What headers must be in correct request? (at POSTMAN)
When I try to send test request to WC1 through POSTMAN, I got errors like that
{
"message": "Authorization header requires 'Credential' parameter. Authorization header requires 'Signature' parameter. Authorization header requires 'SignedHeaders' parameter. Authorization=Signature keyId=\"**our_api_key**",algorithm=\"hmac-sha256\""
}
I'm trying to follow your doc's examples (https://docs-developers.thomsonreuters.com/1549604761954/50009/documentation/schema-reference/security.html), but I don't understand which keys I should include to headers. Can you help me with that and provide some real working code examples please? Thank you very much!
Best Answer
-
Can you delete the existing postman collection from your postman and download from the below link, re-import and retry the API request?
Regards,
Mehran Khan
0
Answers
-
Hi,
Can you please replicate this once more by turning on the postman console by clicking on alt+ctrl+c and provide me the complete request and response so that i can investigate this further?
Regards,
Mehran Khan
API Technical Consultant
0 -
POST
https://zfs-world-check-one-api-pilot.thomsonreuters.com
08:16:31.693
Pretty
Raw- Request Headers:
- Authorization:"'Signature keyId="99381b37-fbcf-4473-99ef-72478189a838",algorithm="hmac-sha256""
- host:"zfs-world-check-one-api-pilot.thomsonreuters.com"
- date:"Tue, 08 Feb 2019 07:45:35 GMT"
- content-type:"application/json"
- cache-control:"no-cache"
- Postman-Token:"04d44b68-95af-40b5-800b-1e592d490955"
- User-Agent:"PostmanRuntime/7.6.0"
- Accept:"*/*"
- accept-encoding:"gzip, deflate"
- Request Headers:
- Request Body:
- caseId:"my customer ID"
- name:"John Doe"
- region:"California"
- Request Body:
- Response Headers:
- Content-Type:"application/json"
- Content-Length:"275"
- Connection:"keep-alive"
- Date:"Mon, 11 Feb 2019 05:16:32 GMT"
- x-amzn-RequestId:"31b2e5e7-2dbc-11e9-9217-030a9c2e7c43"
- x-amzn-ErrorType:"IncompleteSignatureException"
- x-amz-apigw-id:"U62_iGQdjoEFicA="
- X-Cache:"Error from cloudfront"
- Via:"1.1 e9eeb72bccacc26d81e7bd02c27d126b.cloudfront.net (CloudFront)"
- X-Amz-Cf-Id:"kM6BbEq7wUXIoHj2FiXavwhE_IWfciKI3uQ2dq9Zuu3jNHPQ3fImBA=="
- Response Headers:
- Response Body:
- message:"Authorization header requires 'Credential' parameter. Authorization header requires 'Signature' parameter. Authorization header requires 'SignedHeaders' parameter. Authorization='Signature keyId="99381b37-fbcf-4473-99ef-72478189a838",algorithm="hmac-sha256""
- Response Body:
667ms
0 -
0
-
Hi,
Thanks for providing the request & response.
1. As you can see the difference between your requested time and the time of response is >30 seconds, ideally, you will get a 401. In your case, the requested date is 8th Feb and the response date is 11th Feb, can you please check your system date settings to make sure that the date header value is in sync with the NTP or the GMT clock for the API call to succeed. The difference with the API clock time shouldn’t be >30s. When it’s more than 30s you get a 401.
2. Can you also confirm the error code that you see?
3. I would like you to confirm if you changed anything in the pre-request script in the postman, from the response headers I see that its unable to read the credentials that is being formed in authorisation header.
4. Another thing that I notice from your request body is the secondary field "Region = California", Kindly fire the "SEQ-pre-group-case-template: Get the case template for a group" API to check all the secondary fields that are allowed for your group.
The fieldValueType is a COUNTRY for such secondary fields, I believe passing California would give you an
- error:"INVALID_COUNTRY_LOCATION"
Please provide your thoughts on the above queries so that we can investigate this further.
Regards,
Mehran Khan
0 -
I am copying a success request & response below for your reference.
