Warning in emaLog using RTSDK C++ to get subset of market data from RRTO

Options

Hi,

We connect to the Refinitiv Real Time Optimized using the RTSDK C++ (v2.0.3.L2.win) and we successfully receive market data.

Though we have noticed that in emaLog, every 8 minutes or so, we get the following warning:


loggerMsg

TimeStamp: 15:01:31.679

ClientName: ChannelCallbackClient

Severity: Warning

Text: Received Channel warning event on channel Channel_1

Instance Name Consumer_1_1

RsslReactor 0x000000000421F3E0

RsslChannel 0x000000000421F3E0

Error Id -1

Internal sysError 0

Error Location D:\Jenkins\workspace\ESDKCore_RCDEV\OS\VS142-64\rcdev\source\rtsdk\Cpp-C\Eta\Impl\Reactor\rsslReactorWorker.c:3441

Error Text Received HTTP error 400 status code with data body : {"error":"invalid_grant" } .

loggerMsgEnd


This error has started since we went from requesting all fields to requesting only a subset for an instrument, e.g. request only 3 fields:

consumer.registerClient(ReqMsg()

.serviceName("ELEKTRON_DD")

.name(itemName)

.payload(ElementList()

.addUInt(ENAME_VIEW_TYPE, 1)

.addArray(ENAME_VIEW_DATA, OmmArray().fixedWidth(2)

.addInt(1)

.addInt(2)

.addInt(3)

.complete()).complete()),

client);


If the call is changed to:

consumer.registerClient(ReqMsg()

.serviceName("ELEKTRON_DD")

.name(itemName),

client);


we don't get the warning.

Is this an issue we should resolve?

Thanks.

Tagged:

Best Answer

  • wasin.w
    wasin.w admin
    Answer ✓

    Hello @manjinder.singh

    The RDP team found that your Machine-ID generated too many password grant calls (new sessions), so it invalided the session for the refresh token request.

    According to their log, there are other password grant calls during the <10:42> initial password request and <10:50> refresh token request.

    Please confirm if you are using this single Machine-ID with multiple sessions or applications in your environment.


Answers

  • Hello @manjinder.singh

    The error message "Error Text Received HTTP error 400 status code with data body : {"error":"invalid_grant" } ." is generated from the RDP HTTP API Gateway. It is most likely caused by an issue with the RDP Authentication system being used by the RRTO service.

    I have tested the given View request code with the EMA C++ 3.6.6 (RTSDK 2.0.3.L1) example Cons450. The example code works fine without any errors.

    Can you replicate the issue on demand? If so, please enable the HTTP REST API Log, replicate the issue and share the REST log file. You can enable the REST Log file with the following EMA parameters:

    rest-log.png

    Note: Please remove your credentials from the REST log file before posting.

  • Hi @manjinder.singh

    Additionally, are you using a single RTO Machine-ID with multiple applications/sessions?

    If you use a single Machine-ID with multiple sessions, the applications may encounter an error when an access token expires or when the applications attempt to refresh an access token. I highly recommend you reach out to your Refinitiv representative to get multiple Machine-IDs if you want to run multiple applications/sessions.

  • Thanks for that! You are right. I ran only one session and the warning does not occur. Yes, I have been running two sessions on the same Machine-ID
  • We are adding the config programmatically. Can you please give an example as to how to add these EMA parameters by code?
  • Hello @manjinder.singh

    The example of programmatic config for the RestEnableLog and RestLogFileName is as follows:

    void createProgramaticConfig( Map& configDb )
    {
        Map elementMap;
        ElementList elementList;

        if (connectWebSocket)
        {
            ...
        }
        else
        {
            EmaString restFileLocation = "C:\\<my path>\\450_MP_QueryServiceDiscovery\\rest.log";
            elementMap.addKeyAscii("Consumer_1", MapEntry::AddEnum,
                ElementList().addAscii("Channel", "Channel_1").addUInt("RestEnableLog", 1).addAscii("RestLogFileName", restFileLocation).complete()).complete();
        }

        elementList.addMap( "ConsumerList", elementMap );
        elementList.complete();
        elementMap.clear();

        configDb.addKeyAscii( "ConsumerGroup", MapEntry::AddEnum, elementList );
        elementList.clear();
        ...


    Note: The code is based on the Cons450 example.

