APEX dynamic action:

Execute sql:

select server_link into :P206_CTSPEC_TOKEN_URL from sys_servers where server_type='CTSPEC TOKEN';

Result:

https://cloud.ctspec.com/Manage/SingleUseToken?cloud_id=1&client_id=TORONTO&client_secret=sefKuBZ7dhdsvvAs


select server_link into :P206_CTSPEC_INSPECTION_URL from sys_servers where server_type='CTSPEC INSPECTIONS';

Result:

https://cloud.ctspec.com/ViewInterventions/WorkOrder?value=&1&client_name=Toronto+Water+Services&cloud_id=1&token=&2

Javascript:

var ourRequest = new XMLHttpRequest();
ourRequest.open('POST', $v('P206_CTSPEC_TOKEN_URL'));
//g_ctspec_hit_cnt = g_ctspec_hit_cnt + 1;
//alert(ctspec_hit_cnt);
ourRequest.onload = function() {
  if (ourRequest.status >= 200 && ourRequest.status < 400) {
    //var url=($v("P206_CTSPEC_INSPECTION_URL").replace("&1",$v("P206_GROUP_ID"))).replace("&2",JSON.parse(ourRequest.responseText).Result);
    var url=($v("P206_CTSPEC_INSPECTION_URL").replace("&1","78134")).replace("&2",JSON.parse(ourRequest.responseText).Result);
    javascript:g_winid = window.open(url);
    //g_winid = window.open(url);
    console.log("url(1)="+ url);
    console.log("g_winid(1)="+ g_winid);
    console.log("g_ctspec_hit_cnt(1)="+ g_ctspec_hit_cnt);
    /*if(g_ctspec_hit_cnt===1) 
    {
        console.log("first time");
        g_ctspec_hit_cnt = g_ctspec_hit_cnt + 1;
        setTimeout(function() {g_winid.close(); $("#ctspec_launch").click();},1000);
    }*/
  } 
    else {
            console.log("We connected to the server, but it returned an error.");
        }
    };


ourRequest.onerror = function() {
  alert("If you have installed ALLOW CORS on your browser, please make sure it is ON!");
};

ourRequest.send();