top level group api 401 Unauthorized on all API Calls (SEQ-1a: Get my top-level groups)

Mostafa · September 2019

function generateAuthHeader(dataToSign){

var hash = CryptoJS.HmacSHA256(dataToSign,environment["api-secret"]);
pm.globals.set("variable_key", "variable_value");
return hash.toString(CryptoJS.enc.Base64);
} var date = new Date().toGMTString(); var dataToSign = "(request-target): get " + environment["gateway-url"] + "groups\n" +
"host: " + environment["gateway-host"] + "\n" +
"date: " + date;
var hmac = generateAuthHeader(dataToSign);
var authorisation = "Signature keyId=\"" + environment["api-key"] + "\",algorithm=\"hmac-sha256\",headers=\"(request-target) host date\",signature=\"" + hmac + "\""; postman.setEnvironmentVariable("authorisation",authorisation);
postman.setEnvironmentVariable("currentDate",date);

Michal.Byczkowski · September 2019

Hello @Mostafa

Couple of things needs to be checked.

1. Please make sure you have put the right URL, API key and API Secret key in the Postman environment

2. The date is included in the Authorization Signature. Assuming you did not change anything with the request, please sync your clock

3. If you are using Chrome extension please make sure that you have Interceptor turned on

Helen.Wilson · September 2019

Hi @Mostafa can you confirm that this question is about the Connected Risk API? Thanks.

top level group api 401 Unauthorized on all API Calls (SEQ-1a: Get my top-level groups)

Best Answer

Answers

Categories