Discover Refinitiv
MyRefinitiv Refinitiv Perspectives Careers
Created with Sketch.
All APIs Questions & Answers  Register |  Login
Ask a question
  • Questions
  • Tags
  • Badges
  • Unanswered
Search:
  • Home /
  • Screening /
  • World-Check One /

For a deeper look into our World Check One API, look into:

Overview |  Quickstart |  Documentation |  Downloads

avatar image
Question by asaraff2 · Sep 18, 2020 at 03:06 AM · pythonworld-checkworld-check-oneauthentication

Python Project gives 401 Error when using GetTopLevelGroupRequest. Require Python sample code to generate hmac or signature header. Python signature and Postman signature doesn't match.

Hi,

I have been trying to create a sample API integration project using Python. I have tried to follow the steps as in Postman and as in the Java Sample World Check Application from the Downloads section.

When I run the code, I keep getting the 401 Unauthenticated Error. I believe it is due to the incorrect generation of the hmac. When trying with the same date variable in Postman and Python, the signatures don't match.

Could you please provide a sample code which would help me generate the proper signature so that I can get a groupId as the response? (The response is 200 when doing the same from POSTMAN)

P.S. I have tried using one of the sample code for provided for Python from one of the solutions posted here. That does not seem to work. I tried different methods for generating a similar hmac as CryptoJS does, but it did not work out for me.

Thanks,
Aman

People who like this

0 Show 0
Comment
10 |1500 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

5 Replies

  • Sort: 
avatar image
REFINITIV
Best Answer
Answer by Prabhjyot · Sep 21, 2020 at 07:24 AM

@asaraff2,

Thanks for the details.

The issue appears to be with the hmac value which is being generated. Can you please share the dataToSign format which you are using in your code?

Comment

People who like this

0 Show 0 · Share
10 |1500 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

avatar image
REFINITIV
Answer by Prabhjyot · Sep 18, 2020 at 06:09 AM

@asaraff2,

Can you please share the request and the response headers which you are receiving from your code?

Comment

People who like this

0 Show 0 · Share
10 |1500 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

avatar image
Answer by asaraff2 · Sep 21, 2020 at 01:26 AM

Request Headers:

{'User-Agent': 'python-requests/2.24.0', 'Accept-Encoding': 'gzip, deflate', 'Accept': '*/*', 'Connection': 'keep-alive', 'Authorization': 'Signature keyId="8908a09e-5118-4087-8413-25e20c3867b3",algorithm="hmac-sha256",headers="(request-target) host date",signature="rGGF4v6LRG5h6Cucl7cgzEYpW4OC97xwYueDP3KjYtk="', 'Date': 'Mon, 21 Sep 2020 01:25:40 GMT'}


Response Headers:


{'Strict-Transport-Security': 'max-age=15552000, includeSubdomains', 'Authorization': 'WWW-Authenticate: Signature realm="World-Check One API",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length"', 'Date': 'Mon, 21 Sep 2020 01:25:41 GMT', 'Server': '""', 'Content-Length': '0', 'Age': '430', 'Via': 'HTTPS/1.1 BFAMPHKGWCG01'}

Comment

People who like this

0 Show 0 · Share
10 |1500 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

avatar image
Answer by asaraff2 · Sep 21, 2020 at 09:02 AM 
datatosign = "(request-target): get " + gatewayurl + "groups\n" + \
             "host: " + gatewayhost + "\n" + \
             "date: " + date + "\n"




Comment

People who like this

0 Show 0 · Share
10 |1500 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

avatar image
Answer by asaraff2 · Sep 21, 2020 at 09:03 AM 
gatewayurl = "/v1/"
gatewayhost = "rms-world-check-one-api-pilot.thomsonreuters.com"
dataformat = ("%a, %d %b %Y %H:%M:%S GMT")
datenow = time.gmtime()
date = time.strftime(dataformat, datenow)


Comment

People who like this

0 Show 1 · Share
10 |1500 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

avatar image
REFINITIV
Prabhjyot ♦♦ · Sep 22, 2020 at 08:28 AM 0
Share

@asaraff2,

I have dropped you an email so we may investigate further on this.

Watch this question

Add to watch list
Add to your watch list to receive emailed updates for this question. Too many emails? Change your settings >
12 People are following this question.

Related Questions

How do I access the WorldCheck One API documentation?

How does the authentication work?

Encounter Authorization error on calling V2 cases/saveandscreen API endpoint

Access to Pilot Environment

MediaCheck Invalid Provider Type Error

  • Copyright
  • Cookie Policy
  • Privacy Statement
  • Terms of Use
  • Anonymous
  • Sign in
  • Create
  • Ask a question
  • Spaces
  • Alpha
  • App Studio
  • Block Chain
  • Bot Platform
  • Connected Risk APIs
  • DSS
  • Data Fusion
  • Data Model Discovery
  • Datastream
  • Eikon COM
  • Eikon Data APIs
  • Electronic Trading
    • Generic FIX
    • Local Bank Node API
    • Trading API
  • Elektron
    • EMA
    • ETA
    • WebSocket API
  • FX Venues
    • FX Trading – RFQ Maker
  • Intelligent Tagging
  • Legal One
  • Messenger Bot
  • Messenger Side by Side
  • ONESOURCE
    • Indirect Tax
  • Open Calais
  • Open PermID
    • Entity Search
  • Org ID
  • PAM
    • PAM - Logging
  • ProView
  • ProView Internal
  • Product Insight
  • Project Tracking
  • RDMS
  • Refinitiv Data Platform
    • Refinitiv Data Platform Libraries
  • Rose's Space
  • Screening
    • Qual-ID API
    • Screening Deployed
    • Screening Online
    • World-Check One
    • World-Check One Zero Footprint
  • Side by Side Integration API
  • TR Knowledge Graph
  • TREP APIs
    • CAT
    • DACS Station
    • Open DACS
    • RFA
    • UPA
  • TREP Infrastructure
  • TRKD
  • TRTH
  • Thomson One Smart
  • Transactions
    • REDI API
  • Velocity Analytics
  • Wealth Management Web Services
  • Workspace SDK
    • Element Framework
    • Grid
  • World-Check Data File
  • Yield Book Analytics
  • 中文论坛
  • Explore
  • Tags
  • Questions
  • Badges