| title |
aliases |
tags |
sources |
created |
updated |
| One2Edit API Integration |
|
| one2edit |
| api |
| translation |
| 3m |
| hm |
|
| 01 Projects/3m-portal |
| 01 Projects/hm-o2e-tool |
|
2026-04-15 |
2026-04-15 |
One2Edit API Integration
One2Edit is an online editor/translation platform used by 3M and H&M for marketing document management. Oliver uses it at oliver.one2edit.com.
Key Takeaways
- API endpoint:
https://oliver.one2edit.com/v3/Api.php
- Two auth modes: credential-based (service account) and session-based (externSessionId)
- CORS proxy required — browsers can't call the API directly (same-origin policy)
- The embedded editor uses the One2Edit JS SDK, not REST calls
When to Use
Any client project built on the One2Edit platform (3M, H&M).
Key Details
Two Auth Modes
| Mode |
When |
How |
| Credential |
Fetching job lists |
Username → userId, then externSessionId |
| Session |
Embedded editor |
externSessionId in SDK config |
3M Portal Auth Flow
1. Login: username → POST /Api.php → userId
2. Session: userId → POST /Api.php → externSessionId
3. Dashboard: externSessionId → fetch jobs (STARTED/RUNNING)
4. Editor: externSessionId → init One2Edit JS SDK
CORS Proxy (3M Portal)
// server.js
// All /api/* requests → oliver.one2edit.com/v3/Api.php
// Strips Location headers on 301/302 → returns 401
// Injects CORS headers
// Masks passwords in logs
Service Account
- 3M Portal uses
portal@oliver.agency service account for job listing
- Client users get their own
externSessionId for the embedded editor
Projects Using This Pattern
Gotchas & Lessons
- 301/302 redirects from One2Edit mean auth failure — the Node proxy converts them to 401 to prevent redirect loops in the browser
sessionStorage (not localStorage) — sessions clear on browser close, which is correct for this auth model- H&M O2E tool is static (no backend) — can run without a server for most operations
- The JS SDK for the embedded editor is loaded from One2Edit's CDN — needs
externSessionId at init time
Related
