For a deeper look into our World Check One API, look into:

Overview |  Quickstart |  Documentation |  Downloads

question

Upvotes
Accepted
Diabos avatar image
1 0 1 2

Unathorized reposne to the API request when tries through the .net application, kindly advise

We are trying to generate Authorization Header for API request but having an unathorizes reposne instead.

Find the Script and .Net Code below through which we are trying to request the groups API

Below is JavaScript refence file and the refence code used to implemet the CryptoJS.HmacSHA256 funtion to generate the Signature key value to be passed in Authorization Header

<script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/crypto-js.js"></script>;

function generateAuthHeader(dataToSign) {
var hash = CryptoJS.HmacSHA256(dataToSign, "qgq4/39BA9mar5FKcFkKzRc3E72gGRJ9mb0BJefWja6LEw4CjKh5TBXnO84p8xT+EcvQB2AFNaeO1rpZtGB1NQ==");
return hash.toString(CryptoJS.enc.Base64);
}

function GenerateHeader() {

var date = new Date().toGMTString();

var dataToSign = "(request-target): get /v1/groups\n" +
"host: api-worldcheck.refinitiv.com\n" +
"date: " + date;

var hmac = generateAuthHeader(dataToSign);
var authorisation = "Signature keyId=\"47922b3d-c807-421c-9692-c5f556525a06\",algorithm=\"hmac-sha256\",headers=\"(request-target) host date\",signature=\"" + hmac + "\"";

var CurrentDate = document.getElementById('<%= CurrentDate.ClientID %>');
if (CurrentDate != undefined) if (CurrentDate != null) CurrentDate.value = date;
var Authorization = document.getElementById('<%= Authorization.ClientID %>');
if (Authorization != undefined) if (Authorization != null) Authorization.value = authorisation;

}

we are then using the CurrentDate and Authorization value as being set in above code in the code behind request header as below

var client = new RestClient(); var request = new RestRequest(); IRestResponse response;
client = new RestClient("https://api-worldcheck.refinitiv.com/v1/groups");
client.Timeout = -1;
request = new RestRequest(Method.GET);
request.AddHeader("Date", "Wed, 14 Apr 2021 07:26:40 GMT");
request.AddHeader("Authorization", "Signature keyId=\"47922b3d-c807-421c-9692-c5f556525a06\",algorithm=\"hmac-sha256\",headers=\"(request-target) host date\",signature=\"mLcf0wkQ67lK2BaNRKb+HKk+A2nEhEiJN1jeEEUCoqQ=\"");

ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
response = client.Execute(request);


More details on Development enviorement

Microsoft vs 2015 community editon, .net framework 4.8



world-checkworld-check-one
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

chavalit-jintamalit avatar image   chavalit-jintamalit

Hi @psp

It seems that you are using World Check 1 API.

So I moved your question to >> Screening >> World Check One API

Jirapongse avatar image   Jirapongse

@Diabos

Hi,

Thank you for your participation in the forum.

Are any of the replies below satisfactory in resolving your query?

If yes please click the 'Accept' text next to the most appropriate reply. This will guide all community members who have a similar question.

Otherwise please post again offering further insight into your question.

Thanks,

AHS

chavalit-jintamalit avatar image   chavalit-jintamalit

Please be informed that a reply has been verified as correct in answering the question, and has been marked as such.
Thanks,
AHS

3 Answers

· Write an Answer
Upvotes
Accepted
Mehran Khan avatar image
1.3k 4 1 2

@Diabos

Thanks for the information.

If you notice the request and response timestamps the time difference between them is >30 seconds so when the difference is >30 seconds the API would fail with 401 error.

Please make sure your clock is synchronized with NTP

https://time.is/


Retest the API call after synchronizing the time on your machine and let me know if you get a 200 OK response.

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
Mehran Khan avatar image
1.3k 4 1 2

@Diabos

Apologies for the delayed response.

401 errors occur because the request has failed an authorization check. This can happen for a variety of reasons, such as

  • An invalid or expired API key
  • An invalid HMAC signature
  • Request timing issue/problem with the Date header value. The API client should ensure a correctly synchronized clock is used to generate request timestamps.
  • Incorrect JSON payload formation at your end can cause them to observe 401 responses.

We will look into the code and get back shortly, we may also have a sample .net code let me try and see if I can get that for you to use as a reference.

Meanwhile, could you also provide the response headers for the failed API call?

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
Diabos avatar image
1 0 1 2

@Mehran Khan,

Find the response header for the group API request as requested below.

URL : https://api-worldcheck.refinitiv.com/v1/groups

Request Header

Date : Tue, 20 Apr 2021 05:34:03 GMT

Authorization : Signature keyId=\"47922b3d-c807-421c-9692-c5f556525a06\",algorithm=\"hmac-sha256\",headers=\"(request-target) host date\",signature=\"7rp2BFUu4YkVgepy7q3Zc4p10PXZiAeQ9kKpU2eK+3w=\".


Response Header

{Transfer-Encoding=chunked}

{Connection=keep-alive}

{Strict-Transport-Security=max-age=15552000, includeSubdomains}

{Authorization=WWW-Authenticate: Signature realm="World-Check One API",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length"}

{Date=Tue, 20 Apr 2021 05:35:28 GMT}

StatusCode : Unauthorized




icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.