World-Check One API unauthorized Get World-Check Profile
We have retrieved a profile ID for an organization entity through screeningRequest endpoint. From the results collection, we retrieve referenceId parameter of the entity and pass it to the Get World-Check Profile.
After some requests were made, we start getting unauthorized error. We have managed to get info from one entity only.
screeningRequest body:
{ "groupId":"{
{group-id}}", "entityType": "ORGANISATION", "providerTypes": [ "WATCHLIST" ], "name": "Apple", "secondaryFields":[ { "typeId":"SFCT_6", "value":"USA" } ] }
We are running the requests against the pilot API at https://rms-world-check-one-api-pilot.thomsonreuters.com/v1/
Apologies for the delay in response.
Can you please share the exact request and the response headers of the failed API call. The request and the response should be in the below format. Example request / response headers -
Request headers: GET /v1/groups Date: Mon, 19 Aug 2019 12:10:00 GMT Authorization: Signature keyId="18383849-2ca0-4e92-8f04-031e3dea6d5d",algorithm="hmac-sha256",headers="(request-target) host date",signature="5aJCSiKge2gNTL35EzdmOFZp/sXYVCrlk1xYk64+AoI=" User-Agent: PostmanRuntime/7.15.2 Accept: */* Cache-Control: no-cache Postman-Token: 48ec749a-21cb-428a-8a56-e3b5ae7212dc Host: rms-world-check-one-api-pilot.thomsonreuters.com Accept-Encoding: gzip, deflate Connection: keep-alive Response headers: HTTP/1.1 200 status: 200 X-Application-Context: application Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: 0 X-XSS-Protection: 1; mode=block X-Frame-Options: DENY X-Content-Type-Options: nosniff Date: Mon, 19 Aug 2019 12:10:00 GMT Content-Type: application/json;charset=UTF-8 Transfer-Encoding: chunked Server: ""
Thank you for your query.
The gateway host and URL which you are using is correct.
Can you please confirm the API call for which you are getting Error 401? Is it just the 'Get World-Check Profile' or are you getting error for the screening request as well?
Please share the request headers and the response headers of the failed API call to look into the exact cause of the error.
Here is the code snippet
var settings = {
"async": true,
"crossDomain": true,
"url": "https://rms-world-check-one-api-pilot.thomsonreuters.com/v1/reference/profile/e_tr_wco_4893024",
"method": "GET",
"headers": {
"Authorization": "Signature keyId=\"<<KEYIDGUID>>\",algorithm=\"hmac-sha256\",headers=\"(request-target) host date\",signature=\"APPSIGNATURE\"",
"Accept": "*/*",
"Cache-Control": "no-cache",
"Host": "rms-world-check-one-api-pilot.thomsonreuters.com",
"accept-encoding": "gzip, deflate",
"Connection": "keep-alive",
"cache-control": "no-cache"
}
}
$.ajax(settings).done(function (response) {
console.log(response);
});
Could you please verify this request message?