For a deeper look into our World Check One API, look into:

Overview |  Quickstart |  Documentation |  Downloads

question

Upvotes
Accepted
18 2 3 8

Screening a case Results 401 unauthorised

Hi,
i am screening a case after creating in WCO portal with my console application. few times i am able to screen but most of the times it results in unauthorised exception.}
in my code i haven't added the content length as header. but still i am gettng the error.
could you please help me out in this.

world-checkworld-check-one
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 5.0 MiB each and 10.0 MiB total.

Upvote
Accepted
4.2k 7 5 6

@manjusha.batchu

401 errors is because the request has failed an authorisation check. This can happen for a variety of reasons, such as an invalid or expired API key, an invalid HMAC signature or a request timing issue/problem with the Date header value. The API client should ensure a correctly synchronised clock is used to generate request timestamps.

Request you to kindly provide us the request and the response headers for the failed request so that I can investigate this. Kindly mask or remove the API key before posting the requested info.

Also, can you kindly check if the HMAC generated is correct.

Kindly note the value of the dataToSign variable should be in the below format:

(request-target): get /v1/cases/0a3687d0-65b4-1321-999a-06c800262e8a/results
host: rms-world-check-one-api-pilot.thomsonreuters.com
date: Fri, 12 Oct 2018 11:50:34 GMT

Here, 0a3687d0-65b4-1321-999a-06c800262e8a is the case system Id.

Also, the auth headers should be in the below format.

Authorization': "Signature keyId="XXX{
                {API-KEY}}XXXXXX",algorithm="hmac-sha256",headers="(request-target) host date",signature="aOmw1AJNPd1Px0nHsT/wcLoVvHL9eXhWeIP9bpz33RU="
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 5.0 MiB each and 10.0 MiB total.

Upvotes
18 2 3 8

Hi @Irfan.Khan

I am using the datatosign as

var dataToSign = "(request-target): post " + GlobalProperties.GateWayUrl + "cases/" + CaseSystemId + "/screeningRequest\n" +"host: " + GlobalProperties.GatewayHost + "\n" +"date: " + dateValue.ToString("R"); accordingly in postman application
whereas the quthorosation header is

var authorisation = "Signature keyId=\"" + GlobalProperties.APIKey + "\",algorithm=\"hmac-sha256\",headers=\"(request-target) host date\",signature=\"" + hmac + "\"";

kindly help me in this.as I am following the headers in postman application.

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 5.0 MiB each and 10.0 MiB total.

Upvotes
4.2k 7 5 6

@manjusha.batchu

Can you send me the response header and request header of the failed request so that I can have a look at it?

Also, can you check the time stamp on both the response header and the request header to know if they are in sync.

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 5.0 MiB each and 10.0 MiB total.

Upvotes
18 2 3 8

@Irfan.Khan
here I ama providing the code I have used in my application which was failing.


Request and Response Headers for screening a case

var dataToSign = "(request-target): post " + GlobalProperties.GateWayUrl + "cases/" + CaseSystemId + "/screeningRequest\n" +
"host: " + GlobalProperties.GatewayHost + "\n" +
"date: " + dateValue.ToString("R");
DateTime dateValue = DateTime.UtcNow;
string authorisation = "";
string hmac = generateAuthHeader(datatoSign, GlobalProperties.APISecret);
HttpWebRequest WebReq = (HttpWebRequest)WebRequest.Create(reqEndPoint);
WebRequest.DefaultWebProxy.Credentials = CredentialCache.DefaultNetworkCredentials;
using (WebReq as IDisposable)
{
WebReq.Method = "POST";
WebReq.Headers.Add("Cache-Control", "no-cache");
WebReq.Date = dateValue;
authorisation = "Signature keyId=\"" + GlobalProperties.APIKey + "\",algorithm=\"hmac-sha256\",headers=\"(request-target) host date\",signature=\"" + hmac + "\"";
WebReq.Headers.Add("Authorization", authorisation);
}

try
{
using (HttpWebResponse response = (HttpWebResponse)WebReq.GetResponse())
{
using (Stream answer = response.GetResponseStream())
{
StreamReader _Answer = new StreamReader(answer);
dynamic responseData = Newtonsoft.Json.JsonConvert.DeserializeObject(_Answer.ReadToEnd());
answer.Dispose(); answer.Close();
response.Dispose(); response.Close();
return responseData;

}
}
}
catch (WebException e)
{
FileHelper.Logger(FileHelper.LogType.ERROR, e.Message, "WCO_");
FileHelper.Logger(FileHelper.LogType.ERROR, e.StackTrace, "WCO_");
if (e.Status == WebExceptionStatus.Timeout)
{
// Handle timeout exception
}
else
{
}
}

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 5.0 MiB each and 10.0 MiB total.

@manjusha.batchu

I would need the actual response headers received and the request headers sent to see if the request is being sent correctly.

In the mean time, I would check if the code provided is correct.

@manjusha.batchu

I have checked the code and it appears to be correct.

This can be a time stamp mismatch issue?

Can you compare the date header value being sent and the date header value being received(as a response header)?

Also, please log the request headers being sent and the response headers being received for the failed call and send it to me for investigation.

Upvotes
4.2k 7 5 6

@manjusha.batchu

Following up to see if the issue still persists.

Kindly provide me the actual logged response header being received and the request header being sent to the WC1 server so that I can assist you.

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 5.0 MiB each and 10.0 MiB total.

Click below to post an Idea Post Idea