gosub, define_keys gosub, create_a_case exitapp define_keys: API_key := "" gateway_url := "/v1/" protocol := "https://" host_URL := "rms-world-check-one-api-pilot.thomsonreuters.com" API_secret := "" return create_a_case: base_URL := protocol host_URL gateway_url . "cases" GMT_time := % getGMT(-2) ;body = {"secondaryFields":[],"entityType":"INDIVIDUAL","customFields":[],"groupId":"0a3687cf-673a-134c-99f3-522b0000168a","providerTypes":["WATCHLIST"],"name":"sangala"} ;body := "{" CHR(34) "secondaryFields" CHR(34) ":[]," CHR(34) "entityType" CHR(34) ":" CHR(34) "INDIVIDUAL" CHR(34) "," CHR(34) "customFields" CHR(34) ":[]," CHR(34) "groupId" CHR(34) ":" CHR(34) "0a3687cf-673a-134c-99f3-522b0000168a" CHR(34) "," CHR(34) "providerTypes" CHR(34) ":[" CHR(34) "WATCHLIST" CHR(34) "]," CHR(34) "name" CHR(34) ":" CHR(34) "sangala" CHR(34) "}" ;/* both variants above yield 404 ;/* body = ( { "secondaryFields": [], "entityType": "INDIVIDUAL", "customFields": [], "groupId":"0a3687cf-673a-134c-99f3-522b0000168a", "providerTypes": [ "WATCHLIST" ], "name": "sangala" } ) */ ;body := regexreplace(body,CHR(34),"" CHR(34) . CHR(34) "") ;; tried modifyng the quotation marks before generating signature as well ;msgbox % body */ datatosign := "(request-target): post " gateway_url "cases`n" . "host: " host_URL "`n" . "date: " GMT_time " GMT`n" . "content-type: application/x-www-form-urlencoded`n" ; . "content-type: application/json`n" . "content-length: " strlen(body) "`n" . body HMAC := % calculate_HMAC_256_64base(datatosign,API_secret) H_authorisation := "Signature keyId=" Chr(34) API_key Chr(34) "`,algorithm=" Chr(34) "hmac-sha256" Chr(34) "`,headers=" Chr(34) "(request-target) host date content-type content-length" Chr(34) "`,signature=" Chr(34) HMAC Chr(34) H_date := GMT_time " GMT" WinHTTP := ComObjCreate("WinHTTP.WinHttpRequest.5.1") WinHTTP.Open("post", base_URL,false) WinHTTP.SetRequestHeader("Date",H_date) WinHTTP.SetRequestHeader("Content-Type","application/x-www-form-urlencoded") ;WinHTTP.SetRequestHeader("Content-Type","application/json") WinHTTP.SetRequestHeader("Authorization",H_authorisation) WinHTTP.SetRequestHeader("Content-Length",strlen(body)) ;WinHTTP.SetRequestHeader("Content-Type","application/json") ;VBA_body := regexreplace(body,CHR(34),"" CHR(34) . CHR(34) "") ; tried modifyng quotation marks just when sending the payload ;VBA_body := regexreplace(body,CHR(34),"" CHR(34) . CHR(34) . CHR(34) "") ;VBA_body := regexreplace(body,CHR(34),"" CHR(34) . CHR(34) . CHR(34) . CHR(34) "") ;VBA_body = "%VBA_body%" ;msgbox % VBA_body WinHTTP.send(body) ;WinHTTP.send(VBA_body) WinHTTP.waitforresponse(5) gosub, msgbox_full_response return getGMT(deduct) { B_NOW := A_Now B_NOW += deduct,HH B_NOW += +1,seconds ;; because HMAC via powershell and clipboard is slow ;B_NOW = 20190122122725 ; if time set manually to same time as postman's at the time of postman's request, function produces matching HMAC signature FormatTime, TimeString, %B_NOW%, ddd, dd MMM yyyy HH:mm:ss r := TimeString return r } calculate_HMAC_256_64base(input,key) { store_clip := clipboard raw_double_quote_ahk = `" raw_double_quote_PS = \" inp := regexreplace(input,"(" raw_double_quote_ahk ")","" raw_double_quote_PS "") ;; submitting script to powershell this way deletes double spaces, hence this regex.. inp := regexreplace(inp,A_Space,"A_SP8CE") clipboard := ps_script= ( $message = '%inp%' $message = $message.replace('A_SP8CE',' ') $secret = '%key%' $hmacsha = New-Object System.Security.Cryptography.HMACSHA256 $hmacsha.key = [Text.Encoding]::ASCII.GetBytes($secret) $signature = $hmacsha.ComputeHash([Text.Encoding]::ASCII.GetBytes($message)) $signature = [Convert]::ToBase64String($signature) | clip ) RunWait, PowerShell.exe %ps_Script%,,hide clipwait,1 r := clipboard r := regexreplace(r,"`n") r := regexreplace(r,"`r") clipboard := store_clip return r }