I am working on calling the World Check One API from ServiceNow
I am able to access the API from Postman successfully.
When attempting to make the same call from ServiceNow I get a 401 error.
Code
Code to generate header in ServiceNow:
getSimpleScreeningRequestAuthHeader : function(dateSent,payload){
var contentLength = unescape(encodeURIComponent(payload)).length,
environment = {
"gateway-url": gs.getProperty('x_525112_refinitiv.refinitiv.gateway_url'),
"gateway-host": gs.getProperty('x_525112_refinitiv.refinitiv.gateway_host'),
"content": "application/json",
"api-key": gs.getProperty('x_525112_refinitiv.refinitiv.api_key')
},
dataToHash = "(request-target): post " + environment["gateway-url"] + "cases/screeningRequest\n" +
"host: " + environment["gateway-host"] + "\n" +
"date: " + dateSent + "\n" +
"content-type: " + environment["content"] + "\n" +
"content-length: " + contentLength + "\n" +
payload,
hmac = this._generateHash(dataToHash),
authHeader = "Signature keyId=\"" + environment["api-key"] + "\",algorithm=\"hmac-sha256\",headers=\"(request-target) host date content-type content-length\",signature=\"" + hmac + "\"";
var debug = {
"environmet": environment,
"dataToHash": dataToHash,
"hmac": hmac
};
gs.info('test this - script include debug: ' +JSON.stringify(debug));
return authHeader;
},
_generateHash : function(dataToHash){
var hmacUtil = new x_525112_cryptojs.CryptoJS_Wrapper(),
secret = gs.getProperty('x_525112_refinitiv.refinitiv.api_secret'),
hash = hmacUtil.HmacSHA256(dataToHash, secret);
return hmacUtil.convertToBase64(hash);
//return gs.base64Encode(hash)
}
**payload is the body of the REST message
Code to make the call
var dateToday = new Date().toGMTString(),
restBody = {
"groupId": "****", (group id removed for security, have verified it matches Postman)
"entityType": "UNSPECIFIED",
"caseId": "",
"providerTypes": [
"WATCHLIST"
],
"caseScreeningState": {
"WATCHLIST": "INITIAL"
},
"name": "John Smith",
"nameTransposition": false,
"secondaryFields": [],
"customFields": []
},
authHeaderString = new x_525112_refinitiv.refinitivWCUtils().getSimpleScreeningRequestAuthHeader(dateToday,JSON.stringify(restBody));
try {
var endPoint = gs.getProperty('x_525112_refinitiv.refinitiv.gateway_host') + gs.getProperty('x_525112_refinitiv.refinitiv.gateway_url'),
contentLength = unescape(encodeURIComponent(restBody)).length,
r = new sn_ws.RESTMessageV2('x_525112_refinitiv.refinitiv_world_check', 'SEQ-screen-sync-simple');
r.setStringParameterNoEscape('authorizarionString', authHeaderString);
r.setStringParameterNoEscape('currentDate', dateToday);
r.setStringParameterNoEscape('endPoint', endPoint);
r.setStringParameterNoEscape('contentLength', contentLength);
r.setStringParameter('payload', restBody);
var response = r.execute();
var responseBody = response.getBody();
var httpStatus = response.getStatusCode();
var debug = {
"date": dateToday,
"endPoint": endPoint,
"httpStatus": httpStatus
}
gs.print(JSON.stringify(debug));
gs.print('authHeaderString is: ' + authHeaderString);
}
catch(ex) {
var message = ex.message;
gs.print('error caught, message: ' + message);
}
Debug & gs.print information returned after making the REST call
var scriptIncludeDebug= {
"environmet": {
"gateway-url": "/v2/",
"gateway-host": "api-worldcheck.refinitiv.com",
"content": "application/json",
"api-key": "*****" (key removed for security, have verified it matches Postman)
},
"dataToHash": "(request-target): post /v2/cases/screeningRequest\nhost: api-worldcheck.refinitiv.com\ndate: Fri, 18 Mar 2022 14:57:35 GMT\ncontent-type: application/json\ncontent-length: 238\n{\"groupId\":\"******\",\"entityType\":\"UNSPECIFIED\",\"caseId\":\"\",\"providorTypes\":[\"WACHTLIST\"],\"caseScreeningState\":{\"WATCHLIST\":\"INITIAL\"},\"name\":\"John Smith\",\"nameTransposition\":false,\"secondaryFields\":[],\"customFields\":[]}", (group id removed for security, have verified it matches Postman)
"hmac": "6kVaZfQIuChZ2dldnrHrrYv9McZOPjSMRdAXvZhAlzw="
},
bgScriptDebug = {
"date": "Fri, 18 Mar 2022 14:57:35 GMT",
"endPoint": "api-worldcheck.refinitiv.com/v2/",
"httpStatus": 401
}
(keyID removed for security, have verified it matches Postman and in both Signatures)
var SNC = ' Signature keyId="******",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length",signature="6kVaZfQIuChZ2dldnrHrrYv9McZOPjSMRdAXvZhAlzw=" '
var PMN = ' Signature keyId="******",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length",signature="M8CoTayADFfsJFU8kL1MO5FGv/kmLPedsh/E+rRHbc8=" '
I have verified the server date/time is within 30 seconds of https://time.is
Any help you can offer would be greatly appreciated.
