For a deeper look into our World Check One API, look into:

Overview |  Quickstart |  Documentation |  Downloads

question

Upvotes
Accepted
1 0 1 1

Encounter Authorization error on calling V2 cases/saveandscreen API endpoint

I get an authorization error when I call v2/cases/saveandscreen of WorldCheckOne API. All the other API calls work fine.

I would really appreciate your help/advice.

world-checkworld-check-onec#.netauthentication
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
Accepted
1.2k 4 1 2

@alankar.karol

Hi,

401 errors occur because the request has failed an authorization check. This can happen for a variety of reasons, such as

  • An invalid or expired API key,
  • An invalid HMAC signature.
  • Request timing issue/problem with the Date header value. The API client should ensure a correctly synchronized clock is used to generate request timestamps.
  • Incorrect JSON payload formation at your end that can cause you to observe 401 response.

Could you share the complete request and response headers of the 401 API call that you are receiving so that we can investigate it further?


Regards,

Mehran Khan

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
1 0 1 1

Hi Mehran,

Thanks for your reply!

Basically, I am using C# to call your APIs in pilot environment. All the other endpoints we are using work fine except (cases/saveandscreen).

I have got a small code sample in C#, would you like me to share that? If yes how can i attach the source code file?

Cheers

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
1 0 1 1

Hi Mehran, I am adding Request and Response Headers. Hope that helps!


dataToSign

=========================

(request-target): post /v2/cases/saveandscreen

host: rms-world-check-one-api-pilot.thomsonreuters.com

date: Mon, 14 Dec 2020 10:21:47 GMT

content-type: application/json

content-length: 467

{"groupId":"5nzbfqact4r91f3djfkjtszzh","providerTypes":["WATCHLIST"],"nameTransposition":false,"caseScreeningState":{"WATCHLIST":"ONGOING"},"cases":[{"entityType":"INDIVIDUAL","name":"Joe Bloggs","nameTransposition":false,"secondaryFields":[],"customFields":[],"caseId":"a89d0b5a-c5fd-41cd-b202-a787979742f1"},{"entityType":"INDIVIDUAL","name":"Henry","nameTransposition":false,"secondaryFields":[],"customFields":[],"caseId":"5a3bedc2-dfe2-4da7-9195-7618e85787ca"}]}


hmac

==============================

DYzN6ic1BTN6ION7+aAzGUoubXBHrI6kVZiASQIxTOQ=


authorization

===================================

Signature keyId="2152c649-892d-40f6-be73-cf5b03db6924",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length",signature="DYzN6ic1BTN6ION7+aAzGUoubXBHrI6kVZiASQIxTOQ="


byte1.Length

====================

467


dateValue.ToString()

============================

14/12/2020 10:21:47


REQUEST HEADERS

=================

var request = new RestRequest();

request.AddHeader("Authorization", authorisation);

request.AddHeader("Cache-Control", "no-cache");

request.AddHeader("Date", dateValue.ToString());

request.AddHeader("content-type", "application/json");

request.AddHeader("content-length", byte1.Length.ToString());


RESPONSE

=================

Unauthorized

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
1.2k 4 1 2

@alankar.karol

I tried replicating this using your keys and was able to successfully consume the API on postman so there are no issues with your request payload.

I tried to replicate your exact same request next with the exact timestamp i.e. Mon, 14 Dec 2020 10:21:47 GMT, and I see that the HMAC generated by your code is incorrect, I suspect there is an issue with the content length calculation in your code.

For the exact same payload and a successful request, the content-length that I see is 542 but from your logs, your code is probably calculating it to 467, can you please check this part of your code?

Let me know if we need to get on a quick phone call sometime tomorrow, I will be happy to jump in and discuss this over a meeting.

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
1.2k 4 1 2

@alankar.karol

Here is the request-response from my replicated API call. I have masked the API key for confidentiality purposes and highlighted the signature for your attention.


POST /v2/cases/saveAndScreen HTTP/1.1

Host: rms-world-check-one-api-pilot.thomsonreuters.com

Date: Mon, 14 Dec 2020 10:21:47 GMT

Authorization: Signature keyId="2152c649-892d-40f6-be73-cf**********",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length",signature="WyL1HMa83doGIHS3V7hzKWBudWnUyCbboWUzufBZ5Tg="

Content-Type: application/json

Content-Length: 542


{

"groupId": "5nzbfqact4r91f3djfkjtszzh",

"providerTypes": ["WATCHLIST"],

"nameTransposition": false,

"caseScreeningState": {

"WATCHLIST": "ONGOING"

},

"cases": [{

"entityType": "INDIVIDUAL",

"name": "Joe Bloggs",

"nameTransposition": false,

"secondaryFields": [],

"customFields": [],

"caseId": "a89d0b5a-c5fd-41cd-b202-a787979742f1"

}, {

"entityType": "INDIVIDUAL",

"name": "Henry",

"nameTransposition": false,

"secondaryFields": [],

"customFields": [],

"caseId": "5a3bedc2-dfe2-4da7-9195-7618e85787ca"

}]

}

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
1 0 1 1

Hi Mehran,

Thanks for your support. Sorry I have been away for the holidays. Here is what i tried;


I hardcoded the content length to 542 in my code and it still failed. Then I compared the HMAC Signature, which doesn't match with what you mentioned above.


HMACS:

Your:

WyL1HMa83doGIHS3V7hzKWBudWnUyCbboWUzufBZ5Tg=

Mine:

c2KTdPXemA5ZMDt5+qA91WJIY4V1nfINLvPOQ/bqYmo=

I am not sure what's going on here. Please let me know the timings to jump on a quick call.

Cheers,


icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
1.2k 4 1 2

@alankar.karol

I have sent you an email, let's get on a meeting and get this resolved.

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.