Content Length Header already present
Hi,
The url i'm using is: https://api-worldcheck.refinitiv.com/v2/cases/screeningRequest
And my header are:
Content-Type: application/json
Authorization: XXXXXX
Content-Length: 255
And the payload is:
{
"groupId": "5jb6nlmky7ma1fznxdeemjygm",
"entityType": "INDIVIDUAL",
"caseId": "",
"providerTypes": [
"WATCHLIST"
],
"name": "{
{issue.summary}}",
"nameTransposition": false,
"secondaryFields": [],
"customFields": []
}
However I am prompted with "Content Length Header already present" and if I remove this header, I am then prompted with error 401:
Date: Wed, 22 Sep 2021 02:39:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=15552000, includeSubdomains
Authorization: WWW-Authenticate: Signature realm="World-Check One API",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length"
Any ideas?
Best Answer
-
Hi @fjhumka
Please find the sample request:curl --location --request POST 'https://api-worldcheck.refinitiv.com/v2/cases/screeningRequest' \
--header 'Date: Thu, 23 Sep 2021 07:27:59 GMT' \
--header 'Content-Type: application/json' \
--header 'Authorization: Signature keyId="YOUR API KEY",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length",signature="a3LucKET/dt9cTFc/WE6FVCIvEecxiPq1FsbceM8UgI="' \
--header 'Content-Length: 101' \
--data-raw '{
"groupId": "5jb707er6nj51fj1qcpj7nz4z",
"entityType": "INDIVIDUAL",
"caseId": "",
"providerTypes": [
"WATCHLIST"
],
"name": "John Smith",
"nameTransposition": false,
"secondaryFields": [],
"customFields": []
}'
Also find the pre-scripts which will help you to generate the signature:
function generateAuthHeader(dataToSign) {
var hash = CryptoJS.HmacSHA256(dataToSign, environment["api-secret"]);
return hash.toString(CryptoJS.enc.Base64);
}
function isEnvValuePopulated(envVal) {
if (_.isEmpty(pm.environment.get(envVal))) {
pm.environment.set(envVal, "--REQUIRED-VALUE-MISSING--");
return false;
} else {
return true;
}
}
isEnvValuePopulated("group-id");
var date = new Date().toGMTString();
var content = request.data;
content = content.replace("{
{group-id}}", environment["group-id"]);var contentLength = unescape(encodeURIComponent(content)).length;
var dataToSign = "(request-target): post " + environment["gateway-url"] + "cases/screeningRequest\n" +
"host: " + environment["gateway-host"] + "\n" +
"date: " + date + "\n" +
"content-type: " + environment["content"] + "\n" +
"content-length: " + contentLength + "\n" +
content;
var hmac = generateAuthHeader(dataToSign);
var authorisation = "Signature keyId=\"" + environment["api-key"] + "\",algorithm=\"hmac-sha256\",headers=\"(request-target) host date content-type content-length\",signature=\"" + hmac + "\"";
postman.setEnvironmentVariable("authorisation", authorisation);
postman.setEnvironmentVariable("currentDate", date);
postman.setEnvironmentVariable("contentLength", contentLength);
0
Answers
-
Hi @fjhumka
Are you using the POSTMAN to initiate the API call, if yes, the we would request you to kindly delete the postman collection and environment settings and then re-import the collections & environment. Once done, please try initiating the API call again and let us know if issue persist.0 -
Hi @Vivek Kumar Singh ,
Thank you for your response.
I am actually initiating the API call through a Web Request in JIRA.
I am not too sure about the structure of the Authorization header though:
Signature keyId="XXXXXXXXXXXXXXXXXXX",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length",signature="YYYYYYYYYYYYYYYYYYYYYYYYYYY"
Regards
0 -
Thank you very much for your response.
This works fine in Postman.
However I am trying to access WorkCheck One API through JIRA Web Request and I am prompted with the 401 error.
It seems that the "Authorization" header of JIRA is not recognizing the format. Any idea of how to configure this?
Response 401
Headers (5)
Date: Fri, 24 Sep 2021 04:54:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=15552000, includeSubdomains
Authorization: WWW-Authenticate: Signature realm="World-Check One API",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length"
Request POST https://api-worldcheck.refinitiv.com/v2/cases/screeningRequest
Headers (2)
Authorization: Signature keyId="XXXXXXX",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length",signature="YYYYY"
Content-Type: application/json
Payload
{
"groupId": "5jb6nlmky7ma1fznxdeemjygm",
"entityType": "INDIVIDUAL",
"caseId": "",
"providerTypes": [
"WATCHLIST"
],
"name": "",
"nameTransposition": false,
"secondaryFields": [],
"customFields": []
}
Regards,
0 -
Hi @fjhumka
Can you please help us with the actual Request headers & Response Headers along with the IP address. We need these details to troubleshoot further.
Thanks0
Categories
- All Categories
- 6 AHS
- 37 Alpha
- 161 App Studio
- 4 Block Chain
- 4 Bot Platform
- 16 Connected Risk APIs
- 47 Data Fusion
- 30 Data Model Discovery
- 608 Datastream
- 1.3K DSS
- 577 Eikon COM
- 4.9K Eikon Data APIs
- 7 Electronic Trading
- Generic FIX
- 7 Local Bank Node API
- Trading API
- 2.7K Elektron
- 1.3K EMA
- 236 ETA
- 519 WebSocket API
- 33 FX Venues
- 10 FX Market Data
- 1 FX Post Trade
- 1 FX Trading - Matching
- 12 FX Trading – RFQ Maker
- 5 Intelligent Tagging
- 2 Legal One
- 20 Messenger Bot
- 2 Messenger Side by Side
- 9 ONESOURCE
- 7 Indirect Tax
- 59 Open Calais
- 264 Open PermID
- 39 Entity Search
- 2 Org ID
- PAM
- PAM - Logging
- 8.4K Private Comments
- 6 Product Insight
- Project Tracking
- ProView
- ProView Internal
- 20 RDMS
- 1.4K Refinitiv Data Platform
- 367 Refinitiv Data Platform Libraries
- 3 Refinitiv Due Diligence
- LSEG Due Diligence Portal API
- 3 Refinitiv Due Dilligence Centre
- Rose's Space
- 1.1K Screening
- 18 Qual-ID API
- 13 Screening Deployed
- 23 Screening Online
- 10 World-Check Customer Risk Screener
- 990 World-Check One
- 44 World-Check One Zero Footprint
- 45 Side by Side Integration API
- Test Space
- 3 Thomson One Smart
- 1.2K TR Internal
- Global Hackathon 2015
- 2 Specialists Who Code
- 10 TR Knowledge Graph
- 150 Transactions
- 142 REDI API
- 1.7K TREP APIs
- 4 CAT
- 21 DACS Station
- 117 Open DACS
- 1.1K RFA
- 103 UPA
- 172 TREP Infrastructure
- 224 TRKD
- 886 TRTH
- 5 Velocity Analytics
- 5 Wealth Management Web Services
- 59 Workspace SDK
- 9 Element Framework
- 5 Grid
- 13 World-Check Data File
- Yield Book Analytics
- 46 中文论坛