WebSocket API: Problems using cookie based authentication (C#)
Hi
I am having issues using cookie-based authentication, when opening the web socket connection to wss://emea-1-t2.streaming-pricing-api.refinitiv.com:443/WebSocket. I am developing my application in C# against .Net 5.0 using the WebSocketSharp library.
Assume I have a valid access token/refresh token pair acquired from the authentication server https://api.refinitiv.com/auth/oauth2/v1/token, i.e.
{
"access_token":"eyJ0e****effg",
"refresh_token": "****-def6-47b3-aeb2-1468796846b5",
"expires_in": "300",
"token_type": "Bearer"
}
Request based
I can successfully authenticate using a Login request as the initial request on the form:
{
"Domain":"Login",
"ID":1,
"Key":{
"Elements":{
"ApplicationId":"256",
"AuthenticationToken":"aBcDeFgHiJkLmNoPqRsTuVwXyZ",
"Position":"127.0.0.1"
},
"NameType":"AuthnToken"
}
}
This means I get a repsonse stating that the data is streaming etc., and I can perform additional requests.
Cookie based
The story is different, when I try to use cookie based authentication. The feature is described in the Protocol Specification page 18, where one can supply the below HTTP cookies, before connecting:
*ads*authTokenName : AuthToken
*ads*positionName : position
*ads*applicationIdName : applicationId
No matter what I do, I am not able to authenticate using this method. I have tried different ApplicationIds and positions. My code for this part is:
WebSocket.SetCookie(new Cookie("*ads*authTokenName", access_token));
WebSocket.SetCookie(new Cookie("*ads*positionName", position));
WebSocket.SetCookie(new Cookie("*ads*applicationIdName", "256"));
First of all, the example application provided here uses som completely different header names, i.e. AuthToken, AuthPosition, and applicationId. They seem more legit, than those in the protocol specification, but nevertheless, it doesn't work.
Whenever I try to perform a request (not Login request) after the connection, I am met with the following exception, after which the connection terminates:
Received Log Event (Level: Fatal): WebSocketSharp.WebSocketException: The header of a frame cannot be read from the stream.
at WebSocketSharp.WebSocketFrame.processHeader(Byte[] header)
at WebSocketSharp.WebSocketFrame.<>c__DisplayClass73_0.<readHeaderAsync>b__0(Byte[] bytes)
at WebSocketSharp.Ext.<>c__DisplayClass48_0.<ReadBytesAsync>b__0(IAsyncResult ar)
- Is cookie-based even possible?
- If so, which header names and values should I provide?
- Bonus question: Am I right in the assumption, that the token does not need to be refreshed, when application as a cookie? I not, what is the recommended method for refreshing it?
Best Answer
-
Hello @Kenneth Gabriel Birkedahl
I think the cookie-based authentication in the WebSocket API document means the deployed RTDS scenario that the application connects to a local ADS server, not the RTO (Refinitiv Real-Time Optimized) scenario which is over the cloud (currently AWS).
You can check the RTO scenario implementation detail from the Refinitiv Real-Time - Optimized Install and Config Guide document page (Section 2.8 "Consume Refinitiv Real-Time - Optimized Service")
0
Categories
- All Categories
- 6 AHS
- 37 Alpha
- 161 App Studio
- 4 Block Chain
- 4 Bot Platform
- 16 Connected Risk APIs
- 47 Data Fusion
- 30 Data Model Discovery
- 608 Datastream
- 1.3K DSS
- 577 Eikon COM
- 4.9K Eikon Data APIs
- 7 Electronic Trading
- Generic FIX
- 7 Local Bank Node API
- Trading API
- 2.7K Elektron
- 1.3K EMA
- 236 ETA
- 519 WebSocket API
- 33 FX Venues
- 10 FX Market Data
- 1 FX Post Trade
- 1 FX Trading - Matching
- 12 FX Trading – RFQ Maker
- 5 Intelligent Tagging
- 2 Legal One
- 20 Messenger Bot
- 2 Messenger Side by Side
- 9 ONESOURCE
- 7 Indirect Tax
- 59 Open Calais
- 264 Open PermID
- 39 Entity Search
- 2 Org ID
- PAM
- PAM - Logging
- 8.4K Private Comments
- 6 Product Insight
- Project Tracking
- ProView
- ProView Internal
- 20 RDMS
- 1.4K Refinitiv Data Platform
- 367 Refinitiv Data Platform Libraries
- 3 Refinitiv Due Diligence
- LSEG Due Diligence Portal API
- 3 Refinitiv Due Dilligence Centre
- Rose's Space
- 1.1K Screening
- 18 Qual-ID API
- 13 Screening Deployed
- 23 Screening Online
- 10 World-Check Customer Risk Screener
- 990 World-Check One
- 44 World-Check One Zero Footprint
- 45 Side by Side Integration API
- Test Space
- 3 Thomson One Smart
- 1.2K TR Internal
- Global Hackathon 2015
- 2 Specialists Who Code
- 10 TR Knowledge Graph
- 150 Transactions
- 142 REDI API
- 1.7K TREP APIs
- 4 CAT
- 21 DACS Station
- 117 Open DACS
- 1.1K RFA
- 103 UPA
- 172 TREP Infrastructure
- 224 TRKD
- 886 TRTH
- 5 Velocity Analytics
- 5 Wealth Management Web Services
- 59 Workspace SDK
- 9 Element Framework
- 5 Grid
- 13 World-Check Data File
- Yield Book Analytics
- 46 中文论坛