HTTP 403 Forbidden from ZFS screeningRequest API
I am working on a WorldCheck One ZFS Zero Footprint Screening pilot. I dug through all of the emails, downloaded all of the documentation and Postman documents, and started writing some code to support the custom API authentication system and get data coming back.
I am able to call all of the following APIs perfectly fine with no trouble:
https://rms-world-check-one-api-pilot.thomsonreuters.com/v1/reference/countries
https://rms-world-check-one-api-pilot.thomsonreuters.com/v1/groups
https://rms-world-check-one-api-pilot.thomsonreuters.com/v1/groups/5nzbfkcaflyi1en8ajboby9dh
https://rms-world-check-one-api-pilot.thomsonreuters.com/v1/groups/5nzbfkcaflyi1en8ajboby9dh/caseTemplate
However, when I try to call this API for the ZFS (Zero Footprint Screening), it fails with a 403 Forbidden error:
https://zfs-world-check-one-api-pilot.thomsonreuters.com/v1/cases/screeningRequest
Can somebody check why the access to the ZFS API is blocked and help me fix it?
I am calling with the following request payload:
{
"groupId": "5nzbfkcaflyi1en8ajboby9dh",
"entityType": "ORGANISATION",
"providerTypes": [
"WATCHLIST"
],
"name": "Google",
"secondaryFields": [
{
"typeId": "SFCT_6",
"value": "USA"
}
]
}
I put some detailed debug logs below (sensitive items REDACTED):
2020-05-12 18:46:58,840: wc1.py: DEBUG: Starting new HTTPS connection (1): zfs-world-check-one-api-pilot.thomsonreuters.com:443
send: b'GET /v1/cases/screeningRequest HTTP/1.1\r\nUser-Agent: python-requests/2.23.0\r\nAccept-Encoding: gzip, deflate\r\nAccept: */*\r\nConnection: keep-alive\r\nContent-Type: application/json\r\nContent-Length: 263\r\nDate: Wed, 13 May 2020 01:46:58 GMT\r\nDigest: SHA-256=M1UNMMXjI1XtanZ3vJhTV+zfpmnZoPm2kw6ag73ZrB0=\r\nHost: zfs-world-check-one-api-pilot.thomsonreuters.com\r\nAuthorization: Signature keyId="REDACTED",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length digest",signature="WMt8DcntgVDMcvr826d/MmKEpfXWM20SyAFN0I3CXAY="\r\n\r\n'
send: b'{\n "groupId": "REDACTED",\n "entityType": "ORGANISATION",\n "providerTypes": [\n "WATCHLIST"\n ],\n "name": "Google",\n "secondaryFields": [\n {\n "typeId": "SFCT_6",\n "value": "USA"\n }\n ]\n}'
reply: 'HTTP/1.1 403 Forbidden\r\n'
header: Server: CloudFront
header: Date: Wed, 13 May 2020 01:46:58 GMT
header: Content-Type: text/html
header: Content-Length: 915
header: Connection: keep-alive
header: X-Cache: Error from cloudfront
header: Via: 1.1 91eda795c3265b7a81caba456f5e9dd8.cloudfront.net (CloudFront)
header: X-Amz-Cf-Pop: SFO20-C1
header: X-Amz-Cf-Id: 9nQvEDJeKpEk6U0AcwXNmVnsrR6DmwLodL1AYkk10BH-mOrpaWgOuw==
2020-05-12 18:46:58,919: wc1.py: DEBUG: https://zfs-world-check-one-api-pilot.thomsonreuters.com:443 "GET /v1/cases/screeningRequest HTTP/1.1" 403 915
2020-05-12 18:46:58,920: wc1.py: INFO: status_code: 403, response:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML><HEAD><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<TITLE>ERROR: The request could not be satisfied</TITLE>
</HEAD><BODY>
<H1>403 ERROR</H1>
<H2>The request could not be satisfied.</H2>
<HR noshade size="1px">
Bad request.
We can't connect to the server for this app or website at this time. There might be too much traffic or a configuration error. Try again later, or contact the app or website owner.
<BR clear="all">
If you provide content to customers through CloudFront, you can find steps to troubleshoot and help prevent this error by reviewing the CloudFront documentation.
<BR clear="all">
<HR noshade size="1px">
<PRE>
Generated by cloudfront (CloudFront)
Request ID: 9nQvEDJeKpEk6U0AcwXNmVnsrR6DmwLodL1AYkk10BH-mOrpaWgOuw==
</PRE>
<ADDRESS>
</ADDRESS>
</BODY></HTML>
Best Answer
-
Hi,
I have sent you an email regarding this issue seeking some more details for a deeper investigation of this issue.
We can also get on a quick call and take a look at it to resolve this at the earliest.
Regards.
Mehran Khan
0
Categories
- All Categories
- 6 AHS
- 37 Alpha
- 161 App Studio
- 4 Block Chain
- 4 Bot Platform
- 16 Connected Risk APIs
- 47 Data Fusion
- 30 Data Model Discovery
- 608 Datastream
- 1.3K DSS
- 577 Eikon COM
- 4.9K Eikon Data APIs
- 7 Electronic Trading
- Generic FIX
- 7 Local Bank Node API
- Trading API
- 2.7K Elektron
- 1.3K EMA
- 236 ETA
- 519 WebSocket API
- 33 FX Venues
- 10 FX Market Data
- 1 FX Post Trade
- 1 FX Trading - Matching
- 12 FX Trading – RFQ Maker
- 5 Intelligent Tagging
- 2 Legal One
- 20 Messenger Bot
- 2 Messenger Side by Side
- 9 ONESOURCE
- 7 Indirect Tax
- 59 Open Calais
- 264 Open PermID
- 39 Entity Search
- 2 Org ID
- PAM
- PAM - Logging
- 8.4K Private Comments
- 6 Product Insight
- Project Tracking
- ProView
- ProView Internal
- 20 RDMS
- 1.4K Refinitiv Data Platform
- 367 Refinitiv Data Platform Libraries
- 3 Refinitiv Due Diligence
- LSEG Due Diligence Portal API
- 3 Refinitiv Due Dilligence Centre
- Rose's Space
- 1.1K Screening
- 18 Qual-ID API
- 13 Screening Deployed
- 23 Screening Online
- 10 World-Check Customer Risk Screener
- 990 World-Check One
- 44 World-Check One Zero Footprint
- 45 Side by Side Integration API
- Test Space
- 3 Thomson One Smart
- 1.2K TR Internal
- Global Hackathon 2015
- 2 Specialists Who Code
- 10 TR Knowledge Graph
- 150 Transactions
- 142 REDI API
- 1.7K TREP APIs
- 4 CAT
- 21 DACS Station
- 117 Open DACS
- 1.1K RFA
- 103 UPA
- 172 TREP Infrastructure
- 224 TRKD
- 886 TRTH
- 5 Velocity Analytics
- 5 Wealth Management Web Services
- 59 Workspace SDK
- 9 Element Framework
- 5 Grid
- 13 World-Check Data File
- Yield Book Analytics
- 46 中文论坛