how to get the correct HMAC value- WorldCheck One API

kholoud.elbouazzaoui

Hi Team a client is on trial for World-Check One API and they are facing the issue below:

We are getting a 401 Unauthorized error when trying to make our first call to the API. We believe this may be due to the way we are producing the Authentication Headers.

In testing our code for producing the Headers, we have tried to run the example code with the example data from the documentation and the HMAC-SHA256 value we receive is different to what is expected from the documentation. We were following the instructions here: https://developers.lseg.com/content/dam/devportal/en_us/product-docs/wc1-api/documentation/v2/schema-reference/security.html and the example code we are running is from the link ‘authorization files’ under the ‘HMAC Algorithm’ section.

As mentioned below, when running the example csharp code, the following code returns the computed HMAC-SHA256 value of “qYkck89B5tsZpdWDBk54zsuse/jCVEQLQz1ZReCJJAw=” in base64 encoding. Based on the link above, the expected value should be: “Iktz/AdXHmDouNm6uBB8ZW0xcfNGuWGDxmX9TFMwuF0=”.

using ConsoleApp1;

Dictionary<string, string> headers = AuthHeadersBuilder.GenerateAuthHeaders(

"4321",

"1234",

"post",

new Uri(https://api-worldcheck.refinitiv.com/v2/cases),

"application/json",

"{\n \"caseId\": \"my customer ID\",\n \"name\": \"John Doe\",\n \"providerTypes\": [\"WATCHLIST\"]\n}");

Console.WriteLine(headers["Authorization"].ToString());

_ = Console.ReadLine();

We believe the data we are inputting into the code is exactly the same as the documentation. This includes updating the ‘Date’ to the one in the example: Tue, 07 Jun 2016 20:51:35 GMT. This has been done by updating lines 60-62 in the example code and factoring in UTC and GMT conversion on the date in question:

DateTime dateValue = DateTime.Parse("2016-06-07T19:51:35Z"); // DateTime.UtcNow;

string date = dateValue.ToString("R");

headers.Add("Date", date);

Please would you be able to advise on how to get the correct HMAC value from the example code? We can then make the adjustments to our API call and hopefully this should resolve our 401 error.

ram.nitish

Hi @kholoud.elbouazzaoui,

Please utilize the attached sample code to address this issue. If the problem persists, kindly email us with the complete details, including the request body. We will then conduct a thorough investigation to resolve the matter.

AuthHeadersBuilder.zip

Thanks,

Ram.

ram.nitish

HI @kholoud.elbouazzaoui,

We are looking into this and will get back to you as soon as possible.

Thanks,

Ram.