SEQ-screen-sync-simple: Perform Synchronous Screening: Simple : 401 Unauthorized.
Hi,
I am trying to connect to "SEQ-screen-sync-simple: Perform Synchronous Screening: Simple" API and sending request as per POSTMAN. But still I am getting 401 Unauthorized. Not sure where I am going wrong. Please help.Below are the details:
DataToSign: (request-target): get /v1/cases/screeningRequest
host: rms-world-check-one-api-pilot.thomsonreuters.com
date: Mon, 22 Apr 2019 11:54:59 GMT
content-type: application/json
content-length: 129
{"name":"Rajiv Trivedi","groupId":"0a3687cf-693a-11f8-9a6c-dc4d000016cd","entityType":"INDIVIDUAL","providerTypes":["WATCHLIST"]}
AuthKey:Signature keyId="f3002323-87ec-4095-afef-23db8c9cd5c1",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length",signature="rfMsY3hSVor9N+/uWNSBFKkT5JORL9YLhIYArpwR/V8="
headers.add("Authorization", authKey);
headers.add("Date", requestDate);
headers.add("Content-Type", "application/json");
headers.add("Content-Length", dataStringLength.toString());
Regards,
Ashish.
Thank you for your response.
We would need the response headers along with the request headers in order to determine the cause of the Error 401. As Error 401 can also be cause due to timestamp mismatch.
You can access the sample code for java via the following link and see if that works for you. Please click on the below link > Go to downloads section > click on code example > and you can download the java code example.
Link -
https://developers.refinitiv.com/customer-and-third-party-screening/world-check-one-api/downloads
Hope this helps.
Hi,
Sorry for the inconvenience. Let me rephrase the query with more clarity here.
Our system is a Java Web application that makes use of TR API. We have implemented the web service connection logic as per the scripts provided in the Postman Script set downloaded from the TR documentation page.
The web service is working fine in Postman, but it fails in our Java web services.
Following are the queries:
- Is there any way that you can provide the Java equivalent of the postman scripts? This is needed because the way the Postman scripts had been implemented is not fully implementable in Java.
- Following are the details that are generated in Java and submitted
Data for signature generation:
DataToSign: (request-target): get /v1/cases/screeningRequest host: rms-world-check-one-api-pilot.thomsonreuters.com date: Mon, 22 Apr 2019 11:54:59 GMT content-type: application/json content-length: 168 {"name":"Rajiv Trivedi","groupId":"0a3687cf-693a-11f8-9a6c-dc4d000016cd","entityType":"INDIVIDUAL","providerTypes":["WATCHLIST"],"secondaryFields":[],"customFields":[]}
The generated signature is, rfMsY3hSVor9N+/uWNSBFKkT5JORL9YLhIYArpwR/V8=
Header parameter: Authentication
Signature keyId="f3002323-87ec-4095-afef-23db8c9cd5c1",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length",signature="rfMsY3hSVor9N+/uWNSBFKkT5JORL9YLhIYArpwR/V8="
Header parameter: Date
Mon, 22 Apr 2019 11:54:59 GMT
Header parameter: Content-Type
application/json
Header parameter: Content-Length
168
Request Data:
{"name":"Rajiv Trivedi","groupId":"0a3687cf-693a-11f8-9a6c-dc4d000016cd","entityType":"INDIVIDUAL","providerTypes":["WATCHLIST"],"secondaryFields":[],"customFields":[]}
We get an exception in Java, which contains the trace as "401 Unauthorized".