(401) Unauthorized Screen a case API using c#

Options
hitham.dawod0
hitham.dawod0 Newcomer
in World-Check One

when calling the API from postman will execute without any problem but when calling it from C# code

I get the error "'The remote server returned an error: (401) Unauthorized.'"


string gatewayurl = "/v2/";

string gatewayhost = "rms-world-check-one-api-pilot.thomsonreuters.com";

// Here is where you enter your api keys


string requestendpoint = "https://rms-world-check-one-api-pilot.thomsonreuters.com/v2/cases/"+ caseid + "/screeningRequest";



// Assemble the POST request - NOTE every character including spaces have to be EXACT

// for the API server to decode the authorization signature

string dataToSign = "(request-target): post " + gatewayurl + "cases/" + caseid + "/screeningRequest\n" +

"host: " + gatewayhost + "\n" + // no https only the host name

"date: " + date; // GMT date as a string


Console.WriteLine("---api secret---");

Console.WriteLine(apisecret);

Console.WriteLine("---dataToSign---");

Console.WriteLine(dataToSign);

Console.WriteLine("string hmac = generateAuthHeader(dataToSign, apisecret);");

// The Request and API secret are now combined and encrypted

string hmac = generateAuthHeader(dataToSign, apisecret);


// Assemble the authorization string - This needs to match the dataToSign elements

// i.e. requires host date content-type content-length

//- NOTE every character including spaces have to be EXACT else decryption will fail with 401 Unauthorized

string authorisation = "Signature keyId=\"" + apikey + "\",algorithm=\"hmac-sha256\",headers=\"(request-target) host date content-type content-length\",signature=\"" + hmac + "\"";




Console.WriteLine("---Hmac---");

Console.WriteLine(hmac);

//Console.WriteLine(authorisation);


// Send the Request to the API server

HttpWebRequest WebReq = (HttpWebRequest)WebRequest.Create(requestendpoint);

// Set the Headers

WebReq.Method = "POST";

WebReq.Headers.Add("Authorization", authorisation);

WebReq.Headers.Add("Cache-Control", "no-cache");

// WebReq.ContentLength = msg.Length;

WebReq.Date = dateValue; // use datetime value GMT time

// Set the content type of the data being posted.

// WebReq.ContentType = "application/json";

// WebReq.ContentLength = byte1.Length;


Stream newStream = WebReq.GetRequestStream();

// newStream.Write(byte1, 0, byte1.Length);


// Get the Response - Status OK

HttpWebResponse WebResp = (HttpWebResponse)WebReq.GetResponse();




Tagged:

Best Answer

  • Prabhjyot
    Prabhjyot LSEG
    Answer ✓

    @hitham.dawod0,

    Thanks for your query.

    Please see the observations below -

    1. string requestendpoint = "https://rms-world-check-one-api-pilot.thomsonreuters.com/v2/cases/";+ caseid + "/screeningRequest"; - It will be caseSystemId instead of caseId

    2. string dataToSign = "(request-target): post " + gatewayurl + "cases/" + caseid + "/screeningRequest\n" +

    "host: " + gatewayhost + "\n" + // no https only the host name

    "date: " + date; // GMT date as a string - It will be caseSystemId instead of caseId.

    If you are still getting error 401 after making the above changes, please provide us the request and the response headers of the failed api call to investigate further.

    Also, are getting a successful response after firing a GET Top level groups api call? Endpoint - /v2/groups

Answers

Categories