POST /v1/cases/screening
Request
Date: Mon, 11 Feb 2019 05:53:31 GMTContent-Type: application/json
Authorization: Signature keyId="5fa98623-c004-493c-a294-f70e0265e***",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length",signature="KSEJ8A7KADlK23Ok6kq3p7I0OMGU9qDxO+lUs******="
Content-Length: 226
cache-control: no-cache
Postman-Token: 63cefe72-004c-4e99-9059-961c4ed49b11
User-Agent: PostmanRuntime/7.6.0
Accept: */*
Host: zfs-world-check-one-api-pilot.thomsonreuters.com
accept-encoding: gzip, deflate
{
"groupId": "0a3687cf-6542-14dd-9967-e91100000a2b",
"entityType": "INDIVIDUAL",
"providerTypes": [
"WATCHLIST"
],
"name": "John Doe",
"secondaryFields": [{
"typeId": "SFCT_3",
"value": "USA"
}
]
}HTTP/1.1 200
status: 200Content-Type: application/json
Content-Length: 4318
Connection: keep-alive
Date: Mon, 11 Feb 2019 05:53:49 GMT
x-amzn-RequestId: 5cc91202-2dc1-11e9-bd5c-658c026419b8
x-amz-apigw-id: U68aYHoMDoEF-Nw=
X-Amzn-Trace-Id: Root=1-5c610ddc-d5d5d43eca2779c8f5399ee7;Sampled=0
X-Cache: Miss from cloudfront
Via: 1.1 93ed990528f7d926164522082816e682.cloudfront.net (CloudFront)
X-Amz-Cf-Id: kdGeQO9MTR2YSusbmWa1AKr9oYYex-5D7OUbwaCNZI2MC_1TZuM72A==
{"results":[{"referenceId":"e_tr_wci_906384","matchStrength":"STRONG","matchedTerm":"堵,燕","submittedTerm":"John Doe","matchedNameType":"NATIVE_AKA","secondaryFieldResults":[{"field":{"typeId":"SFCT_3","value":"USA","dateTimeValue":null},"typeId":"SFCT_3","submittedValue":"USA","submittedDateTimeValue":null,"matchedValue":"USA","matchedDateTimeValue":null,"fieldResult":"MATCHED"},{"field":{"typeId":"SFCT_3","value":null,"dateTimeValue":null},"typeId":"SFCT_3","submittedValue":"USA","submittedDateTimeValue":null,"matchedValue":null,"matchedDateTimeValue":null,"fieldResult":"UNKNOWN"}],"sources":["b_trwc_4"],"categories":["Other Bodies"],"creationDate":"2019-02-11T05:53:49.987Z","modificationDate":"2019-02-11T05:53:49.987Z","primaryName":"Yan DU","events":[],"countryLinks":[{"countryText":"CHINA","country":{"code":"CHN","name":"CHINA"},"type":"LOCATION"},{"countryText":"UNITED STATES","country":{"code":"USA","name":"UNITED STATES"},"type":"LOCATION"},{"countryText":"CHINA","country":{"code":"CHN","name":"CHINA"},"type":"NATIONALITY"}],"identityDocuments":[{"entity":null,"number":"80770097","issueDate":null,"expiryDate":null,"issuer":"CHINA","type":"Passport","locationType":null},{"entity":null,"number":"946.225.908-97","issueDate":null,"expiryDate":null,"issuer":null,"type":null,"locationType":null}],"category":"CRIME - NARCOTICS","providerType":"WATCHLIST","gender":"MALE"},{"referenceId":"e_tr_wci_2016078","matchStrength":"WEAK","matchedTerm":"John DE LAURELL","submittedTerm":"John Doe","matchedNameType":"PRIMARY","secondaryFieldResults":[{"field":{"typeId":"SFCT_3","value":"USA","dateTimeValue":null},"typeId":"SFCT_3","submittedValue":"USA","submittedDateTimeValue":null,"matchedValue":"USA","matchedDateTimeValue":null,"fieldResult":"MATCHED"},{"field":{"typeId":"SFCT_3","value":null,"dateTimeValue":null},"typeId":"SFCT_3","submittedValue":"USA","submittedDateTimeValue":null,"matchedValue":null,"matchedDateTimeValue":null,"fieldResult":"UNKNOWN"}],"sources":["b_trwc_4"],"categories":["Other Bodies"],"creationDate":"2019-02-11T05:53:49.987Z","modificationDate":"2019-02-11T05:53:49.987Z","primaryName":"John DE LAURELL","events":[{"day":null,"month":null,"year":1988,"address":null,"fullDate":"1988","allegedAddresses":[],"type":"BIRTH"},{"day":null,"month":null,"year":1989,"address":null,"fullDate":"1989","allegedAddresses":[],"type":"BIRTH"}],"countryLinks":[{"countryText":"UNITED STATES","country":{"code":"USA","name":"UNITED STATES"},"type":"LOCATION"},{"countryText":"UNITED