For a deeper look into our World Check One API, look into:

Overview |  Quickstart |  Documentation |  Downloads

question

Upvotes
Accepted
Diabos avatar image
1 0 0 0

Unathorized reposne to the API request when tries through the .net application, kindly advise

We are trying to generate Authorization Header for API request but having an unathorizes reposne instead.

Find the Script and .Net Code below through which we are trying to request the groups API

Below is JavaScript refence file and the refence code used to implemet the CryptoJS.HmacSHA256 funtion to generate the Signature key value to be passed in Authorization Header

<script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/crypto-js.js"></script>;

function generateAuthHeader(dataToSign) {
var hash = CryptoJS.HmacSHA256(dataToSign, "qgq4/39BA9mar5FKcFkKzRc3E72gGRJ9mb0BJefWja6LEw4CjKh5TBXnO84p8xT+EcvQB2AFNaeO1rpZtGB1NQ==");
return hash.toString(CryptoJS.enc.Base64);
}

function GenerateHeader() {

var date = new Date().toGMTString();

var dataToSign = "(request-target): get /v1/groups\n" +
"host: api-worldcheck.refinitiv.com\n" +
"date: " + date;

var hmac = generateAuthHeader(dataToSign);
var authorisation = "Signature keyId=\"47922b3d-c807-421c-9692-c5f556525a06\",algorithm=\"hmac-sha256\",headers=\"(request-target) host date\",signature=\"" + hmac + "\"";

var CurrentDate = document.getElementById('<%= CurrentDate.ClientID %>');
if (CurrentDate != undefined) if (CurrentDate != null) CurrentDate.value = date;
var Authorization = document.getElementById('<%= Authorization.ClientID %>');
if (Authorization != undefined) if (Authorization != null) Authorization.value = authorisation;

}

we are then using the CurrentDate and Authorization value as being set in above code in the code behind request header as below

var client = new RestClient(); var request = new RestRequest(); IRestResponse response;
client = new RestClient("https://api-worldcheck.refinitiv.com/v1/groups");
client.Timeout = -1;
request = new RestRequest(Method.GET);
request.AddHeader("Date", "Wed, 14 Apr 2021 07:26:40 GMT");
request.AddHeader("Authorization", "Signature keyId=\"47922b3d-c807-421c-9692-c5f556525a06\",algorithm=\"hmac-sha256\",headers=\"(request-target) host date\",signature=\"mLcf0wkQ67lK2BaNRKb+HKk+A2nEhEiJN1jeEEUCoqQ=\"");

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
response = client.Execute(request);


More details on Development enviorement

Microsoft vs 2015 community editon, .net framework 4.8



world-checkworld-check-one
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 5.0 MiB each and 10.0 MiB total.

3 Answers

Upvotes
Accepted
Mehran Khan avatar image
1.1k 3 1 2

@Diabos

Thanks for the information.

If you notice the request and response timestamps the time difference between them is >30 seconds so when the difference is >30 seconds the API would fail with 401 error.

Please make sure your clock is synchronized with NTP

https://time.is/


Retest the API call after synchronizing the time on your machine and let me know if you get a 200 OK response.

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 5.0 MiB each and 10.0 MiB total.

Upvotes
Mehran Khan avatar image
1.1k 3 1 2

@Diabos

Apologies for the delayed response.

401 errors occur because the request has failed an authorization check. This can happen for a variety of reasons, such as

  • An invalid or expired API key
  • An invalid HMAC signature
  • Request timing issue/problem with the Date header value. The API client should ensure a correctly synchronized clock is used to generate request timestamps.
  • Incorrect JSON payload formation at your end can cause them to observe 401 responses.

We will look into the code and get back shortly, we may also have a sample .net code let me try and see if I can get that for you to use as a reference.

Meanwhile, could you also provide the response headers for the failed API call?

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 5.0 MiB each and 10.0 MiB total.

Upvotes
Diabos avatar image
1 0 0 0

@Mehran Khan,

Find the response header for the group API request as requested below.

URL : https://api-worldcheck.refinitiv.com/v1/groups

Request Header

Date : Tue, 20 Apr 2021 05:34:03 GMT

Authorization : Signature keyId=\"47922b3d-c807-421c-9692-c5f556525a06\",algorithm=\"hmac-sha256\",headers=\"(request-target) host date\",signature=\"7rp2BFUu4YkVgepy7q3Zc4p10PXZiAeQ9kKpU2eK+3w=\".


Response Header

{Transfer-Encoding=chunked}

{Connection=keep-alive}

{Strict-Transport-Security=max-age=15552000, includeSubdomains}

{Authorization=WWW-Authenticate: Signature realm="World-Check One API",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length"}

{Date=Tue, 20 Apr 2021 05:35:28 GMT}

StatusCode : Unauthorized




icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 5.0 MiB each and 10.0 MiB total.

Click below to post an Idea Post Idea