For a deeper look into our World Check One API, look into:

Overview |  Quickstart |  Documentation |  Downloads

question

Upvotes
Accepted
mallinathan.saranyes avatar image
3 2 1 4

World check one API - 401 unauthorized when testing connection from SOAP or Fiddler

This is the first time we are working on World check API. We are testing authorization and connection process. We already have secret key and API key. Below request we are using to generate hash value from secret key.

(request-target): post /v1/cases host: rms-world-check-one-api.thomsonreuters.com date: Fri, 28 Sep 2018 09:29:59 GMT content-type: application/json content-length: 88 { "caseId": "my customer ID", "name": "John Doe", "providerTypes": ["WATCHLIST"] }

After generating Hash value we are sending request from SOAP-ui. Below is the request as checked in fiddler which is sent to World check API when sent from SOAP-UI.

POST https://rms-world-check-one-api-pilot.thomsonreuters.com/v1/cases HTTP/1.1 Date: Fri, 28 Sep 2018 09:29:59 GMT Authorization: Signature keyId="xxxxxxxxxxxxxxxxxxxxxxxxx",algorithm="hmac-sha256", headers="(request-target) host date content-type content-length", signature="2qvdOiSvDZCogwO1VY+V3F1NdTmkqrhO/rUW2CJ16nM=" Content-Type: application/json Content-Length: 88 Host: rms-world-check-one-api-pilot.thomsonreuters.com Connection: Keep-Alive User-Agent: Apache-HttpClient/4.1.1 (java 1.5) { "caseId": "my customer ID", "name": "John Doe", "providerTypes": ["WATCHLIST"] }

Below is the response we are getting -

HTTP/1.1 401 Unauthorized X-Application-Context: application Authorization: WWW-Authenticate: Signature realm="World-Check One API",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length Transfer-Encoding: chunked Date: Fri, 28 Sep 2018 09:30:15 GMT Server: ""

Please help on this.

world-checkworldcheck-one-api
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

5 Answers

Upvotes
Accepted
mallinathan.saranyes avatar image
3 2 1 4

The above issue is resolved. The problem was with few unnecessary white spaces included in the request. After removing the white spaces, we are able to get the correct JSON response.

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Prabhjyot avatar image Prabhjyot

@mallinathan.saranyes ,

Glad to know that the issue has been resolved! If you face the issue again, do let us know for further assistance by posting a new query.

Upvotes
Prabhjyot avatar image
4.5k 4 8 8

Hi @mallinathan.saranyes,

Thank you for the query.

As per the details provided, I see that the host address which you are using in the (request-target) is - rms-world-check-one-api.thomsonreuters.com and should be - rms-world-check-one-api-pilot.thomsonreuters.com in the (request-target).

Also, I advise you to use - "groupId" and "entityType": "INDIVIDUAL", in the body of the request.

Please let me know if you need further assistance.

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Prabhjyot avatar image Prabhjyot

Hi @mallinathan.saranyes ,

Following up on the above reported issue.

Please let us know if you are still facing the issue or has it been resolved.

Upvotes
mallinathan.saranyes avatar image
3 2 1 4

Hi @Prabhjyot.Mandla,

Thanks for your response.

We already tested the rms-world-check-one-api-pilot.thomsonreuters.com as Host address. It did not work; we receive the 401 Unauthorized response.

What will be the groupId that we should pass?

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
Prabhjyot avatar image
4.5k 4 8 8

Hi @mallinathan.saranyes,

In order to retrieve the groupId, you need to use the GET API call - 'SEQ-pre-groups: Get my top-level groups', which will provide you the details of the goups.

Can you please confirm if you are able to call the above API call successfully or are you receiving Error 401 for the above call as well?

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
mallinathan.saranyes avatar image
3 2 1 4

Hi @Prabhjyot.Mandla please find below the request we used to get groups.

GET https://rms-world-check-one-api-pilot.thomsonreuters.com/v1/groups HTTP/1.1 Host: rms-world-check-one-api-pilot.thomsonreuters.com Date: Thu, 04 Oct 2018 08:58:30 GMT Authorization: Signature keyId="XXXXXXXXXXXXXXXXXXX",algorithm="hmac-sha256", headers="(request-target) host date", signature="nk60LnUlWPa6SKs2BWjqMtwAFCWE1DQfNmWX1O2KisQ="

Also, below is the request we used to generate hmac.

(request-target): get https://rms-world-check-one-api-pilot.thomsonreuters.com/v1/groups host: rms-world-check-one-api-pilot.thomsonreuters.com date: Thu, 04 Oct 2018 08:58:30 GMT

Kindly check and let us know if this is correct or not.

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.