Apologies for the late response.
From the above details, it looks like there is a descrepency in timestamp in the request and response.
Could you please adjust the system time to NTP and use the exact time as in the response headers? Approximately, only 30 seconds of time difference is acceptable for the API to return a successful response code, exceeding that will result in Error 401.
If you are still receiving Error 401, after adjusting the clock, please send us the updated request and response headers to investigate further.
Thank you for your query.
Can you please provide us the full request headers and the response headers of the failed API call by masking the API key to investigate on the issue? Also, can you please confirm us the endpoint for which you are facing the Error?
we are facing in the beginning { {protocol}}{ {gateway-host}}{ {gateway-url}}groups this method.
log:
request
function generateAuthHeader(dataToSign){
var hash = CryptoJS.HmacSHA256(dataToSign,environment["api-secret"]);
pm.globals.set("variable_key", "variable_value");
return hash.toString(CryptoJS.enc.Base64);
}
var date = new Date().toGMTString();
var dataToSign = "(request-target): get " + environment["gateway-url"] + "groups\n" +
"host: " + environment["gateway-host"] + "\n" +
"date: " + date;
var hmac = generateAuthHeader(dataToSign);
var authorisation = "Signature keyId=\"" + environment["api-key"] + "\",algorithm=\"hmac-sha256\",headers=\"(request-target) host date\",signature=\"" + hmac + "\"";
postman.setEnvironmentVariable("authorisation",authorisation);
postman.setEnvironmentVariable("currentDate",date);
Response
Status code is 200 | AssertionError: expected response to have status code 200 but got 401
Could retrieve the groupId from response | AssertionError: expected response body to be a valid json but got error No data, empty input at 1:1
Thank you for sharing the pre-request script.
We would need the request and the response headers which can be obtained from the console logs of the postman.
Please use the shortcut CRTL + ALT + C to open the console logs window and then fire the API call using postman. You will get the request and the response headers in the console logs.
Please share those details masking the API key, so that we may investigate on the issue.
https://rms-world-check-one-api-pilot.thomsonreuters.com/v1/groups
11:06:25.327
Request Headers:
Date:"Tue, 24 Sep 2019 05:21:25 GMT"
Authorization:"Signature keyId="************************************",algorithm="hmac-sha256",headers="(request-target) host date",signature="21AIQT+TVxVWtBFWybQPCHa72RBv4qkOinRuctaaeu8=""
User-Agent:"PostmanRuntime/7.17.1"
Accept:"*/*"
Cache-Control:"no-cache"
Postman-Token:"57335503-be78-4cd0-9f96-083e3f161711"
Host:"rms-world-check-one-api-pilot.thomsonreuters.com"
Accept-Encoding:"gzip, deflate"
Connection:"keep-alive"
Response Headers:
X-Application-Context:"application"
Authorization:"WWW-Authenticate: Signature realm="World-Check One API",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length"
Transfer-Encoding:"chunked"
Date:"Tue, 24 Sep 2019 05:19:57 GMT"
Server:""""
Response Body:
401
4730 ms