  • Hi @wasin.w,

    Here is the output from the log. I've shorted some text using <text> including the successful tokens.

    We use websocket option and also go through a proxy.

    The error occurs every 8 minutes or so.


    REST log redirected to file.


    --- REST REQUEST ---


    <!-- Time: 10:42:34:277 -->

    URL: https://api.refinitiv.com/auth/oauth2/v1/token

    HTTP method POST

    HTTP header data:

    Accept : application/json

    Content-Type : application/x-www-form-urlencoded

    HTTP body data: grant_type=password&username=<Machine ID>&client_id=<Client ID>&scope=trapi.streaming.pricing.read&takeExclusiveSignOnControl=true

    Proxy host name: http://<proxy&gt;

    Proxy port: <port>

    Request timeout: 90


    --- REST RESPONSE ---


    <!-- Time: 10:42:34:651 -->

    HTTP header data:

    Date : Mon, 25 Jul 2022 09:42:34 GMT

    Content-Type : application/json

    Transfer-Encoding : chunked

    Connection : keep-alive

    Content-Encoding : gzip

    X-Amzn-Trace-Id : Root=1-62de658a-2b7afae21fc3979d5aa400d8

    X-Served-By : region=eu-west-1; cid=1de27dcca9484296891c0de2dd844e89

    X-Tr-Requestid : 6891f571-f55a-4c56-a64c-19b84cf242b0

    HTTP body data: { "access_token":"<token>", "refresh_token":"<token>", "expires_in":"600" , "scope":"trapi.streaming.pricing.read", "token_type":"Bearer" }

    Protocol version: HTTP/1.1

    HTTP status code: 200


    --- REST REQUEST ---


    <!-- Time: 10:50:36:201 -->

    URL: https://api.refinitiv.com/auth/oauth2/v1/token

    HTTP method POST

    HTTP header data:

    Accept : application/json

    Content-Type : application/x-www-form-urlencoded

    HTTP body data: grant_type=refresh_token&username=<Machine ID>&client_id=<Client ID>&refresh_token=<same refresh token as above>

    Proxy host name: http://<proxy&gt;

    Proxy port: <port>

    Request timeout: 90


    --- REST RESPONSE ---


    <!-- Time: 10:50:38:565 -->

    HTTP header data:

    Date : Mon, 25 Jul 2022 09:50:38 GMT

    Content-Type : application/json

    Content-Length : 29

    Connection : keep-alive

    X-Amzn-Trace-Id : Root=1-62de676c-23d2cb7377848daa6adf8d71

    X-Served-By : region=eu-west-1; cid=a61fe750a1394d6e84629ea87f17cac6

    X-Tr-Requestid : 11c45ffa-29ed-4f80-ba5d-3311907d6f8c

    HTTP body data: {"error":"invalid_grant" }

    Protocol version: HTTP/1.1

    HTTP status code: 400


    I've double-checked and the refresh token in both cases match.


    Any ideas?

  • Hello @manjinder.singh

    It looks like the API cannot renew the RDP token. Can you please try the following curl commands?

    Firstly, log in to the RDP Auth service.

    curl --location --request POST 'https://api.refinitiv.com/auth/oauth2/v1/token'; \
    --header 'Content-Type: application/x-www-form-urlencoded' \
    --header 'Authorization: Bearer ' \
    --data-urlencode 'username=<Machine ID>' \
    --data-urlencode 'password=<Password>' \
    --data-urlencode 'grant_type=password' \
    --data-urlencode 'scope=trapi' \
    --data-urlencode 'takeExclusiveSignOnControl=true' \
    --data-urlencode 'client_id=<App Key>'

    Then copy the refresh_token response from RDP.

    Next, run the following command to verify if the access token can be renewed.

    curl --location --request POST 'https://api.refinitiv.com/auth/oauth2/v1/token'; \
    --header 'Accept: application/json' \
    --header 'Content-Type: application/x-www-form-urlencoded' \
    --header 'Authorization: Basic ' \
    --data-urlencode 'username=<machine-id>' \
    --data-urlencode 'grant_type=refresh_token' \
    --data-urlencode 'client_id=<app_key>' \
    --data-urlencode 'refresh_token=<refresh_token>'

    Additionally, can you replicate the issue on demand?

  • When I run the second curl command continuously, it runs fines up until about 5 to 6 minutes, when I get the invalid grant error from then on