For a deeper look into our World Check One API, look into:

Overview |  Quickstart |  Documentation |  Downloads

question

Upvotes
Accepted
32 4 6 11

World Check One API Case Screening 401 Unauthorized.

Hello,
I am creating a screening app in C# using the code snippet downloaded from Code Examples. When I try to use my API Key I am getting 401 error.

Error message
The remote server returned an error: (401) Unauthorized.
Data to Sign
(

(request-target): post /v1/cases
host: rms-world-check-one-api-pilot.thomsonreuters.com
date: Thu, 09 Aug 2018 13:44:45 GMT
content-type: application/json
content-length: 122
{"entityType":"INDIVIDUAL","groupId":"0a3687d0-64a6-1d01-9945-11b100000dfc","providerTypes":["WATCHLIST"],"name":"putin"}


Authorization header

Signature keyId="XXXXXXXXXXXXXXXXXXXXXXXXXXX",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length",signature="RFA1OrzVIoACPV6uLxhQildTBNhjOVxtGhxt2iiQxcw="


Appreciate for the help!

world-checkworld-check-one
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 5.0 MiB each and 10.0 MiB total.

@ziad.abourizk

Can you please remove or mask the API key from the post?

I have made the question private for the moment. I will make it public as soon as you have removed the API key.

Updates to follow in regard to the error.

Upvotes
Accepted
4.5k 4 7 8

@ziad.abourizk,

As per the below link your current issue is resolved. Can you please accept this answer, so that the same is verified?

Link -

https://community.developers.refinitiv.com/questions/30738/world-check-one-api-case-screening-401-unauthorize-2.html?childToView=30756#answer-30756

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 5.0 MiB each and 10.0 MiB total.

Upvotes
4.5k 4 7 8

@ziad.abourizk,

From the above provided information, the content length being generated for the below string is 122. However, on investigating further the actal content length seems to be 121.

{"entityType":"INDIVIDUAL","groupId":"0a3687d0-64a6-1d01-9945-11b100000dfc","providerTypes":["WATCHLIST"],"name":"putin"}

Secondly, can you please check the HMAC signature which is being generated using the postman is same as the one being generated from your code for the same timestamp?

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 5.0 MiB each and 10.0 MiB total.

Upvotes
32 4 6 11

Hello @Prabhjyot.Mandla

I tried postman and c# code with same timestamp. The HMAC signature key is different.

Please see the details here.

Postman
var settings = {
"async": true,
"crossDomain": true,
"url": "https://rms-world-check-one-api-pilot.thomsonreuters.com/v1/cases/screeningRequest",
"method": "POST",

"headers": {
"Date": "Sun, 12 Aug 2018 05:43:03 GMT",
"Authorization": "Signature keyId=\\\"XXXXXXXXXXXXXXXXXXXXXXXXXXX\\\",algorithm=\\\"hmac-sha256\\\",
headers=\\\"(request-target) host date content-type content-length\\\",signature=\\\"meuBzTyEuRjycW4Yh0/Gm0tm1un048HevwjfLVF607c=\\\"",

"Content-Length": "146",
"Content-Type": "application/json",
"Cache-Control": "no-cache",
"Postman-Token": "90a4d123-6f41-4b66-a0ba-6907745068e9"
},

"processData": false,
"data": "{\n \"groupId\":\"0a3687d0-64a6-1d01-9945-119200000daf\",\n \"entityType\": \"INDIVIDUAL\",\n \"providerTypes\": [\n \"WATCHLIST\"\n ],\n \"name\": \"Bashar\"\n}"
}


my C# code

(request-target): post /v1/cases
host: rms-world-check-one-api-pilot.thomsonreuters.com
date: Sun, 12 Aug 2018 05:43:03 GMT
content-type: application/json
content-length: 122
{"entityType":"INDIVIDUAL","groupId":"0a3687d0-64a6-1d01-9945-11b100000dfc","providerTypes":["WATCHLIST"],"name":"Bashar"}
Signature keyId="XXXXXXXXXXXXXXXXXXXXXXXXXXX",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length",signature="w7zZZ8lWk+r+MMXV1H8xKUhVsQn9tw4/NUFpZ79v2Hs="

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 5.0 MiB each and 10.0 MiB total.

Click below to post an Idea Post Idea