For a deeper look into our World Check One API, look into:

Overview |  Quickstart |  Documentation |  Downloads

question

Upvotes
Accepted
18 2 3 8

All the requests were failing with 401 unauthorized after the timezone changes with wc1 API request.

Hi,
for the past week we able to run our code without any issues.
but i came to notice that recently the BST time zone has changed.so when i run this code inorder to retrieve the case template or even for a top level groups i was shockingly stucked by the error 401 unauthorised.
below i am proving my code foe getting the toplevel groups.can you kindly help me ASAP.since we are running in prod.
for getting toplevelgrups i have used the following

DateTime dateValue = DateTime.UtcNow; // get the datetime NOW GMT
string dataToSign = "(request-target): get " + GlobalProperties.GateWayUrl + "groups\n" + "host: " + GlobalProperties.GatewayHost + "\n" + "date: " + dateValue.ToString("R");

DateTime dateValue = DateTime.UtcNow; // get the datetime NOW GMT DateTime localDateTime = DateTime.Now; DateTime utcDateTime = localDateTime.ToUniversalTime(); string nzTimeZoneKey = "GMT Standard Time"; TimeZoneInfo nzTimeZone = TimeZoneInfo.FindSystemTimeZoneById(nzTimeZoneKey); DateTime nzDateTime = TimeZoneInfo.ConvertTimeFromUtc(utcDateTime, nzTimeZone); string authorisation = ""; string hmac = generateAuthHeader(datatoSign, GlobalProperties.APISecret); HttpWebRequest WebReq = (HttpWebRequest)WebRequest.Create(reqEndPoint); WebRequest.DefaultWebProxy.Credentials = CredentialCache.DefaultNetworkCredentials; //using (WebReq as IDisposable) //{ WebReq.Method = methodType; WebReq.Headers.Add("Cache-Control", "no-cache"); WebReq.Date = nzDateTime;

if (methodType == "GET")

{

authorisation = "Signature keyId=\"" + ConfigurationManager.AppSettings["apikey"] + "\",algorithm=\"hmac-sha256\",headers=\"(request-target) host date\",signature=\"" + hmac + "\""; //authorisation = "Signature keyId=\"" + ConfigurationManager.AppSettings["apikey"] + "\",algorithm=\"hmac-sha256\",headers=\"(request-target) host date\",signature=\"" + hmac + "\""; WebReq.Headers.Add("Authorization", authorisation); }

try { using (HttpWebResponse response = (HttpWebResponse)WebReq.GetResponse()) { using (Stream answer = response.GetResponseStream()) { StreamReader _Answer = new StreamReader(answer); dynamic responseData = Newtonsoft.Json.JsonConvert.DeserializeObject(_Answer.ReadToEnd()); answer.Dispose(); answer.Close(); response.Dispose(); response.Close(); return responseData; } } } catch (WebException e) { }

@Irfan.Khan,i have also added the GMT timezone to request header but seems to b not working

Many thanks in advance.

world-checkworld-check-one
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 5.0 MiB each and 10.0 MiB total.

1 Answer

Upvotes
Accepted
4.2k 7 5 6

@manjusha.batchu

I regret to hear that you are unable to connect to WC1 API and are getting a 401.

However, kindly note we do not provide developer support to our client. That being said, if I have request headers you are sending to WC1 API and the response headers you are receiving from WC1 API, I can try to debug this at my end.

401 error means that the request has failed an authorisation check. This can happen for a variety of reasons, such as an invalid or expired API key, an invalid HMAC signature or a request timing issue/problem with the Date header value. The API client should ensure a correctly synchronised clock is used to generate request timestamps.

Please find the sample request and response headers below. They might differ as it depends on which headers you are sending in your request.

Request headers with look like this. You can send this along with the URL you are hitting so that I can know the endpoint you are connecting.

URL:


https://rms-world-check-one-api.thomsonreuters.com/v1/groups

Request Headers:

  • accept:"*/*"
  • accept-encoding:"gzip, deflate"
  • authorization:"Signature keyId="585XXXXXXXXXXXXXXXXX",algorithm="hmac-sha256",headers="(request-target) host date",signature="5N9EoW2lOBz6WhwKjsK11/r4XJqsa9UObcdHjtIdL+Q=""
  • cache-control:"no-cache"
  • date:"Wed, 31 Oct 2018 04:30:56 GMT"
  • host:"rms-world-check-one-api.thomsonreuters.com"
  • postman-token:"fe3797f6-660f-4116-85d6-3f5ba0725c5c"

Response headers would look something like this:

  • cache-control:"no-cache, no-store, max-age=0, must-revalidate"
  • content-type:"application/json;charset=UTF-8"
  • date:"Wed, 31 Oct 2018 04:30:56 GMT"
  • expires:"0"
  • pragma:"no-cache"
  • server:""""
  • transfer-encoding:"chunked"
  • x-application-context:"application"
  • x-content-type-options:"nosniff"
  • x-frame-options:"DENY"
  • x-xss-protection:"1; mode=block
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 5.0 MiB each and 10.0 MiB total.

Click below to post an Idea Post Idea