For a deeper look into our World Check One API, look into:

Overview |  Quickstart |  Documentation |  Downloads

question

Upvotes
Accepted
53 2 4 6

Getting a 401 when "Post"ing a case to the API

First things I want to say our mechanism works for "GET" calls, where we are not submitting data, however on making a POST call using the same hashing routine we have developed, and using the following signature data

(request-target): post /v1/cases 

host: rms-world-check-one-api-pilot.thomsonreuters.com 

date: Wed, 28 Sep 2016 14:26:28 GMT 

content-type: application/json 

content-length: 191

We are not able to authenticate successfully. All we have done is adapted the routine to add the current content type and content length of the request to the hash computation, so the existing working computation should work fine. We have verified that the content type header matches what is submitted (it does) and the content-length header matches what is in the signature and also matches the size of the request body (191 bytes) the API call is posting the correct JSON.

Here are the HTTP headers in question

Request: 

POST /cases 

cache-control: no-cache 

content-type: application/json 

content-length: 191 

authorization: Signature keyId="{key}",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length",signature="{signature}" 

date: Wed, 28 Sep 2016 14:26:28 GMT 

Accept: application/json

Any ideas?

world-checkworld-check-oneauthenticationpostingpostcase
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 5.0 MiB each and 10.0 MiB total.

n addition, we have also verified the hash mechanism generates exactly the same value as Thomson Reuters expect to see on a "GET" call with them supplying a test hash for our unit tests.

Upvotes
Accepted
53 2 4 6

Whoops my bad

Forgot to ensure the actual posted content was included as part of the signature. All works now!

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 5.0 MiB each and 10.0 MiB total.

Upvote
3.1k 16 7 7

Hi @john.crocker,

Thanks for posting this, even though you solved your own issue, it will help others to understand the WC-1 API programming.

Thanks again,

Brian

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 5.0 MiB each and 10.0 MiB total.

Click below to post an Idea Post Idea