SEQ-5b & SEQ-4a Returning 401

SEQ-4a
Case System ID:
0a3687d0-63f9-1b2e-991b-bb99003c12aa
Data to Sign:
(request-target): post /v1/cases/0a3687d0-63f9-1b2e-991b-bb99003c12aa/screeningRequest
host: rms-world-check-one-api-pilot.thomsonreuters.com
date: Fri, 06 Jul 2018 10:03:57 GMT
Auth:
Signature keyId="{{api-key}}",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length",signature="/aaGesbftj4fzjfz//MRYRMsRvWDMTA2dUSM0dgjVWU="
SEQ-5b
Case System ID:
0a3687d0-63f9-1b2e-991b-bb99003c12aa
Data To Sign:
(request-target): get /v1/cases/0a3687d0-63f9-1b2e-991b-bb99003c12aa/results
host: rms-world-check-one-api-pilot.thomsonreuters.com
date: Fri, 06 Jul 2018 10:08:54 GMT
Auth:
Signature keyId="{{api-key}}",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length",signature="23AQyY0At7IPvrtsYsrqLvWYl7bovq2vYgKdm+sXmf8="
I've been happily using SEQ-1a, SEQ-2a and SEQ-2c with no issues so I'm fairly confident in my hmac generation. Is there something else I'm missing?
Best Answer
-
@mspicer ,
I concur that the HMAC signature is correct.
The issue is with the authorization header you are sending. Kindly note although this is a POST request, we do not expect you to send the content-type and content-length in it.
So for when hitting the endpoint "screeningRequest", please make sure the auth headers are in the below format:
Signature keyId="{{api-key}}",algorithm="hmac-sha256",headers="(request-target) host date",signature="{{HMAC-SIGNATURE}}"
When hitting the endpoint results, please make sure the auth headers are as below:
Signature keyId="{{api-key}}",algorithm="hmac-sha256",headers="(request-target) host date",signature="{{HMAC-SIGNATURE}}"
I think this should fix the error 401 you are getting.
0
Answers
-
@mspicer I see that you have mentioned your API key in the post. Can you please remove your API key or mask it? I have made this post private for now so that you can make the edit.
I am looking into your query and will get back with updates in a short while.
0 -
Hi Irfan,
I've now removed the key as requested, apologies.
0 -
Thank you for that. I have made the question public again!
0 -
Derp. Thanks Irfan. Working now.
0
Categories
- All Categories
- 3 Polls
- 6 AHS
- 36 Alpha
- 166 App Studio
- 6 Block Chain
- 4 Bot Platform
- 18 Connected Risk APIs
- 47 Data Fusion
- 34 Data Model Discovery
- 690 Datastream
- 1.4K DSS
- 629 Eikon COM
- 5.2K Eikon Data APIs
- 11 Electronic Trading
- 1 Generic FIX
- 7 Local Bank Node API
- 3 Trading API
- 2.9K Elektron
- 1.4K EMA
- 255 ETA
- 559 WebSocket API
- 39 FX Venues
- 15 FX Market Data
- 1 FX Post Trade
- 1 FX Trading - Matching
- 12 FX Trading – RFQ Maker
- 5 Intelligent Tagging
- 2 Legal One
- 25 Messenger Bot
- 3 Messenger Side by Side
- 9 ONESOURCE
- 7 Indirect Tax
- 60 Open Calais
- 279 Open PermID
- 45 Entity Search
- 2 Org ID
- 1 PAM
- PAM - Logging
- 6 Product Insight
- Project Tracking
- ProView
- ProView Internal
- 23 RDMS
- 2K Refinitiv Data Platform
- 716 Refinitiv Data Platform Libraries
- 4 LSEG Due Diligence
- LSEG Due Diligence Portal API
- 4 Refinitiv Due Dilligence Centre
- Rose's Space
- 1.2K Screening
- 18 Qual-ID API
- 13 Screening Deployed
- 23 Screening Online
- 12 World-Check Customer Risk Screener
- 1K World-Check One
- 46 World-Check One Zero Footprint
- 45 Side by Side Integration API
- 2 Test Space
- 3 Thomson One Smart
- 10 TR Knowledge Graph
- 151 Transactions
- 143 REDI API
- 1.8K TREP APIs
- 4 CAT
- 27 DACS Station
- 121 Open DACS
- 1.1K RFA
- 106 UPA
- 194 TREP Infrastructure
- 229 TRKD
- 918 TRTH
- 5 Velocity Analytics
- 9 Wealth Management Web Services
- 95 Workspace SDK
- 11 Element Framework
- 5 Grid
- 19 World-Check Data File
- 1 Yield Book Analytics
- 48 中文论坛