We’ve got some exciting news: we now offer Cross Origin Resource Sharing (CORS) for our public API. For a detailed explanation, the linked Wikipedia page is a good place to start. In layman’s terms, you can now access our read-only public API using Javascript from another site. In other words, your website can now pull information from our public API for use on that website without using JSONP. We’ve had a few customers request this instead of the previous JSONP method to deal with situations where the request is too large for a GET. It’s also bit cleaner of an implementation, so we went ahead and rolled it out across the board. It shouldn’t change anything on your end if you weren’t having issues with JSONP before.

Here’s an example of how to execute a search query with the Swiftype Public API with JSONP with jQuery:

var params = {
  q: "your search terms",    
  engine_key: "YOUR_ENGINE_KEY"
};

function handleSearchResults(data) {
  // do something with the search results  
  console.log(data);
}

$.getJSON("https://api.swiftype.com/api/v1/public/engines/search.json?callback=?", params).success(handleSearchResults);

And here is the same query using CORS:

$.getJSON("https://api.swiftype.com/api/v1/public/engines/search.json", params).success(handleSearchResults);

(Note there is no callback parameter.)

We hope this makes using the Swiftype public API easier for those of you who can rely on it. JSONP will continue to be supported, of course!

NOTE: Like JSONP, CORS is only supported from our public API, as it isn’t secure to use your secret API key in front-end JavaScript.

Keep an eye on the blog for more engineering features, and as always, feel free to reach out for support.