Sitecore Web Item APIs returning status 0

I have been developing a solution in which I required to validate whether user have Sitecore account through Sitecore Web Item APIs. Currently username and password in hardcoded. Here is my code.

function authenticateUser() {
        var xhr = new XMLHttpRequest();"POST", "alwayslocal/.../login");
        xhr.setRequestHeader("Content-Type", "application/json");
        xhr.onreadystatechange = function () {
            if (this.readyState == 4) {
                alert('Status: ' + this.status + '\nHeaders: ' + JSON.stringify(this.getAllResponseHeaders()) + '\nBody: ' + this.responseText);
        xhr.send("{ \n    \"domain\": \"sitecore\", \n    \"username\": \"admin\", \n    \"password\": \"b\" \n}");

I am getting status 0 ,header and body null when I run my code.

I have modified Sitecore.Services.Infrastructure.Web.Http.Security.ServicesOnPolicy and Sitecore.ItemWebApi.config to allow readwrite access

Can anyone tell me what am I doing wrong?

  • Hello Viral,

    Is this a question related to Sitecore JavaScript Services, or a question about using SSC?

    Either way a few things I'd suggest:

    * Your code doesn't appear to have a scheme (http:// or https://) on the URL, is that a copy/paste issue or is that your actual code? If you're trying to access the same host, leave off the host name entirely (/sitecore/api/ssc/auth/login)
    * Did you look at the Network panel in your browser Developer Tools? This is a much better way to debug the XHR request.
    * Despite the code sample from the SSC docs, don't use XMLHttpRequest directly. I'd use fetch, with a polyfill if needed:
    * Don't construct JSON as a string -- create an object and use JSON.stringify

  • In reply to Nick Wesselman:

    Another thing to check: the example for auth shows use of an HTTP URL. But the auth service actually only responds over HTTPS.