Restricting allowed origins helps protect your Solr data from unauthorized or malicious cross-site requests.
• Minimizing Attack Surface:
  Only approved domains can interact with your index via AJAX, which blocks drive-by and XSS-style attacks.
• Compliance:
  Many enterprise and regulatory frameworks require origin controls for API and cloud service access.

🚦 How to Request AJAX HTTP Auth Access

To enable AJAX access from your website or app, follow these steps:

1. Submit a Support Ticket

2. Click the link and fill out the ticket form.

3. Provide the Following Details:

4. Origins:
   The exact domains or origins (e.g., https://yourapp.com, https://admin.partner.com) you will be making AJAX requests from.
5. Index or Cluster Name:
   The name of the Solr index or cluster you want to access via AJAX.

6. Account Email:
   The email address used to register your Opensolr account.

7. We Whitelist Your Origins:
   Our team will configure the Opensolr cloud to allow AJAX requests only from your specified domains.

🛡️ What Happens Next?

• Once your origins are whitelisted, you’ll be able to make secure, authenticated AJAX requests to your Opensolr index.
• Requests from other, non-approved domains will be blocked by default for your safety.
• You can update your list of allowed origins at any time—just submit another ticket!

Have questions or special requirements?
Contact support—we’re here to help you build securely and confidently with Opensolr.