For a deeper look into our World Check One API, look into:
1
●0 ●0 ●2
Hi,We are trying to perform end to end screening via SAP PO. While establishing the connectivity we are facing 401 unauthorized error.
@mraffia, @Mehran.Ahmed Khan
Did you manage to resolve the issue discussed on this thread? Would you mind sharing the resolution? It will help other users who may encounter similar issue in the future.
Thank you,
-AHS
2.4k
●6 ●5 ●6
Thanks for providing the details, the request payload that you're passing is incorrect,the format in which it's being passed is incorrect, you need to define the entityType in the payload and it is a mandatory parameter while screening , I am providing a sample payload for your reference to perform screening, also I notice that few request headers are missing there is no "Date" header and the Content-Length is also missing.Please refer the screenshot attached to check the headers needed to perform screening successfully.Custom fields and secondary fields are optional parameters. screeningheaders.png
{
"groupId": "{
{group-id}}",
"entityType": "INDIVIDUAL",
"providerTypes": ["WATCHLIST"],
"name": "putin",
"customFields": [],
"secondaryFields": []
}
2.4k
●6 ●5 ●6
1
●0 ●0 ●2
cusersmraffiadesktop2019-04-11-17-38-07.pngHi Meeran,
we are trying to call this from PO channel, while pinging the channel we are getting the below error.
we have maintained the below entries in HTTP headers.
API key ,authorization, Host, Date,Content-Type
2.4k
●6 ●5 ●6
@mraffia
I would need the values of the data being passed and response details to investigate this further,
401 errors occur because the request has failed an authorization check. This can happen for a variety of reasons, such as
a) An invalid or expired API key,
b)An invalid HMAC signature.
c) Request timing issue/problem with the Date header value. The API client should ensure a correctly synchronized clock is used to generate request timestamps.
d)Incorrect JSON payload formation at the customer’s end that can cause them to observe 401 response.
1
●0 ●0 ●2
Hi Meeran,
Below are the parameters which we are sending as part of the HTTP headers.
api-key: dbb02b7c-2dc8-4c3b-9719-53d3ae329bda
Authorization: Signature keyId="dbb02b7c-2dc8-4c3b-9719-53d3ae329bda",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length",signature="uiDp8S1sKUwXMz7vTCDivTP26wK+xucMkOGjD0ZfFJU="
Please find the request json message attached along.requestmsg.txt
Regards,
Mohammed Raffi
1
●0 ●0 ●2
Hi Meeran,
Thanks for info, we made the corrections in the json and in the HTTP headers. We re-syndicated data from SAP PO. It currently fails with the bad request.
Below is the endpoint url and the corresponding JSON request sent.
https://rms-world-check-one-api-pilot.thomsonreuters.com/v1/cases/screeningRequest
{
"groupId": "{ {0a3687d0-6855-1ac5-9a2d-dc0b00000cd8}}",
"entityType": "INDIVIDUAL",
"providerTypes": [
{
"element": "WATCHLIST"
}
],
"name": "Putin",
"customFields": [
""
],
"secondaryFields": [
""
]
}
Regards,
Mohammed Raffi
2.4k
●6 ●5 ●6
Please pass the providerTypes as shown below, you need to remove the element and just pass WATCHLIST. Also kindly remove the double quotes from the custom and secondary fields array and pass them as an empty array.
"providerTypes": ["WATCHLIST"],
1
●0 ●0 ●2
Hi Mehran,
We made the required changes and re-tested the same, but we are facing a bad request error while sending the data from SAP PO.
whereas the same data is syndicated via Postman we are able to response.
Below is the JSON message that was sent.
{
"groupId": "0a3687d0-6855-1ac5-9a2d-dc0b00000cd8",
"entityType": "INDIVIDUAL",
"providerTypes": [
"WATCHLIST"
],
"name": "putin",
"customFields": [],
"secondaryFields": []
}
Please find the message logs pic attached.
2.4k
●6 ●5 ●6
Kindly pass the groupId as "groupId": "0a3687d0-6855-1ac5-9a2d-dc0b00000cd8", instead of "groupId": "{
{0a3687d0-6855-1ac5-9a2d-dc0b00000cd8}}" it should work.
1
●0 ●0 ●2
Hi Meharan,
We are sending the group id without the curly braces, please refer the JSON message provided in the earlier message.
2.4k
●6 ●5 ●6
Can you please provide me the complete request & response headers i.e. Date, Authorization, content length and content type and also the request again .
We can also get on a quick call to sort this out soon.
1
●0 ●0 ●2
Hi Mehran,
We can have a quick call tomorrow at any time feasible for you. Please send out an invite to the email id: mraffia@deloitte.com.
Regards,
Mohammed Raffi
2.4k
●6 ●5 ●6
@mraffia
Tomorrow is a non working day for us , i will send an invite for friday and we will take it from there
2.4k
●6 ●5 ●6
The issue is resolved. The root cause was that a few request parameters were missing while sending the request to World-Check one.
1
●0 ●1 ●1
I am also facing the same 401 authorization issue, please help me @Mehran.Ahmed Khan @mraffia
below are the request parameters I have configured.
Authorization:Signature keyId="api_key",algorithm="hmac-sha256",headers="(request-target) host date content-type",signature="PzgYT2oV2kRUNtub3PXFlSDKeB7jKQqqFZPw8tSP0yA="
Host:rms-world-check-one-api-pilot.thomsonreuters.com
Date;Thu, 07 Jan 2021 06:48:44 GMT
Content-Type;application/json
I have dropped you an email. Please revert back with the requested details.
