Discover Refinitiv
MyRefinitiv Refinitiv Perspectives Careers
Created with Sketch.
All APIs Questions & Answers  Register |  Login
Ask a question
  • Questions
  • Tags
  • Badges
  • Unanswered
Search:
  • Home /
  • Screening /
  • World-Check One /
avatar image
Question by eirik.yksnoy · Feb 04, 2019 at 06:42 PM · 401 unauthorizedresttemplate

Response 401 UNAUTHORIZED using RestTemplate

Both sample Java code and Postman for /v1/groups work every time. However when using Spring and RestTemplate i get 401. Even stranger, the code worked occationaly while running it over and over, but I'm not able to reproduce it.

Request headers:

Authorization:

Signature keyId="f97121be-3d1d-493d-8029-5296d1070727",algorithm="hmac-sha256",headers="(request-target) host date",signature="7gxdTU6RcB8FAs1s31U0BNGXtRKgtm+3zjIzYcki8NM="

Mon, 04 Feb 2019 23:37:27 GMT

Response headers:

Authorization: WWW-Authenticate: Signature realm="World-Check One API",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length

Date: Mon, 04 Feb 2019 23:37:43 GMT.

Code used is attached.

regards

Eirik

sample-code.txt (1.1 KiB)

People who like this

0 Show 0
Comment
10 |1500 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

6 Replies

  • Sort: 
avatar image
Best Answer
Answer by eirik.yksnoy · Feb 15, 2019 at 12:59 AM

Turns out that the I had to use the same date object for the hash and the header.

Comment
Prabhjyot.Mandla

People who like this

1 Show 0 · Share
10 |1500 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

avatar image
REFINITIV
Answer by Prabhjyot.Mandla · Feb 05, 2019 at 05:28 AM

@eirik.yksnoy,

Thank you for the query.

Can you please share the code where you are calculating the dataToSign value for generating the HMAC signature?

Comment

People who like this

0 Show 0 · Share
10 |1500 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

avatar image
Answer by eirik.yksnoy · Feb 05, 2019 at 03:54 PM

Hi @Prabhjyot.Mandla

I here is the code attached. It is basically copied from the sample code.


signdata.txt (1.6 KiB)
Comment

People who like this

0 Show 0 · Share
10 |1500 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

avatar image
REFINITIV
Answer by Prabhjyot.Mandla · Feb 06, 2019 at 06:01 AM

@eirik.yksnoy,

Thank you for sharing the code.

I can see that in the generateAuthHeaderHash() you are passing only dataToSign as parameter/ argument. Can you please try passing the API Secret as well along with dataToSign as parameter? The change has to be made in 2 places.

i. Where you are defining the function

ii. Where you are calling the function

Hope this helps.

Comment

People who like this

0 Show 0 · Share
10 |1500 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

avatar image
Answer by eirik.yksnoy · Feb 10, 2019 at 02:38 PM

There was a problem with the url. It had the endpoint name doubled at the end.

Changing it from /v1/groups/v1/groups to /v1/groups resolved one issue.

Now however, the service seems unstable. Running the same code twice often results in one 200 and one 401. Is there a limitation on how often an endpoint can be called? I can't see a clear pattern. Attached is debug of the requests.request-response-log.txt


request-response-log.txt (5.8 KiB)
Comment

People who like this

0 Show 0 · Share
10 |1500 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

avatar image
REFINITIV
Answer by Prabhjyot.Mandla · Feb 11, 2019 at 07:06 AM

@eirik.yksnoy,

You can hit the endpoint more than once at a time. If the request is being rejected due to overload, you would recevie Error 429 and not error 401. I would request you to please review the code if you are receiving Error 401.

From the request headers example, I can see that you are using the request headers as - Date, cache-control and Authorisation, which is failing.

Can you please let me know if you are receiving Error 401 for all the API requests with the above request header format?

Comment

People who like this

0 Show 0 · Share
10 |1500 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Watch this question

Add to watch list
Add to your watch list to receive emailed updates for this question. Too many emails? Change your settings >
8 People are following this question.

Related Questions

Case Template Returning to null most of the Times with WCO API AUthentication. -401 Unauthorised Access 1 Answer

GET cases/{caseSystemId} works in postman, always returns 401 in php 2 Answers

401 Unauthorized when calling /groups with GET (Ruby on Rails RoR) 5 Answers

401 Unauthorized on all API Calls (SEQ-1a: Get my top-level groups) 8 Answers

Missing www-authenticate header when receiving 401 responses. 4 Answers

  • Feedback
  • Copyright
  • Cookie Policy
  • Privacy Statement
  • Terms of Use
  • Careers
  • Anonymous
  • Sign in
  • Create
  • Ask a question
  • Spaces
  • Alpha
  • App Studio
  • Block Chain
  • Bot Platform
  • Calais
  • Connected Risk APIs
  • DSS
  • Data Fusion
  • Data Model Discovery
  • Datastream
  • Eikon COM
  • Eikon Data APIs
  • Elektron
    • EMA
    • ETA
    • WebSocket API
  • Legal One
  • Messenger Bot
  • Messenger Side by Side
  • ONESOURCE
    • Indirect Tax
  • Open PermID
    • Entity Search
  • Org ID
  • PAM
    • PAM - Logging
  • ProView
  • ProView Internal
  • Product Insight
  • Project Tracking
  • Refinitiv Data Platform
    • Refinitiv Data Platform Libraries
  • Rose's Space
  • Screening
    • Qual-ID API
    • Screening Deployed
    • Screening Online
    • World-Check One
    • World-Check One Zero Footprint
  • Side by Side Integration API
  • TR Knowledge Graph
  • TREP APIs
    • CAT
    • DACS Station
    • Open DACS
    • RFA
    • UPA
  • TREP Infrastructure
  • TRIT
  • TRKD
  • TRTH
  • Thomson One Smart
  • Transactions
    • REDI API
  • Velocity Analytics
  • Wealth Management Web Services
  • World-Check Data File
  • Explore
  • Tags
  • Questions
  • Badges