Simple usage of the API using Javascript

Hey guys,
Never worked with an api with OAuth .

Bottom line, I have a site, which has a form (my form).

on form submit I want to use the API in order to add the contact to my infusionsoft account. (without redirecting the user or anything).

1.can I accomplish that with simple front-end Javascript or it requires some backend as well as redirecting the user?

2.Can I save a permanent token and re-use it so I won’t have to authroize myself everytime a user submits the form?

thanks alot.

You can’t do this securely with OAuth or the legacy api key from within javascript. It exposes you secrets publicly. For either scenario you should have some backend service. With OAuth you can authorize yourself and store that access token and refresh token and handle the refresh on your backend. There are other options for web form submits like the word press plugin if you happen to have a word press site (there are others as well).

You can conceivably do this securely but you should take some things into account. First, you’ll have to call php scripts local to your server from within JS. Second, when calling scripts you have to make sure to call them relative to the server path NOT with a url. Using a full url sends it out over the internet and back again, exposing private information. So http://www.thissite.com/endpoint/ should only be called as …/endpoint/ which ensures everything remains local. You could even make local AJAX calls to scripts as endpoints and implement it as a full REST solution receiving JSON/XML back to the JS caller. When doing this, however, NEVER call out to anything outside of the server except by way of the standard api methods.