For a deeper look into our World Check One API, look into:

Overview |  Quickstart |  Documentation |  Downloads

question

Upvotes
Accepted
vcarlisle avatar image
1 1 1 2

I am working on calling the World Check One API from ServiceNow

I am able to access the API from Postman successfully.
When attempting to make the same call from ServiceNow I get a 401 error.

Code
Code to generate header in ServiceNow:

getSimpleScreeningRequestAuthHeader : function(dateSent,payload){
        var contentLength = unescape(encodeURIComponent(payload)).length,
            environment = {
                "gateway-url": gs.getProperty('x_525112_refinitiv.refinitiv.gateway_url'),
                "gateway-host": gs.getProperty('x_525112_refinitiv.refinitiv.gateway_host'),
                "content": "application/json",
                "api-key": gs.getProperty('x_525112_refinitiv.refinitiv.api_key')
            },
            dataToHash = "(request-target): post " + environment["gateway-url"] + "cases/screeningRequest\n" +
                "host: " + environment["gateway-host"] + "\n" +
                "date: " + dateSent + "\n" +
                "content-type: " + environment["content"] + "\n" +
                "content-length: " + contentLength + "\n" +
                payload,
            hmac = this._generateHash(dataToHash),
            authHeader = "Signature keyId=\"" + environment["api-key"] + "\",algorithm=\"hmac-sha256\",headers=\"(request-target) host date content-type content-length\",signature=\"" + hmac + "\"";
        var debug = {
            "environmet": environment,
            "dataToHash": dataToHash,
            "hmac": hmac
        };
        gs.info('test this - script include debug: ' +JSON.stringify(debug));
        
        return authHeader;
    },
    
    _generateHash : function(dataToHash){
        var hmacUtil = new x_525112_cryptojs.CryptoJS_Wrapper(),
            secret = gs.getProperty('x_525112_refinitiv.refinitiv.api_secret'),
            hash = hmacUtil.HmacSHA256(dataToHash, secret);
        return hmacUtil.convertToBase64(hash);
        //return gs.base64Encode(hash)
    }

**payload is the body of the REST message


Code to make the call

var dateToday  = new Date().toGMTString(),
    restBody = {
    "groupId": "****", (group id removed for security, have verified it matches Postman)
    "entityType": "UNSPECIFIED",
    "caseId": "",
    "providerTypes": [
        "WATCHLIST"
    ],
    "caseScreeningState": {
        "WATCHLIST": "INITIAL"
    },
    "name": "John Smith",
    "nameTransposition": false,
    "secondaryFields": [],
    "customFields": []
},
    authHeaderString = new x_525112_refinitiv.refinitivWCUtils().getSimpleScreeningRequestAuthHeader(dateToday,JSON.stringify(restBody));

try { 
    var endPoint = gs.getProperty('x_525112_refinitiv.refinitiv.gateway_host') + gs.getProperty('x_525112_refinitiv.refinitiv.gateway_url'),
    contentLength = unescape(encodeURIComponent(restBody)).length,
    r = new sn_ws.RESTMessageV2('x_525112_refinitiv.refinitiv_world_check', 'SEQ-screen-sync-simple');
    r.setStringParameterNoEscape('authorizarionString', authHeaderString);
    r.setStringParameterNoEscape('currentDate', dateToday);
    r.setStringParameterNoEscape('endPoint', endPoint);
    r.setStringParameterNoEscape('contentLength', contentLength);
    r.setStringParameter('payload', restBody);

    var response = r.execute();
    var responseBody = response.getBody();
    var httpStatus = response.getStatusCode();

    var debug = {
        "date": dateToday,
        "endPoint": endPoint,
        "httpStatus": httpStatus
    }
    gs.print(JSON.stringify(debug));
    gs.print('authHeaderString is: ' + authHeaderString);
    
}
catch(ex) {
    var message = ex.message;
    gs.print('error caught, message: ' + message);
}


Debug & gs.print information returned after making the REST call

var scriptIncludeDebug= {
    "environmet": {
      "gateway-url": "/v2/",
      "gateway-host": "api-worldcheck.refinitiv.com",
      "content": "application/json",
      "api-key": "*****" (key removed for security, have verified it matches Postman)
    },
    "dataToHash": "(request-target): post /v2/cases/screeningRequest\nhost: api-worldcheck.refinitiv.com\ndate: Fri, 18 Mar 2022 14:57:35 GMT\ncontent-type: application/json\ncontent-length: 238\n{\"groupId\":\"******\",\"entityType\":\"UNSPECIFIED\",\"caseId\":\"\",\"providorTypes\":[\"WACHTLIST\"],\"caseScreeningState\":{\"WATCHLIST\":\"INITIAL\"},\"name\":\"John Smith\",\"nameTransposition\":false,\"secondaryFields\":[],\"customFields\":[]}", (group id removed for security, have verified it matches Postman)
    "hmac": "6kVaZfQIuChZ2dldnrHrrYv9McZOPjSMRdAXvZhAlzw="
},
bgScriptDebug = {
    "date": "Fri, 18 Mar 2022 14:57:35 GMT",
    "endPoint": "api-worldcheck.refinitiv.com/v2/",
    "httpStatus": 401
}

(keyID removed for security, have verified it matches Postman and in both Signatures)
var SNC = ' Signature keyId="******",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length",signature="6kVaZfQIuChZ2dldnrHrrYv9McZOPjSMRdAXvZhAlzw=" '
var PMN = ' Signature keyId="******",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length",signature="M8CoTayADFfsJFU8kL1MO5FGv/kmLPedsh/E+rRHbc8=" '


I have verified the server date/time is within 30 seconds of https://time.is

Any help you can offer would be greatly appreciated.

error-401
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Shadab Hussain avatar image   Shadab Hussain

Hi @vcarlisle,

Thank you for your participation in the forum. Is the reply below satisfactory in resolving your query?

If so please can you click the 'Accept' text next to the appropriate reply? This will guide all community members who have a similar question.


Thanks,

AHS

Jirapongse avatar image   Jirapongse

@vcarlisle

Hi,

Please be informed that a reply has been verified as correct in answering the question, and marked as such.

Thanks,

AHS

4 Answers

· Write an Answer
Upvotes
Accepted
Vivek Kumar Singh avatar image
1.4k 5 2 2

Hi @vcarlisle

We would like you to please utilize the some of the sample codes available on the https://developers.refinitiv.com/en/api-catalog/customer-and-third-party-screening/world-check-one-api/downloads

Please check and let us know if you still need our assistance.

Thanks

Vivek Kumar Singh

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
Vivek Kumar Singh avatar image
1.4k 5 2 2

Hi @vcarlisle

Thanks for your email!

Please allow us to validate the details, will get back to you ASAP.

Thanks
Vivek Kumar Singh

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
vcarlisle avatar image
1 1 1 2

@Vivek Kumar Singh thanks, I look forward to hearing from you. Let me know if you want to meet up so we can step through what I am doing or if there are any questions I can answer here.

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
vcarlisle avatar image
1 1 1 2

For anyone facing the issue, the suggested documentation didn't really help solve the issue. For us it turned out to be an issue with the message body, even copying/pasting it from the Postman files directly to the ServiceNow script we were experiencing a variance between the calculated length that Postman provided and the length in ServiceNow. By using JSON.strignify(restbody, null, 4) we were able to resolve the variance. Our best guess is that even though we were using JSON.stringify(restbody) it was sending the body as an unformatted (lacking spaces) string and that was causing the issue. Also, when passed as a parameter in the ServiceNow REST message function, the REST body must be set to "setStringParameterNoEscape()".

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.