In the list I can see the link to the document, that I bet it is something like https://frontend-doc-api.company-information.service.gov.uk/document/{DocumentID}.
Hi. I’ve not retrieved documents yet, but are you base64 encoding the token and setting it to basic authentication? Only saying that because you just mentioned "Authorization: (token) "
I’m assuming here you just want help getting the document metadata - e.g. not downloading the filing document itself. For information on the whole process please see other answers on this forum e.g. the following one:
I’m not sure what you mean by the “token” part? All the endpoints simply take the API key (technically, http basic Authorization where the username is the API key and the password is blank). Since you’re already calling curl to get the filing history for a company you’ll have an API key, yes?
I find the simplest way to do this with curl is using the -u argument to pass the username and password. That means you can simply put your unmodified API key from CH and then a colon, space and then the rest of your curl statement (because password part is blank).
Rolling your own (header) is not difficult but it seems to cause people a lot of confusion, so I’d go with the simplest method first. (The only reasons for working directly with http headers in the CH API are if you haven’t got a library to do the basics for you [I’d recommend using one to save labor]. In that case you may need to manage the rate-limiting system and / or manually follow the redirects in the document API to download document content without passing CH authorisation to Amazon. Those are topics covered elsewhere e.g. on this forum and probably won’t concern you if you’re manually accessing the system using curl).
Using an example company here (04253605) and my API key I got the following to work fine just now. I’ve left out your -k and -v options (disable certificate check and verbose) for clarity:
Companies House APIs seem to be designed for people to “follow the links” e.g. request a filing history (item), use the link there to request the document metadata, use the link there to request the document data.
I recommend doing that (again it seems they’ve designed their API essentially assuming people follow that kind of path - it’s clearer that way anyway). If there’s a specific issue post the URL you are requesting and the http response code and any body and someone might be able to help. (More information the better - so information on the environment you’re calling from might help also. Just don’t post your API key).
(Note that you need the “:” after your API key - this is because normally a username:password string goes here but Companies House have made it so the username part is the API key and the password is empty / blank).
This works correctly for me - I receive a http 200 and the body contains the expected JSON. (There is another difference - curl on my server supports more than http 1.1 but I suspect that this is not the source of problems here).
If you manually construct the Authorisation header correctly, this also works. So take the username:password string above (the API key plus : on the end) and base64 encode it to give a string - let’s call it BASE64USERANDPASS . Now make the header string:
HOWEVER if there is a problem with that header - so the BASE64USERANDPASS is not valid base64-encoded text, or you were missing the final “:”, or the capitalisation of the “Basic” is incorrect e.g. “basic” etc. … then you will get an error 500.
There are several other things which could cause you problems:
you need to have registered a live application, not a test one
you need to be calling Companies House from an IP address or (for js) a host url you have registered with them.
Specifically for when you request the document data (e.g. …/document/…/content ) note that this involves at least one redirect and the first is away from Companies House to Amazon AWS (currently) where the data is stored. Please search the site for more information on that (I’ve a couple of posts with details of this).
Using the URLs that the Companies House web site itself uses such as https://find-and-update.company-information.service.gov.uk/company/13062145/... may not be a good idea as that may be changed without notice. It’s probably better to use the API as that is specifically designed for this.
Finally - once you’re sure everything else works - for help with CORS errors please search for that specifically on this forum. There is a lot of information available.
Thank you very much - curl works fine. Could you please clarify whether BASE64USERANDPASS is the same as my API_KEY? I am using ‘Authorization’: ‘Basic 33…’ header but got 500
See: “So take the username:password string above (the API key plus : on the end) and base64 encode it to give a string - let’s call it BASE64USERANDPASS. …”
The username part is your API key. The password part is blank (empty string).
Plenty of javascript examples online e.g. in Stackoverflow.
In many environments there is built-in support for http basic so you don’t have to build the headers yourself. That seems to be a common source of confusion and problems!