We hoped that we can get to work on the related Feature Request in January
http://discuss.bitrise.io/t/bitrise-api/37
But right now it seems we might have to delay it a bit, until early February (most likely).
So, in the meantime I’ll try to at least tweak the Build Trigger API (the “start.json API” 
) to have Access-Control-Allow-Origin enabled - bumped it on my own task list