Receiving Error Code 401 when trying to post a case.

When trying to post a case using my own API key and secret I'm receiving error code 401 everytime. I'm using the sample code provided in the C# example for the generateAuthHeader function, and have been able to call GET requests without issue.
The string I'm using for my content is:
{\"secondaryFields\":[],\"entityType\":\"INDIVIDUAL\",\"customFields\":[],\"groupId\":\"" + GroupId + "\",\"providerTypes\":[\"WATCHLIST\"],\"name\":\"乔治布什\"} with GroupId being replaced with ''.
My Data To Sign is formatted as follows:
(request-target): post /v1/cases
host: rms-world-check-one-api-pilot.thomsonreuters.com
date: Tue, 03 Jul 2018 12:59:32 GMT
content-type: application/json
content-length: 167
{"secondaryFields":[],"entityType":"INDIVIDUAL","customFields":[],"groupId":"0a3687cf-63f9-125f-9904-7a1500000298","providerTypes":["WATCHLIST"],"name":"乔治布什"}
Is there something I'm missing?
For reference, below is the .Net code that I'm using to generate the hmac:
public static string generateAuthHeader(string dataToSign, string apisecret)
{
byte[] secretKey = Encoding.UTF8.GetBytes(apisecret);
HMACSHA256 hmac = new HMACSHA256(secretKey);
hmac.Initialize();
byte[] bytes = Encoding.UTF8.GetBytes(dataToSign);
byte[] rawHmac = hmac.ComputeHash(bytes);
Console.WriteLine("---rawHmac---");
string hex = BitConverter.ToString(rawHmac).Replace("-", "");
Console.WriteLine(hex);
return (Convert.ToBase64String(rawHmac));
}
Best Answer
-
I have checked the HMAC code you are using to create the encrypted signature and it appears to be correct.
The headers and the content-length you are using is correct too.
Kindly check the "date header value" you are sending in the request and see if it is in sync with the reponse date header value and the NTP. If the date header value is not in sync or accurate, that can be the reason for the 401 error.
Please provide me the response headers that is being returned after you encounter a 401 status code so that I can debug this further.
Also, please send me the authorization header you are sending (you can fade out the API secret but I would like to look at the signature).You can check if the HMAC signature being genrated is correct or not by sending the same request using Postman. For this, you have to use the same date header value (you sent to WC1 API and received a 401 error) in the pre request script of Postman and send the request. Obviously, the request will fail but this will still generate the signature and you can view it by clicking on code. Kindly compare the HMAC generated by your code and the one generated by Postman to see if they match.
Also, you can refer to our sample code in C# in the "code examples" section of our download page. Here is the link:
0
Answers
-
Following up on this to know if you are still facing the issue. If yes, kindly provide me the requested information so that I can investigate further.
Also, I am adding another question for the 401 error you are receiving. Is your request working correct, if the value of the attribute "name" in the payload does not consist of any special characters, for example: names like John, Jane etc. or the 401 error occurs only when you send a request with special characters (in this case: 乔治布什)?
If your request works fine with names without special characters, then you must UTF encode your payload to avoid the error when sending names with special characters to the endpoint in question.
0 -
Hi Irfan,
Sorry for the delayed response. I tried this again late last night so I could send you the header information but it's now working correctly all the time with 0 changes made to the code.
For now this no longer seems to be an issue but thanks for the assisstance
0
Categories
- All Categories
- 3 Polls
- 6 AHS
- 36 Alpha
- 166 App Studio
- 6 Block Chain
- 4 Bot Platform
- 18 Connected Risk APIs
- 47 Data Fusion
- 34 Data Model Discovery
- 690 Datastream
- 1.4K DSS
- 629 Eikon COM
- 5.2K Eikon Data APIs
- 11 Electronic Trading
- 1 Generic FIX
- 7 Local Bank Node API
- 3 Trading API
- 2.9K Elektron
- 1.4K EMA
- 255 ETA
- 559 WebSocket API
- 39 FX Venues
- 15 FX Market Data
- 1 FX Post Trade
- 1 FX Trading - Matching
- 12 FX Trading – RFQ Maker
- 5 Intelligent Tagging
- 2 Legal One
- 25 Messenger Bot
- 3 Messenger Side by Side
- 9 ONESOURCE
- 7 Indirect Tax
- 60 Open Calais
- 279 Open PermID
- 45 Entity Search
- 2 Org ID
- 1 PAM
- PAM - Logging
- 6 Product Insight
- Project Tracking
- ProView
- ProView Internal
- 23 RDMS
- 2K Refinitiv Data Platform
- 716 Refinitiv Data Platform Libraries
- 4 LSEG Due Diligence
- LSEG Due Diligence Portal API
- 4 Refinitiv Due Dilligence Centre
- Rose's Space
- 1.2K Screening
- 18 Qual-ID API
- 13 Screening Deployed
- 23 Screening Online
- 12 World-Check Customer Risk Screener
- 1K World-Check One
- 46 World-Check One Zero Footprint
- 45 Side by Side Integration API
- 2 Test Space
- 3 Thomson One Smart
- 10 TR Knowledge Graph
- 151 Transactions
- 143 REDI API
- 1.8K TREP APIs
- 4 CAT
- 27 DACS Station
- 121 Open DACS
- 1.1K RFA
- 106 UPA
- 194 TREP Infrastructure
- 229 TRKD
- 918 TRTH
- 5 Velocity Analytics
- 9 Wealth Management Web Services
- 95 Workspace SDK
- 11 Element Framework
- 5 Grid
- 19 World-Check Data File
- 1 Yield Book Analytics
- 48 中文论坛