I am getting 401 error, unauthorised issue. What may be the reason?
I am trying to fetch Groups in Salesforce Apex class. but I am getting Status code 401 "Status=Unauthorized" issue.
public class WorldCheckScreening_Sync_v2 { public WorldCheckScreening_Sync_v2() { string gatewayurl = '/v1/'; string gatewayhost = 'rms-world-check-one-api-pilot.thomsonreuters.com'; string apikey = 'XXXXXXXXXXXXXXXXXXXXXXXXX'; string apisecret = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'; string requestendpoint = 'https://rms-world-check-one-api-pilot.thomsonreuters.com/v1/groups'; String formattedTimestamp = Datetime.now().formatGMT('EEE, dd MMM yyyy HH:mm:ss z'); string dataToSign = '(request-target): get ' + gatewayurl + 'groups\n' + 'host: ' + gatewayhost + '\ndate: ' + formattedTimestamp; String strhmac = generateAuthHeader(dataToSign,apisecret); String authorisation = 'Signature keyId="' + apiKey + '",algorithm="hmac-sha256",headers="(request-target) host date",signature="' + strhmac + '"'; HttpRequest req = new HttpRequest(); req.setEndpoint(requestendpoint); req.setMethod('GET'); req.setHeader('Authorization',authorisation); req.setHeader('Cache-Control', 'no-cache'); Http http = new Http(); HTTPResponse res = http.send(req); system.debug(res); } public string generateAuthHeader(string dataToSign, string apisecret) { return EncodingUtil.base64Encode(Crypto.generateMac('HmacSHA256', Blob.valueOf(dataToSign), Blob.valueOf(apiSecret))); } }
Can you please help me here?
Best Answer
-
@be3ce971-7473-4458-acda-0194c4c65725
Thanks for providing me the request response.
The dateTime value in the request header and the dateTime in the response header is different, when the difference is greater than 30s you get a 401, in your case, it is about 3mins that is the reason why you see a 401.
Kindly ensure a correctly synchronized clock is used to generate request timestamps.
Make sure that the date header value that you're sending is in sync with the NTP or the GMT clock for the API call to succeed. The difference with the API clock time shouldn’t be >30s.
1
Answers
-
@be3ce971-7473-4458-acda-0194c4c65725
Hi,
401 errors occur because the request has failed an authorization check. This can happen for a variety of reasons, such as
a) An invalid or expired API key,
b)An invalid HMAC signature.
c) Request timing issue/problem with the Date header value. The API client should ensure a correctly synchronized clock is used to generate request timestamps.
d)Incorrect JSON payload formation at your end will get you a 401 response.
Can you please reproduce the issue on postman and share the request & response from the postman console logs so that I can look into this further?
Regards,
Mehran Khan
API Technical Consultant | World-Check One
0 -
Hello Mehran,
Please see below Request and Response captured from "Rest Webservice Client". Unfortunately due to some reason I am not able to install Postman extension on my machine. I hope this will help you to check and help me.
Also how I can validate my API Key and API Secret? Please suggest.
REQUEST:
GET https://rms-world-check-one-api-pilot.thomsonreuters.com/v1/groups
Accept: application/json
Authorization: Signature keyId="b8dc734b-3d64-488c-80eb-37f982d55a4f",algorithm="hmac-sha256",headers="(request-target) host date",signature="eHU0bDOS+51W8O8zj30k6q9n9Ixq8+HDNRb/zyHvzLs="
Cache-Control: no-cache
Date: Tue, 29 Jan 2019 14:32:37 GMTRESPONSE:
401, Unauthorized
date: Tue, 29 Jan 2019 14:35:45 GMT
server: ""
authorization: WWW-Authenticate: Signature realm="World-Check One API",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length
transfer-encoding: chunked
x-application-context: application
Time taken (in milliseconds): 2930
Categories
- All Categories
- 6 AHS
- 37 Alpha
- 161 App Studio
- 4 Block Chain
- 4 Bot Platform
- 16 Connected Risk APIs
- 47 Data Fusion
- 30 Data Model Discovery
- 608 Datastream
- 1.3K DSS
- 577 Eikon COM
- 4.9K Eikon Data APIs
- 7 Electronic Trading
- Generic FIX
- 7 Local Bank Node API
- Trading API
- 2.7K Elektron
- 1.3K EMA
- 236 ETA
- 519 WebSocket API
- 33 FX Venues
- 10 FX Market Data
- 1 FX Post Trade
- 1 FX Trading - Matching
- 12 FX Trading – RFQ Maker
- 5 Intelligent Tagging
- 2 Legal One
- 20 Messenger Bot
- 2 Messenger Side by Side
- 9 ONESOURCE
- 7 Indirect Tax
- 59 Open Calais
- 264 Open PermID
- 39 Entity Search
- 2 Org ID
- PAM
- PAM - Logging
- 8.4K Private Comments
- 6 Product Insight
- Project Tracking
- ProView
- ProView Internal
- 20 RDMS
- 1.4K Refinitiv Data Platform
- 367 Refinitiv Data Platform Libraries
- 3 Refinitiv Due Diligence
- LSEG Due Diligence Portal API
- 3 Refinitiv Due Dilligence Centre
- Rose's Space
- 1.1K Screening
- 18 Qual-ID API
- 13 Screening Deployed
- 23 Screening Online
- 10 World-Check Customer Risk Screener
- 990 World-Check One
- 44 World-Check One Zero Footprint
- 45 Side by Side Integration API
- Test Space
- 3 Thomson One Smart
- 1.2K TR Internal
- Global Hackathon 2015
- 2 Specialists Who Code
- 10 TR Knowledge Graph
- 150 Transactions
- 142 REDI API
- 1.7K TREP APIs
- 4 CAT
- 21 DACS Station
- 117 Open DACS
- 1.1K RFA
- 103 UPA
- 172 TREP Infrastructure
- 224 TRKD
- 886 TRTH
- 5 Velocity Analytics
- 5 Wealth Management Web Services
- 59 Workspace SDK
- 9 Element Framework
- 5 Grid
- 13 World-Check Data File
- Yield Book Analytics
- 46 中文论坛