World Check One API Case Screening 401 Unauthorized.

Hi,
Trying to call the initial screening method in C# but failed. So far I am able to call other GET and POST request like create case, retrieve results by case ID and retrieve profile so I believe the hash function should work.
Error message
The remote server returned an error: (401) Unauthorized.
Data to Sign
(request-target): post /v1/cases/0a3687cf-611f-1b89-9879-5ac3001512ed/screeningRequest
host: rms-world-check-one-api-pilot.thomsonreuters.com
date: Fri, 02 Mar 2018 07:07:56 GMT
content-type: application/json
content-length: 0
Authorization header
Signature keyId="0b9f66af-04f0-413f-aae7-b4ea74bf97db",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length",signature="buACKiUSn0QciQtpSL0bfdFXxGIy/txpL17Y9hb9dMM="
Appreciate for the help!
Best Answer
-
Hello @cliff.ching ,
As the "SEQ-4a: Screen a case" calling the endpoint "screeningRequest" does not have a body in its request, so I think you should not include "content-type" and "content-length" in the "datatoSign" string object and in the authorization header.
I am writing a code snippet below. Can you please re code your script similar to the below snippet and let me know if it works.
string dataToSign = "(request-target): post " + gatewayurl + "groups\n" + "host: " + gatewayhost + "\n" + // no https only the host name
"date: " + date; // GMT date as a stringstring hmac = generateAuthHeader(dataToSign, apisecret);
string authorisation = "Signature keyId=\"" + apikey + "\",algorithm=\"hmac-sha256\",headers=\"(request-target) host date\",signature=\"" + hmac + "\"";
The WCI API post requests like "SEQ-2b: Save a very simple case" has a body and hence you should include "content-type" and "content-length" in both "data to sign" headers but not in "SEQ-4a: Screen a case".
For knowing what kind of data to send in which request, I strongly recommend you to install native Postman. Then download our Postman collections from the developer community "Download Section" and import it to Postman and fire APIs from it to understand how Postman sends data to the WC1 API. You can also generate the code in your preferred language in Postman which can help you to write better code to achieve your use case.
You can download Postman Collections from the link below. You have to use your dev com log in credentials to view the page.
Kindly let me if your code is working after making the mentioned amendments.
Thanks,
Irfan Khan
0
Answers
-
Works! Thanks a lot!
0
Categories
- All Categories
- 3 Polls
- 6 AHS
- 36 Alpha
- 166 App Studio
- 6 Block Chain
- 4 Bot Platform
- 18 Connected Risk APIs
- 47 Data Fusion
- 34 Data Model Discovery
- 695 Datastream
- 1.5K DSS
- 631 Eikon COM
- 5.2K Eikon Data APIs
- 12 Electronic Trading
- 1 Generic FIX
- 7 Local Bank Node API
- 4 Trading API
- 2.9K Elektron
- 1.4K EMA
- 255 ETA
- 562 WebSocket API
- 39 FX Venues
- 15 FX Market Data
- 1 FX Post Trade
- 1 FX Trading - Matching
- 12 FX Trading – RFQ Maker
- 5 Intelligent Tagging
- 2 Legal One
- 25 Messenger Bot
- 3 Messenger Side by Side
- 9 ONESOURCE
- 7 Indirect Tax
- 60 Open Calais
- 281 Open PermID
- 46 Entity Search
- 2 Org ID
- 1 PAM
- PAM - Logging
- 6 Product Insight
- Project Tracking
- ProView
- ProView Internal
- 23 RDMS
- 2K Refinitiv Data Platform
- 736 Refinitiv Data Platform Libraries
- 4 LSEG Due Diligence
- LSEG Due Diligence Portal API
- 4 Refinitiv Due Dilligence Centre
- Rose's Space
- 1.2K Screening
- 18 Qual-ID API
- 13 Screening Deployed
- 23 Screening Online
- 12 World-Check Customer Risk Screener
- 1K World-Check One
- 46 World-Check One Zero Footprint
- 45 Side by Side Integration API
- 2 Test Space
- 3 Thomson One Smart
- 10 TR Knowledge Graph
- 151 Transactions
- 143 REDI API
- 1.8K TREP APIs
- 4 CAT
- 27 DACS Station
- 121 Open DACS
- 1.1K RFA
- 106 UPA
- 194 TREP Infrastructure
- 229 TRKD
- 918 TRTH
- 5 Velocity Analytics
- 9 Wealth Management Web Services
- 96 Workspace SDK
- 11 Element Framework
- 5 Grid
- 19 World-Check Data File
- 1 Yield Book Analytics
- 48 中文论坛