Ask a Question
Back to All

Self Hosted Add-On - returned Callback Html not displaying

Hi there ServiceM8 Team,

I'm working on a self-hosted Add-On and am currently experimenting with different implementations.
I was able to successfully play around with a "simple function" Add-On from your examples but decided on taking the self-hosted Add-On route.
So far I've been able to successfully Activate the Add-On, I've implemented OAuth, the process goes as expected and my Add-On button appears in the job.
I've created a "dummy" callback method that returns some basic html for testing purposes(the html itself doesn't seem to be the issue), it is successfully being called when the Add-On is clicked, and having tested with Postman I can see that the html content it's returning is correctly and displaying in Postman, however it does not display inside the Add-On modal. I have also tried with the "new window" approach and the result is the same.

This is my Callback code implement in .NET Core

    public async Task<ActionResult> Callback()
        var request = HttpContext.Request;
        var requestBody = await new StreamReader(request.Body).ReadToEndAsync();

        var tokenHandler = new JwtSecurityTokenHandler();
        var validationParameters = new TokenValidationParameters
            ValidateIssuerSigningKey = true,
            IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(_apiOptions.ClientSecret)),
            ValidateIssuer = false,
            ValidateAudience = false,
            RequireExpirationTime = false

        SecurityToken validatedToken;
        ClaimsPrincipal claimsPrincipal;
            claimsPrincipal = tokenHandler.ValidateToken(requestBody, validationParameters, out validatedToken);
        catch (Exception ex)
            Console.WriteLine($"Failed to validate JWT: {ex.Message}");
            return BadRequest("Invalid JWT");

        var claims = claimsPrincipal.Claims.ToList();

        var eventDataJson = (string)claims.First(claim => claim.Type == "eventArgs").Value;

        var eventName = (string)claims.First(claim => claim.Type == "eventName").Value;
        Console.WriteLine($"Event Name: {eventName}");

        var html = $@"<html>
                <script src=""https://platform.servicem8.com/sdk/1.0/sdk.js""></script>
                <link rel=""stylesheet"" href=""https://platform.servicem8.com/sdk/1.0/sdk.css"">
                <script type=""text/javascript"">
                    var client = SMClient.init();
                <h1>Job Details</h1>
                <a href=""https://www.google.com"" class=""btn btn-primary"" target=""_blank"">Go to Google</a>

        return Content(html, "text/html");

I've tried playing around with the X-Frame-Options header settings with no success. So far I haven't been able to find an answer in the documentation and I've appreciate any help I could get - please let me know if I'm missing something. The endpoint handling these requests is doing it over https.

Thank you,
Antonio Batinic