SEQ-4a Post Screen a case get Error 401 Unauthorized

Question

Question by information · Jan 08, 2017 at 07:40 PM · post 401

SEQ-4a Post Screen a case get Error 401 Unauthorized

Hi, Try to implement Screen a case like sample SEQ-4a. Post request get Error 401 Unauthorized. I find the sample authorisation header string does not contains content-type and content-length as described as in the Quick Start. My question is if this is the matter for the case. Please help. Thanks. John

0 Show 1

10 |1500 characters needed characters left characters exceeded

Attachments: Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

information · Jan 12, 2017 at 06:51 PM 0

Share

Hi, i have found the problem and got this issue resolved. Basically it is the the HTTP component bug does not stream string parameters in order. Also there is another reasons cause the body string not compatible with the REST server. Thanks a lot for the help. John

Answer 1 · 2017-01-09T05:15:09Z

REFINITIV

Best Answer

Answer by brian.bourgault · Jan 09, 2017 at 05:15 AM

Hi John,

There are a number of reasons you may receive a 401 status. Note some of the PUT/POST requests do no have a body, hence do not require content length... I suggest, if possible, share the code you wrote that is not working...also note that one of your groups is setup as a Zero Footprint group and so screening a case will not be permitted in that group, use one of the other groups you've setup.

Brian

1 Show 1 · Share

10 |1500 characters needed characters left characters exceeded

Attachments: Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

information · Jan 11, 2017 at 02:34 PM 0

Share

Thanks Brian for the reply. I use the postman default group-id.

Answer 2 · 2017-01-10T15:02:50Z

Answer by information · Jan 10, 2017 at 03:02 PM

Hi Brian,

I use the postman default group id in the pilot environment.

Please check the source code as below, for the function of “Save a simple case”

// -----------------------

procedure TForm2.btSaveasimplecaseClick(Sender: TObject);

var

response : string;

RequestBody : TstringStream;

tt : TBytes;

dataToSign, strdatetime : string;

thedate : tdatetime;

const

strbody='{ "entityType": "INDIVIDUAL", "groupId":"418f28a7-b9c9-4ae4-8530-819c61b1ca6c","providerTypes": ["WATCHLIST"], "name": "John Doe"}';

strbaseurl='https://rms-world-check-one-api-pilot.thomsonreuters.com/v1/cases';

begin

thedate:=now-(13/24); // get server time , the offset of the time different is 13 hours

strdatetime:= formatdatetime('ddd, dd mmm yyyy hh:mm:ss "GMT"',thedate);

edtdate.Text:=strdatetime; // display purpose – date string

dataToSign:= '(request-target): post /v1/cases'+#10 +'host: rms-world-check-one-api-pilot.thomsonreuters.com' +#10+'date: '+strdatetime+#10+'content-type: application/json'+#10+'content-length: '+

inttostr(length(strbody))+#10+strbody;

msignstring.Lines.Text:=datatosign; // Sign string -- display purpose

tt:=System.Hash.THashSHA2.GetHMACasBytes(dataToSign,APIsecret,SHA256);

edtsignatures.text:=EncodeBase64(tt,length(tt)); // signature string - display purpose

edtauth.Text:='Signature keyId="a4364e62-e58b-4b64-9c71-faead5417557",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length",signature="'+edtsignatures.text+'"'; // authorization string

edit1.Text:=inttostr(length(strbody)); // content -length

RequestBody := TStringStream.Create(strbody, TEncoding.UTF8);

RequestBody.Position := 0;

try

IdHTTP1.Request.CustomHeaders.Clear;

IdHTTP1.Request.Method:=Id_HTTPMethodPost;

IdHTTP1.Request.ContentType := 'application/json';

IdHTTP1.Request.CustomHeaders.AddValue('cache-control', 'no-cache');

IdHTTP1.Request.CustomHeaders.AddValue('authorization',edtauth.Text);

IdHTTP1.Request.CustomHeaders.AddValue('date', strdatetime);

IdHTTP1.Request.CustomHeaders.AddValue('content-type', 'application/json');

IdHTTP1.Request.CustomHeaders.AddValue('content-length', inttostr(length(strbody)));

try

IdHTTP1.Post(strbaseurl, RequestBody);

except

on e:EIdHTTPProtocolException do

begin

showmessage(e.ErrorMessage+' .. '+ e.Message );

end;

on e:exception do

showmessage(e.Message);

end;

memo1.Lines.text:=IdHTTP1.ResponseText;

finally

RequestBody.Free;

end;

// --------------------- end of code ---------------

Sign string:

(request-target): post /v1/cases

host: rms-world-check-one-api-pilot.thomsonreuters.com

date: Mon, 09 Jan 2017 23:38:56 GMT

content-type: application/json

content-length: 130

{ "entityType": "INDIVIDUAL", "groupId":"418f28a7-b9c9-4ae4-8530-819c61b1ca6c","providerTypes": ["WATCHLIST"], "name": "John Doe"}

Signature:

QldTAT5loM20vBrFMBZg1ErrnYnrVtPcx+ZpxQKjkqo=

Authorization:

Signature keyId="a4364e62-e58b-4b64-9c71-faead5417557",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length",signature="QldTAT5loM20vBrFMBZg1ErrnYnrVtPcx+ZpxQKjkqo="

Date:

Sun, 08 Jan 2017 21:52:47 GMT

Content Length:

130

Response:

HTTP/1.1 400 Bad Request

Any ideal? Thanks

0 · Share

10 |1500 characters needed characters left characters exceeded

Attachments: Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Answer 3 · 2017-07-31T09:53:16Z

REFINITIV

Answer by brian.bourgault · Jul 31, 2017 at 09:53 AM

Consider watching:

World-Check One API – Overview and Quick Start

0 · Share

10 |1500 characters needed characters left characters exceeded

Attachments: Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

SEQ-4a Post Screen a case get Error 401 Unauthorized

3 Replies

Watch this question

Related Questions