Getting 401 Unauthorized World Check API

sagarmanohara.rao-ext

import requests
import hmac
import hashlib
import base64
import time
import json
import io

null = None
false = None

# To get the GMT time string
dataformat = ("%a, %d %b %Y %H:%M:%S GMT")
datenow = time.gmtime()
date = time.strftime(dataformat, datenow)
print(date)

api_key = "xxxxxxxxxxxxxxxxxxxx"  # Enter your API key
api_secret = "xxxxxxxxxxxxxxxxxxxxxxx"  # Enter your API secret
group_id = "xxxxxxxxxxxxxxxxxxxxxxx"  # Enter your group Id
api_token = api_secret.encode()
path = "https://rms-world-check-one-api-pilot.thomsonreuters.com/v2/cases"
gatewayurl = "/v2/"
gatewayhost = "rms-world-check-one-api-pilot.thomsonreuters.com"
content_type = "application/json"

name1 = "putin"
entity_type = "INDIVIDUAL"
bcontent = "{\n\"secondaryFields\": [],\n  \"entityType\": \"" + entity_type + "\",\n  \"customFields\": [],\n  \"groupId\":\"" + group_id + "\",\n  \"providerTypes\": [\n    \"WATCHLIST\"\n  ],\n  \"name\": \"" + name1 + "\"}"
content = bcontent.encode('utf-8')
length = len(content)
str_length = str(length)

datatosign = "(request-target): post " + gatewayurl + "cases/screeningRequest\n" + \
             "host: " + gatewayhost + "\n" + \
             "date: " + date + "\n" + \
             "content-type: " + content_type + "\n" + \
             "content-length: " + str_length + "\n" + \
             content.decode()

print(datatosign)

byte_datatosign = datatosign.encode()


def hbase(byte_datatosign, api_token):
    encrypt = hmac.new(api_token, byte_datatosign, digestmod=hashlib.sha256)
    digest_maker = encrypt.digest()
    base = base64.b64encode(digest_maker)
    return base.decode()


hmacbase = hbase(byte_datatosign, api_token)
print(hmacbase)

authorisation = "Signature keyId=\"" + api_key + "\"" + ",algorithm=\"hmac-sha256\"" + ",headers=\"(request-target) host date content-type content-length\"" + ",signature=\"" + hmacbase + "\""
print(authorisation)

headers = {

    'Authorization': authorisation,
    'Date': date,
    'Content-Type': content_type,
    'Content-Length': str_length,
    'Accept': "*/*",
    'Cache-Control': "no-cache",
    'Host': "rms-world-check-one-api-pilot.thomsonreuters.com",
    'Accept-Encoding': "gzip, deflate",
    'Connection': "keep-alive",
    'cache-control': "no-cache"
}
print(headers)

try:
    result = requests.request("POST", path, headers=headers, data=content)
    result.raise_for_status()
    print(result.status_code)
    print(result.headers)
    result_json = result.json()

    with io.open("result_json.txt", 'w', encoding="utf-8") as outfile:
        outfile.write(str(json.dumps(result_json, ensure_ascii=False, indent=4)))
    print(result_json)


except requests.exceptions.HTTPError as errh:
    print("Http Error:", errh)
except requests.exceptions.ConnectionError as errc:
    print("Error Connecting:", errc)
except requests.exceptions.Timeout as errt:
    print("Timeout Error:", errt)
except requests.exceptions.RequestException as err:
    print("OOps: Something Else", err)

Mehran.Ahmed Khan

@sagarmanohara.rao-ext

Hi,

I would like to highlight an observation that I made on the path that you have declared in the code i.e "https://rms-world-check-one-api-pilot.thomsonreuters.com/v2/cases" which is for the endpoint to save a case API(async screening) and I also see that in dataToSign section of the code the endpoint declared is of sync screening i.e. "cases/screeningRequest".

There is an obvious discrepancy here and I believe this might be the potential cause for the 401 that you're observing. Please clarify the endpoint that you would like to use i.e. save a case or sync screen a case and make the corrections accordingly under the path and dataToSign section of your code.

Let me know if this solves the issue.

Regards,

Mehran Khan