WEBSOCKET ISSUE

cliffordmarshall.ablaza

HI Team,

I have a client who raised a case about Websocket API, and using C# language via Windows. The client has stated:

"I’ve managed to move a step forward with WebSockets tests – using the client ID we’ve set up during our call I’m able now to authenticate on https://api.refinitiv.com:443/auth/oauth2/v1/token

And I’m getting a bearer and refresh tokens on the response.

Trying to follow the quick start tutorials, I’m required to make a service discovery call as a next step.

For this, I’m using your C# example from there

https://github.com/Refinitiv/websocket-api/tree/master/Applications/Examples/RDP/CSharp/MarketPriceRdpGwServiceDiscoveryExample

This example starts with authentication request (which works, I’m receiving the authentication tokens), but the follow up service discovery call to

https://api.refinitiv.com/streaming/pricing/v1/

fails with (403) forbidden.

This call uses the bearer token I’m getting in authentication response, which seems ok, so I have a problem understanding what I may be doing wrong."

Please assist.

Gurpreet

Hi @cliffordmarshall.ablaza01 ,

If the authentication succeeds, but the pricing endpoints fail with 403, it implies that the user does not have the right entitlements to access this service. They need to be permissioned for RTO. Please have their account manager check/enable their credentials for right access.

The token response includes a JSON parameter called scope. The scope must include "trapi.streaming.pricing.read" as one of the scopes.

PS: This is not a DSS issue, and so I am moving it to appropriate forum.

mateusz.maj

https://community.developers.refinitiv.com/discussion/comment/96282#Comment_96282

Hi, thank you for this comment - just to clarify - I'm getting forbidden response while trying to call the service discovery endpoint at:

https://api.refinitiv.com/streaming/pricing/v1/

so I'm at the point where I haven't got an appropriate pricing endpoint yet (at least I understand the service discovery call should respond with one).

Also, in my case, the token response doesn't contain a value for the scope parameter (scope key is returned along with an empty value), in case that matters. I'm getting bearer and refresh tokens though.

wasin.w

Hello @mateusz.maj @cliffordmarshall.ablaza01

This seems to be a permission issue.

Could you please try to test your RTO credential with the following cURL command for the access token?

curl --location --request POST 'https://api.refinitiv.com/auth/oauth2/v1/token'; \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Bearer ' \
--data-urlencode 'username=<Machine ID>' \
--data-urlencode 'password=<Password>' \
--data-urlencode 'grant_type=password' \
--data-urlencode 'scope=trapi' \
--data-urlencode 'takeExclusiveSignOnControl=true' \
--data-urlencode 'client_id=<App Key>'

Then copy the return access token, and then try the following cURL command for the Service Discovery Endpoint

curl --location --request GET 'https://api.refinitiv.com/streaming/pricing/v1/'; \
--header 'Accept: application/json' \
--header 'Authorization: Bearer <access token>'

Please verify if:

1. The return data from the first cURL command contains scope information
2. The second cURL command returns a list of endpoints

If not, I highly recommend you contact your Account Manager/Representative to verify the Machine-ID permission.

mateusz.maj

https://community.developers.refinitiv.com/discussion/comment/96743#Comment_96743

Hi @wasin.w

Thank you for commenting. I've verified what you suggested:

The return data from the first cURL command contains scope information

Yes - the return data from the first cURL command contains a list of scopes.

The second cURL command returns a list of endpoints

No - the Service Discovery request doesn't return a list of endpoints. I'm getting Forbidden response there.

So yes, it probably seems to be a permission issue.