World check one API - 401 unauthorized when testing connection from SOAP or Fiddler

This is the first time we are working on World check API. We are testing authorization and connection process. We already have secret key and API key. Below request we are using to generate hash value from secret key.

(request-target): post /v1/cases
host: rms-world-check-one-api.thomsonreuters.com
date: Fri, 28 Sep 2018 09:29:59 GMT
content-type: application/json
content-length: 88
{
"caseId": "my customer ID",
"name": "John Doe",
"providerTypes": ["WATCHLIST"]
}

After generating Hash value we are sending request from SOAP-ui. Below is the request as checked in fiddler which is sent to World check API when sent from SOAP-UI.

POST https://rms-world-check-one-api-pilot.thomsonreuters.com/v1/cases HTTP/1.1 Date: Fri, 28 Sep 2018 09:29:59 GMT
Authorization: Signature keyId="xxxxxxxxxxxxxxxxxxxxxxxxx",algorithm="hmac-sha256", headers="(request-target) host date content-type content-length", signature="2qvdOiSvDZCogwO1VY+V3F1NdTmkqrhO/rUW2CJ16nM="
Content-Type: application/json
Content-Length: 88
Host: rms-world-check-one-api-pilot.thomsonreuters.com
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1.1 (java 1.5)
{
"caseId": "my customer ID",
"name": "John Doe",
"providerTypes": ["WATCHLIST"]
}

Below is the response we are getting -

HTTP/1.1 401 Unauthorized
X-Application-Context: application
Authorization: WWW-Authenticate: Signature realm="World-Check One API",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length
Transfer-Encoding: chunked
Date: Fri, 28 Sep 2018 09:30:15 GMT
Server: ""

Please help on this.

Find more posts tagged with

world-check

worldcheck-one-api

Accepted answers

mallinathan.saranyes

The above issue is resolved. The problem was with few unnecessary white spaces included in the request. After removing the white spaces, we are able to get the correct JSON response.

All comments

Prabhjyot

Hi @mallinathan.saranyes,

Thank you for the query.

As per the details provided, I see that the host address which you are using in the (request-target) is - rms-world-check-one-api.thomsonreuters.com and should be - rms-world-check-one-api-pilot.thomsonreuters.com in the (request-target).

Also, I advise you to use - "groupId" and "entityType": "INDIVIDUAL", in the body of the request.

Please let me know if you need further assistance.

Prabhjyot

Hi @mallinathan.saranyes ,

Following
up on the above reported issue.

Please let us know if you are still facing the issue or has it been resolved.

mallinathan.saranyes

Hi @Prabhjyot,

Thanks for your response.

We already tested the rms-world-check-one-api-pilot.thomsonreuters.com as Host address. It did not work; we receive the 401 Unauthorized response.

What will be the groupId that we should pass?

Prabhjyot

Hi @mallinathan.saranyes,

In order to retrieve the groupId, you need to use the GET API call - 'SEQ-pre-groups: Get my top-level groups', which will provide you the details of the goups.

Can you please confirm if you are able to call the above API call successfully or are you receiving Error 401 for the above call as well?

mallinathan.saranyes

Hi @Prabhjyot please find below the request we used to get groups.

GET https://rms-world-check-one-api-pilot.thomsonreuters.com/v1/groups HTTP/1.1
Host: rms-world-check-one-api-pilot.thomsonreuters.com
Date: Thu, 04 Oct 2018 08:58:30 GMT
Authorization: Signature keyId="XXXXXXXXXXXXXXXXXXX",algorithm="hmac-sha256", headers="(request-target) host date", signature="nk60LnUlWPa6SKs2BWjqMtwAFCWE1DQfNmWX1O2KisQ="

Also, below is the request we used to generate hmac.

(request-target): get https://rms-world-check-one-api-pilot.thomsonreuters.com/v1/groups
host: rms-world-check-one-api-pilot.thomsonreuters.com
date: Thu, 04 Oct 2018 08:58:30 GMT

Kindly check and let us know if this is correct or not.

mallinathan.saranyes

The above issue is resolved. The problem was with few unnecessary white spaces included in the request. After removing the white spaces, we are able to get the correct JSON response.

Prabhjyot

@mallinathan.saranyes ,

Glad to know that the issue has been resolved! If you face the issue again, do let us know for further assistance by posting a new query.

EXPLORE OUR SITES