Receive 500 Internal Server Error for screeningRequest in World Check
I am trying to integrate World Check One Screening Request, I am receiving proper responses on the postm
an, but when I hit from my application, I receive 500 Internal Server Error.
Authorisation Header:
Signature keyId="18XXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length",signature="nN45v5sPz4SRWo1lNhzpwvfYQOsrba0nhu/Uf3XIBoA="
Request Data:
{"secondaryFields":[{"value":null,"typeId":"SFCT_2","dateTimeValue":"2010-05-18"},{"value":"Kuwait","typeId":"SFCT_3","dateTimeValue":null}],"providerTypes":["WATCHLIST"],"name":"Shareholder One","groupId":"0a3687cf-6855-18b8-9a1f-a88d00000781","entityType":"INDIVIDUAL"}
Data To Sign (Fed to HMAC-SHA256 generator):
(request-target): post /v1/cases/screeningRequest
host: zfs-world-check-one-api-pilot.thomsonreuters.com
date: Wed, May 22 2019 16:35:24 GMT
content-type: application/json
content-length: 271
Response:
{"message":null}
If I use the same request body in postman I receive a proper 200 response, I guess there is some issue with my signature, but not sure why I am getting a 500 rather than a 401.
I checked the response Headers and see
x-amzn-ErrorType value: AuthorizerConfigurationException.
Any help is appreciated.
Best Answer
-
@Mehran.Ahmed Khan Thanks for the exceptional help.
The date format was incorrect, it needs to be EEE, d MMM yyyy HH:mm:ss GMT
1
Answers
-
@Mehran.Ahmed Khan Please help
0 -
Firstly, in the request payload the format of the country location is incorrect , you will need to use the ISO country list , so KUWAIT will be passed as "KWT".
To investigate this further can you please state your account name? I tried to look for finfirst but unfortunately couldn't locate .
Thanks
0 -
@Mehran.Ahmed Khan Account Name Should be Murabaha Capital Cayman Ltd.
I have tried with KWT as well, does not change the response.
0 -
I replicated the issue at my end to compare the HMAC signature and indeed the HMAC is incorrect, please find below the request response for the same.
Coming to the point why you're receiving a 500 response instead of 401 we are investigating and will get back to you.
Please check the HMAC generation at your end and retry it should work fine.
POST /v1/cases/screeningRequest
Date: Wed, May 22 2019 16:35:24 GMT
Content-Type: application/json
Authorization: Signature keyId="18dd3f34-1939-4033-acea-************",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length",signature="9aRxHnzEI3+bmcTOQ3a6qklbQb2z4WrDyw26vyvqsuc="
Content-Length: 327
User-Agent: PostmanRuntime/7.13.0
Accept: */*
Cache-Control: no-cache
Postman-Token: 33f38882-50cb-4277-ab7b-eedae5b7c8ba
Host: zfs-world-check-one-api-pilot.thomsonreuters.com
accept-encoding: gzip, deflate
Connection: keep-alive
{
"secondaryFields": [{
"value": null,
"typeId": "SFCT_2",
"dateTimeValue": "2010-05-18"
}, {
"value": "KWT",
"typeId": "SFCT_3",
"dateTimeValue": null
}],
"providerTypes": ["WATCHLIST"],
"name": "Shareholder One",
"groupId": "0a3687cf-6855-18b8-9a1f-a88d00000781",
"entityType": "INDIVIDUAL"
}
HTTP/1.1 500
status: 500
Content-Type: application/json
Content-Length: 16
Connection: keep-alive
Date: Thu, 23 May 2019 12:04:39 GMT
x-amzn-RequestId: f0dff4e3-7d52-11e9-8445-6f6c930d1917
x-amzn-ErrorType: AuthorizerConfigurationException
x-amz-apigw-id: aIrdpElQjoEFc4g=
X-Cache: Error from cloudfront
Via: 1.1 abe961bfbed978775cdf93859ed612bc.cloudfront.net (CloudFront)
X-Amz-Cf-Id: zfB_MZjeoG_uWwOw2MgPQ6mYTHEkdptmb0DmtBKqx-RB_EJ7oKqllQ==
{"message":null}0 -
@Mehran.Ahmed Khan What is wrong with the way I am generating the signature, my data to Sign string matches exactly to the one in the postman collection. I am not able to figure out what I am missing
0 -
@asif
I looked further and if you notice the content length from my request it's 327 whereas the content length from the data you provided was 271, this is what is causing you to generate incorrect HMAC, assuming that you are passing KUWAIT as KWT use a JSON validator on google to correctly format the request payload, copy the payload and retry the request .
Let me know the results.
0 -
I send the same request using postman, the content length in postman is 271 as well. I don't see any authorization errors there, I receive a proper error message for the country being Kuwait and not KWT.In my opinion, this should not be a content length issue, because I have very carefully matched the content length that my code sends and that postman sends and it is always the same.
Attached is a screenshot of postman with the exact same request showing content length as 271 and giving me a proper error response
0 -
When I reproduced your error and when I successfully screen using your credentials the content length in both the cases is 327, attached is the screenshot for the same.
Let me know if you would like to get on a quick call and discuss this, I am available till 6 PM IST today.
0 -
Let's get on a call. Please find the link below
https://us04web.zoom.us/j/87115922540
Categories
- All Categories
- 6 AHS
- 37 Alpha
- 161 App Studio
- 4 Block Chain
- 4 Bot Platform
- 16 Connected Risk APIs
- 47 Data Fusion
- 30 Data Model Discovery
- 608 Datastream
- 1.3K DSS
- 577 Eikon COM
- 4.9K Eikon Data APIs
- 7 Electronic Trading
- Generic FIX
- 7 Local Bank Node API
- Trading API
- 2.7K Elektron
- 1.3K EMA
- 236 ETA
- 519 WebSocket API
- 33 FX Venues
- 10 FX Market Data
- 1 FX Post Trade
- 1 FX Trading - Matching
- 12 FX Trading – RFQ Maker
- 5 Intelligent Tagging
- 2 Legal One
- 20 Messenger Bot
- 2 Messenger Side by Side
- 9 ONESOURCE
- 7 Indirect Tax
- 59 Open Calais
- 264 Open PermID
- 39 Entity Search
- 2 Org ID
- PAM
- PAM - Logging
- 8.4K Private Comments
- 6 Product Insight
- Project Tracking
- ProView
- ProView Internal
- 20 RDMS
- 1.4K Refinitiv Data Platform
- 367 Refinitiv Data Platform Libraries
- 3 Refinitiv Due Diligence
- LSEG Due Diligence Portal API
- 3 Refinitiv Due Dilligence Centre
- Rose's Space
- 1.1K Screening
- 18 Qual-ID API
- 13 Screening Deployed
- 23 Screening Online
- 10 World-Check Customer Risk Screener
- 990 World-Check One
- 44 World-Check One Zero Footprint
- 45 Side by Side Integration API
- Test Space
- 3 Thomson One Smart
- 1.2K TR Internal
- Global Hackathon 2015
- 2 Specialists Who Code
- 10 TR Knowledge Graph
- 150 Transactions
- 142 REDI API
- 1.7K TREP APIs
- 4 CAT
- 21 DACS Station
- 117 Open DACS
- 1.1K RFA
- 103 UPA
- 172 TREP Infrastructure
- 224 TRKD
- 886 TRTH
- 5 Velocity Analytics
- 5 Wealth Management Web Services
- 59 Workspace SDK
- 9 Element Framework
- 5 Grid
- 13 World-Check Data File
- Yield Book Analytics
- 46 中文论坛