STATES","country":{"code":"USA","name":"UNITED STATES"},"type":"NATIONALITY"}],"identityDocuments":[{"entity":null,"number":"29697863","issueDate":null,"expiryDate":null,"issuer":"USA","type":"Passport","locationType":null},{"entity":null,"number":"301.009.142-40","issueDate":null,"expiryDate":null,"issuer":null,"type":null,"locationType":null}],"category":"CRIME - NARCOTICS","providerType":"WATCHLIST","gender":"MALE"},{"referenceId":"e_tr_wci_1151112","matchStrength":"WEAK","matchedTerm":"雕,俊","submittedTerm":"John Doe","matchedNameType":"NATIVE_AKA","secondaryFieldResults":[{"field":{"typeId":"SFCT_3","value":"USA","dateTimeValue":null},"typeId":"SFCT_3","submittedValue":"USA","submittedDateTimeValue":null,"matchedValue":"USA","matchedDateTimeValue":null,"fieldResult":"MATCHED"},{"field":{"typeId":"SFCT_3","value":null,"dateTimeValue":null},"typeId":"SFCT_3","submittedValue":"USA","submittedDateTimeValue":null,"matchedValue":null,"matchedDateTimeValue":null,"fieldResult":"UNKNOWN"}],"sources":["b_trwc_PEP N"],"categories":["PEP"],"creationDate":"2019-02-11T05:53:49.987Z","modificationDate":"2019-02-11T05:53:49.987Z","primaryName":"Jun DIAO","events":[],"countryLinks":[{"countryText":"CHINA","country":{"code":"CHN","name":"CHINA"},"type":"LOCATION"},{"countryText":"UNITED STATES","country":{"code":"USA","name":"UNITED STATES"},"type":"LOCATION"},{"countryText":"CHINA","country":{"code":"CHN","name":"CHINA"},"type":"NATIONALITY"}],"identityDocuments":[{"entity":null,"number":"01100711","issueDate":null,"expiryDate":null,"issuer":"CHINA","type":"Passport","locationType":null},{"entity":null,"number":"122.876.544-95","issueDate":null,"expiryDate":null,"issuer":null,"type":null,"locationType":null}],"category":"DIPLOMAT","providerType":"WATCHLIST","gender":"MALE"}]}
0 -
Thank you for example! But now I have that strange answer. Could you help me to fix my request please! I saw you've include the 'host' key in 'Authorization', but your request was successfull. Whats the difference? (incorrect time may be, becase I've tried to play with headers after first result, but the server answer didn't change anyway).
-
- Request Headers:
- content-length:"232"
- Authorization:"signature
keyId="99381b37-fbcf-4473-99ef-72478189a838",algorithm="hmac-sha256",headers="(request-target)
host date content-type
content-length",signature="2YUKwJP+gWOgfzpTGnAkSyntM2Yev2KZRArSMD7Xfe8="
" - post:"/v1/cases/screening"
- host:"zfs-world-check-one-api-pilot.thomsonreuters.com"
- date:"Mon, 11 Feb 2019 18:24:16 PHT +08:00"
- content-type:"application/json"
- cache-control:"no-cache"
- Postman-Token:"85d37434-c891-4d04-9cc4-133ef1b7f825"
- User-Agent:"PostmanRuntime/7.6.0"
- Accept:"*/*"
- accept-encoding:"gzip, deflate"
- Request Headers:
-
- Request Body:
- groupId:"0a3687cf-6542-14dd-9967-e91100000a2b"
- entityType:"INDIVIDUAL"
- providerTypes:
- name:"John Doe"
- secondaryFields:
- Request Body:
-
- Response Headers:
- Content-Type:"application/json"
- Content-Length:"305"
- Connection:"keep-alive"
- Date:"Mon, 11 Feb 2019 10:26:12 GMT"
- x-amzn-RequestId:"74355be4-2de7-11e9-8dcc-8f4e6b81f20b"
- x-amzn-ErrorType:"IncompleteSignatureException"
- x-amz-apigw-id:"U7kWpGS2DoEFvOA="
- X-Cache:"Error from cloudfront"
- Via:"1.1 10ba4f180c8b00c38f956300d7b2f4c8.cloudfront.net (CloudFront)"
- X-Amz-Cf-Id:"mI5mfday928jmcDtozLXJUKtb_kWop5nu-Ps31wMPucE23NB685J5g=="
- Response Headers:
-
- Response Body:
- message:"'host'
not a valid key=value pair (missing equal-sign) in Authorization
header: 'signature
keyId="99381b37-fbcf-4473-99ef-72478189a838",algorithm="hmac-sha256",headers="(request-target)
host date content-type
content-length",signature="2YUKwJP+gWOgfzpTGnAkSyntM2Yev2KZRArSMD7Xfe8="'."
