Lightning Components Developer's Guide

Introducing the Lightning Component Framework
Quick Start
Creating Components
Working with UI Components
Using Expressions
Supporting Accessibility
Communicating with Events
Creating Apps
App Overview
Designing App UI
Creating App Templates
Content Security Policy Overview
Styling Apps
Using JavaScript
Accessing the DOM
Using External JavaScript Libraries
Working with Attribute Values in JavaScript
Working with a Component Body in JavaScript
Sharing JavaScript Code in a Component Bundle
Client-Side Rendering to the DOM
Modifying Components Outside the Framework Lifecycle
Validating Fields
Throwing and Handling Errors
Calling Component Methods
Making API Calls
JavaScript Cookbook
Using Apex
Using Object-Oriented Development
Using the AppCache
Controlling Access
Distributing Applications and Components
Debugging
Reference
PDF

Newer Version Available

This content describes an older version of this product. View Latest

Making API Calls

You can’t make API calls from client-side code. Make API calls, including Salesforce API calls, from server-side controllers instead.

The framework uses Content Security Policy (CSP) to control the source of content that can be loaded on a page. Lightning apps are served from a different domain than Salesforce APIs so the CSP doesn’t allow API calls from JavaScript code.

For information about making API calls from server-side controllers, see Making API Calls from Apex.