I am working on calling the World Check One API from ServiceNow

vcarlisle

I am able to access the API from Postman successfully.
When attempting to make the same call from ServiceNow I get a 401 error.

Code
Code to generate header in ServiceNow:

getSimpleScreeningRequestAuthHeader : function(dateSent,payload){
        var contentLength = unescape(encodeURIComponent(payload)).length,
            environment = {
                "gateway-url": gs.getProperty('x_525112_refinitiv.refinitiv.gateway_url'),
                "gateway-host": gs.getProperty('x_525112_refinitiv.refinitiv.gateway_host'),
                "content": "application/json",
                "api-key": gs.getProperty('x_525112_refinitiv.refinitiv.api_key')
            },
            dataToHash = "(request-target): post " + environment["gateway-url"] + "cases/screeningRequest\n" +
                "host: " + environment["gateway-host"] + "\n" +
                "date: " + dateSent + "\n" +
                "content-type: " + environment["content"] + "\n" +
                "content-length: " + contentLength + "\n" +
                payload,
            hmac = this._generateHash(dataToHash),
            authHeader = "Signature keyId=\"" + environment["api-key"] + "\",algorithm=\"hmac-sha256\",headers=\"(request-target) host date content-type content-length\",signature=\"" + hmac + "\"";
        var debug = {
            "environmet": environment,
            "dataToHash": dataToHash,
            "hmac": hmac
        };
        gs.info('test this - script include debug: ' +JSON.stringify(debug));
        
        return authHeader;
    },
    
    _generateHash : function(dataToHash){
        var hmacUtil = new x_525112_cryptojs.CryptoJS_Wrapper(),
            secret = gs.getProperty('x_525112_refinitiv.refinitiv.api_secret'),
            hash = hmacUtil.HmacSHA256(dataToHash, secret);
        return hmacUtil.convertToBase64(hash);
        //return gs.base64Encode(hash)
    }

**payload is the body of the REST message

Code to make the call

var dateToday  = new Date().toGMTString(),
    restBody = {
    "groupId": "****", (group id removed for security, have verified it matches Postman)
    "entityType": "UNSPECIFIED",
    "caseId": "",
    "providerTypes": [
        "WATCHLIST"
    ],
    "caseScreeningState": {
        "WATCHLIST": "INITIAL"
    },
    "name": "John Smith",
    "nameTransposition": false,
    "secondaryFields": [],
    "customFields": []
},
    authHeaderString = new x_525112_refinitiv.refinitivWCUtils().getSimpleScreeningRequestAuthHeader(dateToday,JSON.stringify(restBody));

try { 
    var endPoint = gs.getProperty('x_525112_refinitiv.refinitiv.gateway_host') + gs.getProperty('x_525112_refinitiv.refinitiv.gateway_url'),
    contentLength = unescape(encodeURIComponent(restBody)).length,
    r = new sn_ws.RESTMessageV2('x_525112_refinitiv.refinitiv_world_check', 'SEQ-screen-sync-simple');
    r.setStringParameterNoEscape('authorizarionString', authHeaderString);
    r.setStringParameterNoEscape('currentDate', dateToday);
    r.setStringParameterNoEscape('endPoint', endPoint);
    r.setStringParameterNoEscape('contentLength', contentLength);
    r.setStringParameter('payload', restBody);

    var response = r.execute();
    var responseBody = response.getBody();
    var httpStatus = response.getStatusCode();

    var debug = {
        "date": dateToday,
        "endPoint": endPoint,
        "httpStatus": httpStatus
    }
    gs.print(JSON.stringify(debug));
    gs.print('authHeaderString is: ' + authHeaderString);

}
catch(ex) {
    var message = ex.message;
    gs.print('error caught, message: ' + message);
}

