Unexpected character ('<' (code 60))

An XPage by default returns its result as text/html despite of what you do in the XPage. If, as the example suggest, you compute JSON (and not HTML looking like JSON), you can overwrite the returned header to application/json. Then add a plugin to Chrome that renders the JSON in the browser so you can check.

What is very well possible: If a server calls Domino, how does it authenticate? When you have session based authentication and it fails, you won't get a 401 back, but the HTML based input form for username/password (Try the page in your browser using an anonymous window).

In the Domino configuration you can specify that a URL can use basic authentication besides the session. Then your server can send https://user:[email protected]/yourdb.nsf/somexpage.xsp to get the result.

So first check: Does your server use a user/pass and does it have sufficient access.