Best Answer
-
Hi @vcarlisle
We would like you to please utilize the some of the sample codes available on the https://developers.refinitiv.com/en/api-catalog/customer-and-third-party-screening/world-check-one-api/downloads
Please check and let us know if you still need our assistance.
ThanksVivek Kumar Singh
0
Answers
-
Hi @vcarlisle
Thanks for your email!
Please allow us to validate the details, will get back to you ASAP.
Thanks
Vivek Kumar Singh0 -
@Vivek Kumar Singh thanks, I look forward to hearing from you. Let me know if you want to meet up so we can step through what I am doing or if there are any questions I can answer here.
0 -
For anyone facing the issue, the suggested documentation didn't really help solve the issue. For us it turned out to be an issue with the message body, even copying/pasting it from the Postman files directly to the ServiceNow script we were experiencing a variance between the calculated length that Postman provided and the length in ServiceNow. By using JSON.strignify(restbody, null, 4) we were able to resolve the variance. Our best guess is that even though we were using JSON.stringify(restbody) it was sending the body as an unformatted (lacking spaces) string and that was causing the issue. Also, when passed as a parameter in the ServiceNow REST message function, the REST body must be set to "setStringParameterNoEscape()".
0
Categories
- All Categories
- 6 AHS
- 37 Alpha
- 161 App Studio
- 4 Block Chain
- 4 Bot Platform
- 16 Connected Risk APIs
- 47 Data Fusion
- 30 Data Model Discovery
- 608 Datastream
- 1.3K DSS
- 577 Eikon COM
- 4.9K Eikon Data APIs
- 7 Electronic Trading
- Generic FIX
- 7 Local Bank Node API
- Trading API
- 2.7K Elektron
- 1.3K EMA
- 236 ETA
- 519 WebSocket API
- 33 FX Venues
- 10 FX Market Data
- 1 FX Post Trade
- 1 FX Trading - Matching
- 12 FX Trading – RFQ Maker
- 5 Intelligent Tagging
- 2 Legal One
- 20 Messenger Bot
- 2 Messenger Side by Side
- 9 ONESOURCE
- 7 Indirect Tax
- 59 Open Calais
- 264 Open PermID
- 39 Entity Search
- 2 Org ID
- PAM
- PAM - Logging
- 8.4K Private Comments
- 6 Product Insight
- Project Tracking
- ProView
- ProView Internal
- 20 RDMS
- 1.4K Refinitiv Data Platform
- 367 Refinitiv Data Platform Libraries
- 3 Refinitiv Due Diligence
- LSEG Due Diligence Portal API
- 3 Refinitiv Due Dilligence Centre
- Rose's Space
- 1.1K Screening
- 18 Qual-ID API
- 13 Screening Deployed
- 23 Screening Online
- 10 World-Check Customer Risk Screener
- 990 World-Check One
- 44 World-Check One Zero Footprint
- 45 Side by Side Integration API
- Test Space
- 3 Thomson One Smart
- 1.2K TR Internal
- Global Hackathon 2015
- 2 Specialists Who Code
- 10 TR Knowledge Graph
- 150 Transactions
- 142 REDI API
- 1.7K TREP APIs
- 4 CAT
- 21 DACS Station
- 117 Open DACS
- 1.1K RFA
- 103 UPA
- 172 TREP Infrastructure
- 224 TRKD
- 886 TRTH
- 5 Velocity Analytics
- 5 Wealth Management Web Services
- 59 Workspace SDK
- 9 Element Framework
- 5 Grid
- 13 World-Check Data File
- Yield Book Analytics
- 46 中文论坛