For a deeper look into our World Check One API, look into:

Overview |  Quickstart |  Documentation |  Downloads

question

Upvotes
Accepted
36 1 3 4

Receive 500 Internal Server Error for screeningRequest in World Check

I am trying to integrate World Check One Screening Request, I am receiving proper responses on the postm

an, but when I hit from my application, I receive 500 Internal Server Error.

Authorisation Header:

Signature keyId="18XXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length",signature="nN45v5sPz4SRWo1lNhzpwvfYQOsrba0nhu/Uf3XIBoA="

Request Data:

{"secondaryFields":[{"value":null,"typeId":"SFCT_2","dateTimeValue":"2010-05-18"},{"value":"Kuwait","typeId":"SFCT_3","dateTimeValue":null}],"providerTypes":["WATCHLIST"],"name":"Shareholder One","groupId":"0a3687cf-6855-18b8-9a1f-a88d00000781","entityType":"INDIVIDUAL"}

Data To Sign (Fed to HMAC-SHA256 generator):

(request-target): post /v1/cases/screeningRequest

host: zfs-world-check-one-api-pilot.thomsonreuters.com

date: Wed, May 22 2019 16:35:24 GMT

content-type: application/json

content-length: 271

Response:

{"message":null}

If I use the same request body in postman I receive a proper 200 response, I guess there is some issue with my signature, but not sure why I am getting a 500 rather than a 401.

I checked the response Headers and see

x-amzn-ErrorType value: AuthorizerConfigurationException.

Any help is appreciated.

world-checkworld-check-oneerror-500
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvote
Accepted
36 1 3 4

@Mehran.Ahmed Khan Thanks for the exceptional help.

The date format was incorrect, it needs to be EEE, d MMM yyyy HH:mm:ss GMT

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
2.4k 5 5 5

@asif

Firstly, in the request payload the format of the country location is incorrect , you will need to use the ISO country list , so KUWAIT will be passed as "KWT".

To investigate this further can you please state your account name? I tried to look for finfirst but unfortunately couldn't locate .

Thanks

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
36 1 3 4

@Mehran.Ahmed Khan Account Name Should be Murabaha Capital Cayman Ltd.

I have tried with KWT as well, does not change the response.

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
2.4k 5 5 5

@asif,

I replicated the issue at my end to compare the HMAC signature and indeed the HMAC is incorrect, please find below the request response for the same.

Coming to the point why you're receiving a 500 response instead of 401 we are investigating and will get back to you.

Please check the HMAC generation at your end and retry it should work fine.

POST /v1/cases/screeningRequest
Date: Wed, May 22 2019 16:35:24 GMT
Content-Type: application/json
Authorization: Signature keyId="18dd3f34-1939-4033-acea-************",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length",signature="9aRxHnzEI3+bmcTOQ3a6qklbQb2z4WrDyw26vyvqsuc="
Content-Length: 327
User-Agent: PostmanRuntime/7.13.0
Accept: */*
Cache-Control: no-cache
Postman-Token: 33f38882-50cb-4277-ab7b-eedae5b7c8ba
Host: zfs-world-check-one-api-pilot.thomsonreuters.com
accept-encoding: gzip, deflate
Connection: keep-alive

{
 "secondaryFields": [{
 "value": null,
 "typeId": "SFCT_2",
 "dateTimeValue": "2010-05-18"
 }, {
 "value": "KWT",
 "typeId": "SFCT_3",
 "dateTimeValue": null
 }],
 "providerTypes": ["WATCHLIST"],
 "name": "Shareholder One",
 "groupId": "0a3687cf-6855-18b8-9a1f-a88d00000781",
 "entityType": "INDIVIDUAL"
 }


HTTP/1.1 500
status: 500
Content-Type: application/json
Content-Length: 16
Connection: keep-alive
Date: Thu, 23 May 2019 12:04:39 GMT
x-amzn-RequestId: f0dff4e3-7d52-11e9-8445-6f6c930d1917
x-amzn-ErrorType: AuthorizerConfigurationException
x-amz-apigw-id: aIrdpElQjoEFc4g=
X-Cache: Error from cloudfront
Via: 1.1 abe961bfbed978775cdf93859ed612bc.cloudfront.net (CloudFront)
X-Amz-Cf-Id: zfB_MZjeoG_uWwOw2MgPQ6mYTHEkdptmb0DmtBKqx-RB_EJ7oKqllQ==

{"message":null}
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
36 1 3 4

@Mehran.Ahmed Khan What is wrong with the way I am generating the signature, my data to Sign string matches exactly to the one in the postman collection. I am not able to figure out what I am missing

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
2.4k 5 5 5
@asif

I looked further and if you notice the content length from my request it's 327 whereas the content length from the data you provided was 271, this is what is causing you to generate incorrect HMAC, assuming that you are passing KUWAIT as KWT use a JSON validator on google to correctly format the request payload, copy the payload and retry the request .

Let me know the results.

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
36 1 3 4

@Mehran.Ahmed Khan


I send the same request using postman, the content length in postman is 271 as well. I don't see any authorization errors there, I receive a proper error message for the country being Kuwait and not KWT.

In my opinion, this should not be a content length issue, because I have very carefully matched the content length that my code sends and that postman sends and it is always the same.

Attached is a screenshot of postman with the exact same request showing content length as 271 and giving me a proper error response

image-24-05-19-at-331-pm.jpg


icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
2.4k 5 5 5

contentlength.png@asif

When I reproduced your error and when I successfully screen using your credentials the content length in both the cases is 327, attached is the screenshot for the same.

Let me know if you would like to get on a quick call and discuss this, I am available till 6 PM IST today.


contentlength.png (68.3 KiB)
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
36 1 3 4

@Mehran.Ahmed Khan

Let's get on a call. Please find the link below

https://us04web.zoom.us/j/8711592254
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.