Promise-based service component for calling REST API from Lightning Components without Named Credentials.
Switch branches/tags
Nothing to show
Clone or download
Type Name Latest commit message Commit time
Failed to load latest commit information.
config updated to org preference settings Nov 25, 2018
force-app added license and updated repo link Dec 17, 2018
force-demo/main updated to API v44.0 Nov 25, 2018
.forceignore added demo tab for easy access Sep 10, 2018
.gitignore initial commit Sep 10, 2018
LICENSE added BSD3 license Sep 10, 2018 updated to API v44.0 Nov 25, 2018
sfdx-project.json updated to API v44.0 Nov 25, 2018

Call REST API from Lightning Components without Named Credentials

A simple promise-based service component for working with Salesforce REST API directly from your component's JavaScript without you needing to write Apex or configure Named Credentials. Just install and use.

Getting Started

  1. Deploy this project to your org (you only need what's in force-app folder).

  2. Explore the LC_Demo component in the force-demo folder on usage.

  3. Try out a demo

    a. Assign yourself the LC Demo permission set.

    b. Navigate to the LC Demo tab.

    c. Play with the sample components to send different REST API requests.

    d. Marvel that you didn't have to write any Apex code or configure a Named Credential :)

Example Usage

Add the <c:lc_api> to your component and give it an aura:id for reference.

<!-- YourComponent.cmp -->
    <c:lc_api aura:id="restClient"/>

Find the <c:lc_api> by its aura:id then call the restRequest(..) method passing in the url, method, body, and any headers.

// YourComponentController.js
    createAccount: function( component, event, helper ) {

        component.find( 'restClient' ).restRequest({
            'url' : '/services/data/v44.0/sobjects/Account',
            'method' : 'post',
            'body' : JSON.stringify({
                "Name" : "LC Demo Account"
        }).then( $A.getCallback( function( response ) {
            // handle response
            // { id: "001f400000YEZB8AAP", success: true, errors: [] }
        })).catch( $A.getCallback( function( err ) {
            // handle error



"Access Denied" or "No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin '' is therefore not allowed access."

Your request was blocked due to Cross-Origin Resource Sharing (CORS) policy.

This can happen when trying to make a request to /services/apexrest/ endpoint. For example, the Visualforce domain hosting LC_APIPage is on and is trying to make a web request to Because the two domains do not match, then CORS policy prevents the request.

  1. In Setup, navigate to Security | CORS.

  2. Add the origin URL mentioned in your error message (e.g. to the list of whitelisted domains.


Doug Ayers develops and maintains the project.

Postmate for a secure, promise-based library for communicating between windows and iframes.

jsforce for an elegant, promise-based library for working with Salesforce REST API.

Other Utilities

You should check out sfdc-lax by Ruslan Kurchenko, a promise-based service component that makes calling Apex actions or using Lightning Data Service a breeze.


The source code is licensed under the BSD 3-Clause License