SEQ-screen-sync-simple: Perform Synchronous Screening: Simple : 401 Unauthorized.

Hi,

I am trying to connect to "SEQ-screen-sync-simple: Perform Synchronous Screening: Simple" API and sending request as per POSTMAN. But still I am getting 401 Unauthorized. Not sure where I am going wrong. Please help.Below are the details:

DataToSign: (request-target): get /v1/cases/screeningRequest
host: rms-world-check-one-api-pilot.thomsonreuters.com
date: Mon, 22 Apr 2019 11:54:59 GMT
content-type: application/json
content-length: 129
{"name":"Rajiv Trivedi","groupId":"0a3687cf-693a-11f8-9a6c-dc4d000016cd","entityType":"INDIVIDUAL","providerTypes":["WATCHLIST"]}
AuthKey:Signature keyId="f3002323-87ec-4095-afef-23db8c9cd5c1",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length",signature="rfMsY3hSVor9N+/uWNSBFKkT5JORL9YLhIYArpwR/V8="

headers.add("Authorization", authKey);

headers.add("Date", requestDate);


headers.add("Content-Type", "application/json");

headers.add("Content-Length", dataStringLength.toString());

Regards,

Ashish.

Best Answer

Answers

  • @ashish22,

    Thank you for your query.

    Can you please share the request and the response headers of the failed API call to look into it?

  • ashish22
    ashish22 Newcomer

    Hi,

    Sorry for the inconvenience. Let me rephrase the query with more clarity here.

    Our system is a Java Web application that makes use of TR API. We have implemented the web service connection logic as per the scripts provided in the Postman Script set downloaded from the TR documentation page.

    The web service is working fine in Postman, but it fails in our Java web services.

    Following are the queries:

    1. Is there any way that you can provide the Java equivalent of the postman scripts? This is needed because the way the Postman scripts had been implemented is not fully implementable in Java.
    2. Following are the details that are generated in Java and submitted

    Data for signature generation:

    DataToSign: (request-target): get /v1/cases/screeningRequest host: rms-world-check-one-api-pilot.thomsonreuters.com date: Mon, 22 Apr 2019 11:54:59 GMT content-type: application/json content-length: 168 {"name":"Rajiv Trivedi","groupId":"0a3687cf-693a-11f8-9a6c-dc4d000016cd","entityType":"INDIVIDUAL","providerTypes":["WATCHLIST"],"secondaryFields":[],"customFields":[]}

    The generated signature is, rfMsY3hSVor9N+/uWNSBFKkT5JORL9YLhIYArpwR/V8=

    Header parameter: Authentication

    Signature keyId="f3002323-87ec-4095-afef-23db8c9cd5c1",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length",signature="rfMsY3hSVor9N+/uWNSBFKkT5JORL9YLhIYArpwR/V8="

    Header parameter: Date

    Mon, 22 Apr 2019 11:54:59 GMT

    Header parameter: Content-Type

    application/json

    Header parameter: Content-Length

    168

    Request Data:

    {"name":"Rajiv Trivedi","groupId":"0a3687cf-693a-11f8-9a6c-dc4d000016cd","entityType":"INDIVIDUAL","providerTypes":["WATCHLIST"],"secondaryFields":[],"customFields":[]}

    We get an exception in Java, which contains the trace as "401 Unauthorized".