- message:"'host'
- Response Body:
0 -
-
Hi,
After further investigation I believe that you're subscribed to the World-Check One API access and not World-Check One Zero Footprint, do let me know if I'm wrong here.
Can you please replace the host to rms-world-check-one-api-pilot.thomsonreuters.com and retry the request?
Also, do let me know the reason why you using the ZFS URL .
Regards,
Mehran Khan
API Technical Consultant
0 -
I've changed host and related params, but server is not responding at all.
Error:read ECONNRESET
- Request Headers:
- content-length:"232"
- Authorization:"Signature keyId="99381b37-fbcf-4473-99ef-72478189a838",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length",signature="U+XSb+tpssGx9X9Oy3VrgLaB3X0fiJ/6qFrEZ6bX5mo=""
- post:"/v1/cases/screening"
- host:"rms-world-check-one-api-pilot.thomsonreuters.com"
- date:"Mon, 11 Feb 2019 17:47:12 +0530 +05:30"
- content-type:"application/json"
- cache-control:"no-cache"
- Postman-Token:"87bfaa9a-616e-4db8-bf77-4c06f9e9aa6c"
- Request Headers:
- Request Body:
- groupId:"0a3687cf-6542-14dd-9967-e91100000a2b"
- entityType:"INDIVIDUAL"
- providerTypes:
- name:"John Doe"
- secondaryFields:
- Request Body:
0 -
Thanks you a lot! You've helped me very much!
0
Categories
- All Categories
- 3 Polls
- 6 AHS
- 37 Alpha
- 166 App Studio
- 6 Block Chain
- 4 Bot Platform
- 18 Connected Risk APIs
- 47 Data Fusion
- 34 Data Model Discovery
- 698 Datastream
- 1.5K DSS
- 633 Eikon COM
- 5.2K Eikon Data APIs
- 14 Electronic Trading
- 1 Generic FIX
- 7 Local Bank Node API
- 6 Trading API
- 2.9K Elektron
- 1.5K EMA
- 257 ETA
- 565 WebSocket API
- 40 FX Venues
- 16 FX Market Data
- 1 FX Post Trade
- 1 FX Trading - Matching
- 12 FX Trading – RFQ Maker
- 5 Intelligent Tagging
- 2 Legal One
- 25 Messenger Bot
- 3 Messenger Side by Side
- 9 ONESOURCE
- 7 Indirect Tax
- 60 Open Calais
- 283 Open PermID
- 47 Entity Search
- 2 Org ID
- 1 PAM
- PAM - Logging
- 6 Product Insight
- Project Tracking
- ProView
- ProView Internal
- 24 RDMS
- 2.1K Refinitiv Data Platform
- 800 Refinitiv Data Platform Libraries
- 4 LSEG Due Diligence
- LSEG Due Diligence Portal API
- 4 Refinitiv Due Dilligence Centre
- Rose's Space
- 1.2K Screening
- 18 Qual-ID API
- 13 Screening Deployed
- 23 Screening Online
- 12 World-Check Customer Risk Screener
- 1K World-Check One
- 46 World-Check One Zero Footprint
- 45 Side by Side Integration API
- 2 Test Space
- 3 Thomson One Smart
- 10 TR Knowledge Graph
- 151 Transactions
- 143 REDI API
- 1.8K TREP APIs
- 4 CAT
- 27 DACS Station
- 122 Open DACS
- 1.1K RFA
- 107 UPA
- 194 TREP Infrastructure
- 232 TRKD
- 918 TRTH
- 5 Velocity Analytics
- 9 Wealth Management Web Services
- 102 Workspace SDK
- 11 Element Framework
- 5 Grid
- 19 World-Check Data File
- 1 Yield Book Analytics
- 48 中文论坛
