public RefinitivScreeningCaseResponse RefScreeningResponse(string email, string password)
        {
            var response = new RefinitivScreeningCaseResponse();


            try
            {
                //first get the user info to send request to ref API;
                var user = FindUser(email, password);

                DateTime serverDateTime = DateTime.UtcNow;

                string date = serverDateTime.ToString("R");

                string gatewayurl = "/v1/";
                string gatewayhost = "api-worldcheck.refinitiv.com";

                string apiSecret = user.APISecret;
                string apiKey = user.APIKey;

                string requestendpoint = "https://api-worldcheck.refinitiv.com/v1/cases";


                string casesystemid = "5jb6uu4cc2up1gs4iciejf8fs";


                // Assemble the GET request - NOTE every character including spaces have to be EXACT 
                // for the API server to decode the authorization signature       
                string dataToSign = "(request-target): get " + gatewayurl + "cases/" +
                    casesystemid + "/results" + "\n" +
                    "host: " + gatewayhost + "\n" +   // no https only the host name
                    "date: " + date;                  // GMT date as a string


                // The Request and API secret are now combined and encrypted
                string hmac = GenerateAuthHeader(dataToSign, apiSecret);


                // Assemble the authorization string - This needs to match the dataToSign elements 
                // i.e. requires ONLY host date (no content body for a GET request)
                //- NOTE every character including spaces have to be EXACT else decryption will fail with 401 Unauthorized
                string authorization = "Signature keyId=\"" + apiKey + "\",algorithm=\"hmac-sha256\",headers=\"(request-target) host date\",signature=\"" + hmac + "\"";

               


                // Send the Request to the API server
                HttpWebRequest WebReq = WebRequest.CreateHttp(requestendpoint);



                // Set the Headers
                WebReq.Method = "GET";
                WebReq.Headers.Add("Authorization", authorization);
                WebReq.Headers.Add("Cache-Control", "no-cache");
                WebReq.Date = serverDateTime; // use datetime value GMT time


                // Get the Response - Status OK
                HttpWebResponse WebResp = (HttpWebResponse)WebReq.GetResponse();

                if (WebResp.StatusCode == HttpStatusCode.OK)
                {
                    Stream responseBody = WebResp.GetResponseStream();

                    StreamReader reader = new StreamReader(responseBody);

                    string jsonData = reader.ReadToEnd();

                    var deserializeObjs = JsonConvert.DeserializeObject<ScreeningCaseModel[]>(jsonData);


                    response.Success = true;
                    response.Message = "";
                    response.ScreeningCasesModels = deserializeObjs;
                }
                else
                {
                    response.Success = false;
                    response.Message = "";
                    response.ScreeningCasesModels = null;
                }

            }
            catch (Exception ex)
            {
                throw new Exception(ex.Message);
            }

            return response;
        }


        //generate auth header by using api secret key;
        public string GenerateAuthHeader(string dataToSign, string apiSecret)
        {
            byte[] secretKey = Encoding.UTF8.GetBytes(apiSecret);
            HMACSHA256 hmac = new HMACSHA256(secretKey);
            hmac.Initialize();

            byte[] bytes = Encoding.UTF8.GetBytes(dataToSign);
            byte[] rawHmac = hmac.ComputeHash(bytes);

            return (Convert.ToBase64String(rawHmac));
        }