Getting a 401 when "Post"ing a case to the API
First things I want to say our mechanism works for "GET" calls, where we are not submitting data, however on making a POST call using the same hashing routine we have developed, and using the following signature data
(request-target): post /v1/cases
host: rms-world-check-one-api-pilot.thomsonreuters.com
date: Wed, 28 Sep 2016 14:26:28 GMT
content-type: application/json
content-length: 191
We are not able to authenticate successfully. All we have done is adapted the routine to add the current content type and content length of the request to the hash computation, so the existing working computation should work fine. We have verified that the content type header matches what is submitted (it does) and the content-length header matches what is in the signature and also matches the size of the request body (191 bytes) the API call is posting the correct JSON.
Here are the HTTP headers in question
Request:
POST /cases
cache-control: no-cache
content-type: application/json
content-length: 191
authorization: Signature keyId="{key}",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length",signature="{signature}"
date: Wed, 28 Sep 2016 14:26:28 GMT
Accept: application/json
Any ideas?
Best Answer
-
Whoops my bad
Forgot to ensure the actual posted content was included as part of the signature. All works now!
2
Answers
-
In addition, we have also verified the hash mechanism generates exactly the same value as Thomson Reuters expect to see on a "GET" call with them supplying a test hash for our unit tests.
0 -
n addition, we have also verified the hash mechanism generates exactly the same value as Thomson Reuters expect to see on a "GET" call with them supplying a test hash for our unit tests.
0 -
Hi @john.crocker,
Thanks for posting this, even though you solved your own issue, it will help others to understand the WC-1 API programming.
Thanks again,
Brian
1
Categories
- All Categories
- 6 AHS
- 37 Alpha
- 161 App Studio
- 4 Block Chain
- 4 Bot Platform
- 16 Connected Risk APIs
- 47 Data Fusion
- 30 Data Model Discovery
- 608 Datastream
- 1.3K DSS
- 577 Eikon COM
- 4.9K Eikon Data APIs
- 7 Electronic Trading
- Generic FIX
- 7 Local Bank Node API
- Trading API
- 2.7K Elektron
- 1.3K EMA
- 236 ETA
- 519 WebSocket API
- 33 FX Venues
- 10 FX Market Data
- 1 FX Post Trade
- 1 FX Trading - Matching
- 12 FX Trading – RFQ Maker
- 5 Intelligent Tagging
- 2 Legal One
- 20 Messenger Bot
- 2 Messenger Side by Side
- 9 ONESOURCE
- 7 Indirect Tax
- 59 Open Calais
- 264 Open PermID
- 39 Entity Search
- 2 Org ID
- PAM
- PAM - Logging
- 8.4K Private Comments
- 6 Product Insight
- Project Tracking
- ProView
- ProView Internal
- 20 RDMS
- 1.4K Refinitiv Data Platform
- 367 Refinitiv Data Platform Libraries
- 3 Refinitiv Due Diligence
- LSEG Due Diligence Portal API
- 3 Refinitiv Due Dilligence Centre
- Rose's Space
- 1.1K Screening
- 18 Qual-ID API
- 13 Screening Deployed
- 23 Screening Online
- 10 World-Check Customer Risk Screener
- 990 World-Check One
- 44 World-Check One Zero Footprint
- 45 Side by Side Integration API
- Test Space
- 3 Thomson One Smart
- 1.2K TR Internal
- Global Hackathon 2015
- 2 Specialists Who Code
- 10 TR Knowledge Graph
- 150 Transactions
- 142 REDI API
- 1.7K TREP APIs
- 4 CAT
- 21 DACS Station
- 117 Open DACS
- 1.1K RFA
- 103 UPA
- 172 TREP Infrastructure
- 224 TRKD
- 886 TRTH
- 5 Velocity Analytics
- 5 Wealth Management Web Services
- 59 Workspace SDK
- 9 Element Framework
- 5 Grid
- 13 World-Check Data File
- Yield Book Analytics
- 46 中文论坛