Discover Refinitiv
MyRefinitiv Refinitiv Perspectives Careers
Created with Sketch.
All APIs Questions & Answers  Register |  Login
Ask a question
  • Questions
  • Tags
  • Badges
  • Unanswered
Search:
  • Home /
  • Screening /
  • World-Check One /

For a deeper look into our World Check One API, look into:

Overview |  Quickstart |  Documentation |  Downloads

avatar image
Question by mspicer · Jul 06, 2018 at 06:11 AM · world-checkworld-check-oneerror-401

SEQ-5b & SEQ-4a Returning 401

SEQ-4a

Case System ID:
0a3687d0-63f9-1b2e-991b-bb99003c12aa
Data to Sign:
(request-target): post /v1/cases/0a3687d0-63f9-1b2e-991b-bb99003c12aa/screeningRequest host: rms-world-check-one-api-pilot.thomsonreuters.com date: Fri, 06 Jul 2018 10:03:57 GMT
Auth:
Signature keyId="{ {api-key}}",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length",signature="/aaGesbftj4fzjfz//MRYRMsRvWDMTA2dUSM0dgjVWU="

SEQ-5b

Case System ID:
0a3687d0-63f9-1b2e-991b-bb99003c12aa
Data To Sign:
(request-target): get /v1/cases/0a3687d0-63f9-1b2e-991b-bb99003c12aa/results host: rms-world-check-one-api-pilot.thomsonreuters.com date: Fri, 06 Jul 2018 10:08:54 GMT
Auth:
Signature keyId="{ {api-key}}",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length",signature="23AQyY0At7IPvrtsYsrqLvWYl7bovq2vYgKdm+sXmf8="

I've been happily using SEQ-1a, SEQ-2a and SEQ-2c with no issues so I'm fairly confident in my hmac generation. Is there something else I'm missing?

People who like this

0 Show 3
Comment
10 |1500 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

avatar image
REFINITIV
Irfan.Khan ♦♦ · Jul 06, 2018 at 06:16 AM 0
Share

@mspicer I see that you have mentioned your API key in the post. Can you please remove your API key or mask it? I have made this post private for now so that you can make the edit.

I am looking into your query and will get back with updates in a short while.

avatar image
mspicer Irfan.Khan ♦♦ · Jul 06, 2018 at 06:51 AM 0
Share

Hi Irfan,

I've now removed the key as requested, apologies.

avatar image
REFINITIV
Irfan.Khan ♦♦ mspicer · Jul 06, 2018 at 07:59 AM 0
Share

@mspicer

Thank you for that. I have made the question public again!

1 Reply

  • Sort: 
avatar image
REFINITIV
Best Answer
Answer by Irfan.Khan · Jul 06, 2018 at 07:58 AM

@mspicer ,

I concur that the HMAC signature is correct.

The issue is with the authorization header you are sending. Kindly note although this is a POST request, we do not expect you to send the content-type and content-length in it.

So for when hitting the endpoint "screeningRequest", please make sure the auth headers are in the below format:

Signature keyId="{ {api-key}}",algorithm="hmac-sha256",headers="(request-target) host date",signature="{ {HMAC-SIGNATURE}}"

When hitting the endpoint results, please make sure the auth headers are as below:

Signature keyId="{ {api-key}}",algorithm="hmac-sha256",headers="(request-target) host date",signature="{ {HMAC-SIGNATURE}}"

I think this should fix the error 401 you are getting.

Comment

People who like this

0 Show 1 · Share
10 |1500 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

avatar image
mspicer · Jul 06, 2018 at 08:31 AM 0
Share

Derp. Thanks Irfan. Working now.

Watch this question

Add to watch list
Add to your watch list to receive emailed updates for this question. Too many emails? Change your settings >
9 People are following this question.

Related Questions

SEQ-screen-sync-simple: Perform Synchronous Screening: Simple 401 Unauthorized.

WORLD CHECK ONE API v2- The remote server returned an error: (401) Unauthorized.'

401 Unauthorized response when calling HTTPGET /v1/groups

I have a problem accessing the World-check-one API. Please help me. The same request parameter, in which the name parameter is Chinese, returns 401 Unauthorized, the name can be changed to English after the normal request.

401 Unauthorized when attempting to post a case

  • Copyright
  • Cookie Policy
  • Privacy Statement
  • Terms of Use
  • Anonymous
  • Sign in
  • Create
  • Ask a question
  • Spaces
  • Alpha
  • App Studio
  • Block Chain
  • Bot Platform
  • Connected Risk APIs
  • DSS
  • Data Fusion
  • Data Model Discovery
  • Datastream
  • Eikon COM
  • Eikon Data APIs
  • Electronic Trading
    • Generic FIX
    • Local Bank Node API
    • Trading API
  • Elektron
    • EMA
    • ETA
    • WebSocket API
  • Intelligent Tagging
  • Legal One
  • Messenger Bot
  • Messenger Side by Side
  • ONESOURCE
    • Indirect Tax
  • Open Calais
  • Open PermID
    • Entity Search
  • Org ID
  • PAM
    • PAM - Logging
  • ProView
  • ProView Internal
  • Product Insight
  • Project Tracking
  • RDMS
  • Refinitiv Data Platform
    • Refinitiv Data Platform Libraries
  • Rose's Space
  • Screening
    • Qual-ID API
    • Screening Deployed
    • Screening Online
    • World-Check One
    • World-Check One Zero Footprint
  • Side by Side Integration API
  • TR Knowledge Graph
  • TREP APIs
    • CAT
    • DACS Station
    • Open DACS
    • RFA
    • UPA
  • TREP Infrastructure
  • TRKD
  • TRTH
  • Thomson One Smart
  • Transactions
    • REDI API
  • Velocity Analytics
  • Wealth Management Web Services
  • Workspace SDK
    • Element Framework
    • Grid
  • World-Check Data File
  • 中文论坛
  • Explore
  • Tags
  • Questions
  • Badges