Hi,We are trying to perform end to end screening via SAP PO. While establishing the connectivity ...

mraffia

Hi,We are trying to perform end to end screening via SAP PO. While establishing the connectivity we are facing 401 unauthorized error.

Mehran.Ahmed Khan

@mraffia,

Thanks for providing the details, the request payload that you're passing is incorrect,the format in which it's being passed is incorrect, you need to define the entityType in the payload and it is a mandatory parameter while screening , I am providing a sample payload for your reference to perform screening, also I notice that few request headers are missing there is no "Date" header and the Content-Length is also missing.Please refer the screenshot attached to check the headers needed to perform screening successfully.Custom fields and secondary fields are optional parameters. screeningheaders.png

{
	"groupId": "{{group-id}}",
	"entityType": "INDIVIDUAL",
	"providerTypes": ["WATCHLIST"],
	"name": "putin",
	"customFields": [],
	"secondaryFields": []
}

Mehran.Ahmed Khan

@mraffia

Hi ,

Can you please provide the complete request & response for the failed case?

mraffia

cusersmraffiadesktop2019-04-11-17-38-07.pngHi Meeran,

we are trying to call this from PO channel, while pinging the channel we are getting the below error.

we have maintained the below entries in HTTP headers.

API key ,authorization, Host, Date,Content-Type

Mehran.Ahmed Khan

@mraffia

I would need the values of the data being passed and response details to investigate this further,

401 errors
occur because the request has failed an authorization check. This can happen
for a variety of reasons, such as

a) An invalid or
expired API key,

b)An invalid HMAC signature.

c) Request timing
issue/problem with the Date header value. The API client should ensure a
correctly synchronized clock is used to generate request timestamps.

d)Incorrect JSON payload formation at the customer’s end that
can cause them to observe 401 response.

mraffia

Hi Meeran,

Below are the parameters which we are sending as part of the HTTP
headers.

api-key: dbb02b7c-2dc8-4c3b-9719-53d3ae329bda

Authorization: Signature keyId="dbb02b7c-2dc8-4c3b-9719-53d3ae329bda",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length",signature="uiDp8S1sKUwXMz7vTCDivTP26wK+xucMkOGjD0ZfFJU="

Please find the request json message attached along.requestmsg.txt

Regards,

Mohammed Raffi

mraffia

Hi Meeran,

Thanks for info, we made the corrections in the json and in
the HTTP headers. We re-syndicated data from SAP PO. It currently fails with
the bad request.

Below is the endpoint url and the corresponding JSON request sent.

https://rms-world-check-one-api-pilot.thomsonreuters.com/v1/cases/screeningRequest

{

"groupId":
"{{0a3687d0-6855-1ac5-9a2d-dc0b00000cd8}}",

"entityType": "INDIVIDUAL",

"providerTypes": [

{

"element": "WATCHLIST"

}

],

"name":
"Putin",

"customFields": [

""

],

"secondaryFields": [

""

]

}

Regards,

Mohammed Raffi

Mehran.Ahmed Khan

@mraffia

Please pass the providerTypes as shown below, you need to remove the element and just pass WATCHLIST. Also kindly remove the double quotes from the custom and secondary fields array and pass them as an empty array.

"providerTypes": ["WATCHLIST"],

mraffia

Hi Mehran,

We made the required changes and re-tested the same, but we
are facing a bad request error while sending the data from SAP PO.

whereas the same data is syndicated via Postman we are able
to response.

Below is the JSON message that was sent.

{

"groupId":
"0a3687d0-6855-1ac5-9a2d-dc0b00000cd8",

"entityType": "INDIVIDUAL",

"providerTypes": [

"WATCHLIST"

],

"name":
"putin",

"customFields": [],

"secondaryFields": []

}

Please find the message logs pic attached.

Mehran.Ahmed Khan

@mraffia

Kindly pass the groupId as "groupId": "0a3687d0-6855-1ac5-9a2d-dc0b00000cd8", instead of "groupId": "{{0a3687d0-6855-1ac5-9a2d-dc0b00000cd8}}" it should work.

mraffia

Hi Meharan,

We are sending the group id without the curly braces, please refer the JSON message provided in the earlier message.

@Mehran.Ahmed Khan

Mehran.Ahmed Khan

@mraffia

Can you please provide me the complete request & response headers i.e. Date, Authorization, content length and content type and also the request again .

We can also get on a quick call to sort this out soon.

mraffia

Hi Mehran,

Mehran.Ahmed Khan

We can have a quick call tomorrow at any time feasible for you. Please send out an invite to the email id: mraffia@deloitte.com.

Regards,

Mohammed Raffi

Mehran.Ahmed Khan

@mraffia

Tomorrow is a non working day for us , i will send an invite for friday and we will take it from there

mraffia

Hi @Mehran.Ahmed Khan

Please send an invite for Friday.Thanks.

Mehran.Ahmed Khan

@mraffia

I have sent out an invite for 3PM IST today

Thanks

Mehran.Ahmed Khan

The issue is resolved. The root cause was that a few request parameters were missing while sending the request to World-Check one.

prasannagm08

I am also facing the same 401 authorization issue, please help me @Mehran.Ahmed Khan @mraffia

below are the request parameters I have configured.

Authorization:Signature keyId="api_key",algorithm="hmac-sha256",headers="(request-target) host date content-type",signature="PzgYT2oV2kRUNtub3PXFlSDKeB7jKQqqFZPw8tSP0yA="

Host:rms-world-check-one-api-pilot.thomsonreuters.com

Date;Thu, 07 Jan 2021 06:48:44 GMT

Content-Type;application/json

Prabhjyot

https://community.developers.refinitiv.com/discussion/comment/71477#Comment_71477

@prasannagm08,

I have dropped you an email. Please revert back with the requested details.