New posts are disabled while we improve the user experience.

You can browse the site, or for urgent issues, raise a query at MyAccount.

question

Upvotes
Accepted
sushil.suresh avatar image
1 0 1 1

Authorisation setup for World Check API for a simple client(like SOAP UI)

Hello,

After having read through the security page and the various posts in dev forum, I am no where close to what I need to get a properly authenticated request/response.

My understanding of the Authorisation setup is that:

1. requires keyID in the header.

2. requires a header field called signature containing the secret and the base64encoded SHA1 has of the key.

I know I am missing something but needed an answer which is implementation language agnostic as we are not using any generic language but a different application to call the API.

Easiest way would be if I could get this working from SOAP UI, that will give me an idea on its implementation in my application.

world-checkworld-check-one
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

4 Answers

· Write an Answer
Upvotes
Accepted
brian.bourgault avatar image
3.1k 18 7 7

Hi @sushil.suresh,

I just posted an example that should be helpful...

Brian

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
brian.bourgault avatar image
3.1k 18 7 7

Hi @sushil.suresh,

I suggest you download the Postman collection from the developers portal.

Once you have that working (it should just work "out-of-the-box" ) then you can use the Code (Generate Code Snippet), it has generated code for several languages over 20 in all... that should help you...

Brian

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
sushil.suresh avatar image
1 0 1 1

Thanks Brian.

The main confusion I have is that it requires Authorization header field containing a full set of details which is Signature(keyword) keyID="client key", algorithm, headers, signature="base64encode of client secret". Should this all be under one header called Authorization?

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
sushil.suresh avatar image
1 0 1 1

Got my GET Operations working(just needed to translate the sample code into the language we are using). Not a lot of luck with Post even after adding content-length and the actual content in Signature. I will update here once I get my Post working!!!

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.