Receive 500 Internal Server Error for screeningRequest in World Check

asif
asif
in World-Check One

I am trying to integrate World Check One Screening Request, I am receiving proper responses on the postm

an, but when I hit from my application, I receive 500 Internal Server Error.

Authorisation Header:

Signature keyId="18XXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length",signature="nN45v5sPz4SRWo1lNhzpwvfYQOsrba0nhu/Uf3XIBoA="

Request Data:

{"secondaryFields":[{"value":null,"typeId":"SFCT_2","dateTimeValue":"2010-05-18"},{"value":"Kuwait","typeId":"SFCT_3","dateTimeValue":null}],"providerTypes":["WATCHLIST"],"name":"Shareholder One","groupId":"0a3687cf-6855-18b8-9a1f-a88d00000781","entityType":"INDIVIDUAL"}

Data To Sign (Fed to HMAC-SHA256 generator):

(request-target): post /v1/cases/screeningRequest

host: zfs-world-check-one-api-pilot.thomsonreuters.com

date: Wed, May 22 2019 16:35:24 GMT

content-type: application/json

content-length: 271

Response:

{"message":null}

If I use the same request body in postman I receive a proper 200 response, I guess there is some issue with my signature, but not sure why I am getting a 500 rather than a 401.

I checked the response Headers and see

x-amzn-ErrorType value: AuthorizerConfigurationException.

Any help is appreciated.

Tagged:

Best Answer

  • asif
    asif
    Answer ✓

    @Mehran.Ahmed Khan Thanks for the exceptional help.

    The date format was incorrect, it needs to be EEE, d MMM yyyy HH:mm:ss GMT

Answers

  • asif
    asif

    @Mehran.Ahmed Khan Please help

  • Mehran.Ahmed Khan
    Mehran.Ahmed Khan

    @asif

    Firstly, in the request payload the format of the country location is incorrect , you will need to use the ISO country list , so KUWAIT will be passed as "KWT".

    To investigate this further can you please state your account name? I tried to look for finfirst but unfortunately couldn't locate .

    Thanks

  • asif
    asif

    @Mehran.Ahmed Khan Account Name Should be Murabaha Capital Cayman Ltd.

    I have tried with KWT as well, does not change the response.

  • Mehran.Ahmed Khan
    Mehran.Ahmed Khan

    @asif,

    I replicated the issue at my end to compare the HMAC signature and indeed the HMAC is incorrect, please find below the request response for the same.

    Coming to the point why you're receiving a 500 response instead of 401 we are investigating and will get back to you.

    Please check the HMAC generation at your end and retry it should work fine.

    POST /v1/cases/screeningRequest
    Date: Wed, May 22 2019 16:35:24 GMT
    Content-Type: application/json
    Authorization: Signature keyId="18dd3f34-1939-4033-acea-************",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length",signature="9aRxHnzEI3+bmcTOQ3a6qklbQb2z4WrDyw26vyvqsuc="
    Content-Length: 327
    User-Agent: PostmanRuntime/7.13.0
    Accept: */*
    Cache-Control: no-cache
    Postman-Token: 33f38882-50cb-4277-ab7b-eedae5b7c8ba
    Host: zfs-world-check-one-api-pilot.thomsonreuters.com
    accept-encoding: gzip, deflate
    Connection: keep-alive

    {
     "secondaryFields": [{
     "value": null,
     "typeId": "SFCT_2",
     "dateTimeValue": "2010-05-18"
     }, {
     "value": "KWT",
     "typeId": "SFCT_3",
     "dateTimeValue": null
     }],
     "providerTypes": ["WATCHLIST"],
     "name": "Shareholder One",
     "groupId": "0a3687cf-6855-18b8-9a1f-a88d00000781",
     "entityType": "INDIVIDUAL"
     }


    HTTP/1.1 500
    status: 500
    Content-Type: application/json
    Content-Length: 16
    Connection: keep-alive
    Date: Thu, 23 May 2019 12:04:39 GMT
    x-amzn-RequestId: f0dff4e3-7d52-11e9-8445-6f6c930d1917
    x-amzn-ErrorType: AuthorizerConfigurationException
    x-amz-apigw-id: aIrdpElQjoEFc4g=
    X-Cache: Error from cloudfront
    Via: 1.1 abe961bfbed978775cdf93859ed612bc.cloudfront.net (CloudFront)
    X-Amz-Cf-Id: zfB_MZjeoG_uWwOw2MgPQ6mYTHEkdptmb0DmtBKqx-RB_EJ7oKqllQ==

    {"message":null}
  • asif
    asif

    @Mehran.Ahmed Khan What is wrong with the way I am generating the signature, my data to Sign string matches exactly to the one in the postman collection. I am not able to figure out what I am missing

  • Mehran.Ahmed Khan
    Mehran.Ahmed Khan
    @asif

    I looked further and if you notice the content length from my request it's 327 whereas the content length from the data you provided was 271, this is what is causing you to generate incorrect HMAC, assuming that you are passing KUWAIT as KWT use a JSON validator on google to correctly format the request payload, copy the payload and retry the request .

    Let me know the results.

  • asif
    asif

    @Mehran.Ahmed Khan


    I send the same request using postman, the content length in postman is 271 as well. I don't see any authorization errors there, I receive a proper error message for the country being Kuwait and not KWT.

    In my opinion, this should not be a content length issue, because I have very carefully matched the content length that my code sends and that postman sends and it is always the same.

    Attached is a screenshot of postman with the exact same request showing content length as 271 and giving me a proper error response

    image-24-05-19-at-331-pm.jpg

  • Mehran.Ahmed Khan
    Mehran.Ahmed Khan

    contentlength.png@asif

    When I reproduced your error and when I successfully screen using your credentials the content length in both the cases is 327, attached is the screenshot for the same.

    Let me know if you would like to get on a quick call and discuss this, I am available till 6 PM IST today.

  • asif
    asif

    @Mehran.Ahmed Khan

    Let's get on a call. Please find the link below

    https://us04web.zoom.us/j/8711592254

Categories