If Fullscript.js is not configured properly, or is attempting to access resources it’s not permitted to, an error page is rendered and the error details are sent to the browser’s console.
Errors look similar to this: (left: browser view. right: console window.)
Here are the most common errors you may encounter with instructions for resolving them.
INVALID_SECRET_TOKEN: The secret_token was invalid or missing.
The session grant used to authorize the user is missing or invalid.
Refused to frame 'http://localhost:3000/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'".
There are a few reasons this can happen.
Error: Could not find the mount point for the iframe.
Fullscript.js failed to find the mount point you added to your DOM.
idspelled correctly? And is there just one instance of it?
A CORS (cross-origin resource sharing) error when accessing the OAuth authorize endpoint.
Ensure you’re not trying to
fetch() the Fullscript OAuth url.
Instead, redirect the browser to the