There are a few things you need to know about using our REST api from a host other than Mango.
You will need to setup the CORS filter to allow cross site requests into Mango. You will need to allow all the various headers that you want to use. Checkout the classes/mangoApiHeaders.properties and the web/dox folder to see how the override-web.xml file should work. Be careful as the early releases of 2.6.0 beta have this filed named web-override.xml (which is wrong).
You will need to use the REST api to login to Mango via your remote server and then retain the session cookie to pass back to mango on any future requests.
Be sure to include the password header in the CORS configuration as you will most likely need to use this to login.
In the future we are planning to use OAUTH but this has not been a high priority for us yet.