Debug & gs.print information returned after making the REST call

var scriptIncludeDebug= {
    "environmet": {
      "gateway-url": "/v2/",
      "gateway-host": "api-worldcheck.refinitiv.com",
      "content": "application/json",
      "api-key": "*****" (key removed for security, have verified it matches Postman)
    },
    "dataToHash": "(request-target): post /v2/cases/screeningRequest\nhost: api-worldcheck.refinitiv.com\ndate: Fri, 18 Mar 2022 14:57:35 GMT\ncontent-type: application/json\ncontent-length: 238\n{\"groupId\":\"******\",\"entityType\":\"UNSPECIFIED\",\"caseId\":\"\",\"providorTypes\":[\"WACHTLIST\"],\"caseScreeningState\":{\"WATCHLIST\":\"INITIAL\"},\"name\":\"John Smith\",\"nameTransposition\":false,\"secondaryFields\":[],\"customFields\":[]}", (group id removed for security, have verified it matches Postman)
    "hmac": "6kVaZfQIuChZ2dldnrHrrYv9McZOPjSMRdAXvZhAlzw="
},
bgScriptDebug = {
    "date": "Fri, 18 Mar 2022 14:57:35 GMT",
    "endPoint": "api-worldcheck.refinitiv.com/v2/",
    "httpStatus": 401
}

(keyID removed for security, have verified it matches Postman and in both Signatures)
var SNC = ' Signature keyId="******",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length",signature="6kVaZfQIuChZ2dldnrHrrYv9McZOPjSMRdAXvZhAlzw=" '
var PMN = ' Signature keyId="******",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length",signature="M8CoTayADFfsJFU8kL1MO5FGv/kmLPedsh/E+rRHbc8=" '

I have verified the server date/time is within 30 seconds of https://time.is

Any help you can offer would be greatly appreciated.

Vivek Kumar Singh

Hi @vcarlisle

We would like you to please utilize the some of the sample codes available on the https://developers.refinitiv.com/en/api-catalog/customer-and-third-party-screening/world-check-one-api/downloads

Please check and let us know if you still need our assistance.

Thanks

Vivek Kumar Singh

Vivek Kumar Singh

Hi @vcarlisle

Thanks for your email!

Please allow us to validate the details, will get back to you ASAP.

Thanks
Vivek Kumar Singh

vcarlisle

@Vivek Kumar Singh thanks, I look forward to hearing from you. Let me know if you want to meet up so we can step through what I am doing or if there are any questions I can answer here.

vcarlisle

For anyone facing the issue, the suggested documentation didn't really help solve the issue. For us it turned out to be an issue with the message body, even copying/pasting it from the Postman files directly to the ServiceNow script we were experiencing a variance between the calculated length that Postman provided and the length in ServiceNow. By using JSON.strignify(restbody, null, 4) we were able to resolve the variance. Our best guess is that even though we were using JSON.stringify(restbody) it was sending the body as an unformatted (lacking spaces) string and that was causing the issue. Also, when passed as a parameter in the ServiceNow REST message function, the REST body must be set to "setStringParameterNoEscape()".

mohammedabdul.azeem

Hi @vcarlisle ,

Could you please send the Crryptojswrapper script include it would be helpful for me in testing this api from servicenow?

mohammedabdul.azeem

Hi @vcarlisle ,

Could you please send the Crryptojswrapper script include it would be helpful for me in testing this api from servicenow?

Merit71

Hi @vcarlisle  , @mohammedabdul.azeem

Did you get answer to your issue? I am also connecting via ServiceNow and getting 401 error.

Did you get 'CryptoJS_Wrapper script include? Also Which Class/function in ServiceNow used to generate HMAC?

ram.nitish

Hi @Merit71,

Thank you for the follow-up. We currently do not have available JavaScript code for cryptographic operations. If you require further assistance with understanding why your API request is failing with a 401 error, please provide us with the complete request and response details via email (Please provide your email ID).

Additionally, you may refer to the documentation available at this link for guidance on invoking requests to the WC1 API.

Thanks,
Ram.