Summary

The Product API is used to describe information about products sold by Great American.

Environment Base URLs
Environment External URL

DEV

https://dev01.api.gaig.com/product

UAT

https://uat01.api.gaig.com/product

PROD

https://prod01.api.gaig.com/product

Open API Specification

Authorization

All endpoints on this API are secured with OAuth 2.0, using the client_credentials grant type.

Environment External URL

DEV

https://dev01.api.gaig.com/oauth/token

UAT

https://uat01.api.gaig.com/oauth/token

PROD

https://prod01.api.gaig.com/oauth/token
Example HTTP Request
POST /oauth/token HTTP/1.1
Authorization: Basic {{base64 encoded clientId:clientSecret}}
Content-Type: application/x-www-form-urlencoded

grant_type=client_credentials
Example HTTP Response
HTTP/1.1 200 OK
Content-Type: application/json

{
  "api_product_list_json": [
    "issuance-dev",
    "rating-dev"
  ],
  "token_type": "Bearer",
  "access_token": "",
  "expires_in": 3599,
}
Authorization Response Fields
Field Type Description

api_product_list_json

array

Array of strings indicating the authorities granted to the client.

token_type

string

This value should be placed in the Authorization header for API requests.

Authorization: {{token_type}} {{access_token}}

access_token

string

This value should be placed in the Authorization header for API requests.

Authorization: {{token_type}} {{access_token}}

expires_in

number

The time in seconds when the access token will expire.

Dynamic Documentation

/api/endpoints

Call this endpoint first to determine which endpoints are available to you, as a consumer. This API serves multiple business divisions, and a variety of complex insurance products. Therefore, not all endpoints apply to all consumers.

Example HTTP Request
GET /api/endpoints HTTP/1.1
Authorization: Bearer {{access_token}}
Example HTTP Response
HTTP/1.1 200 OK
Content-Type: application/json

{
    "endpoints": [
        "/api/example1",
        "/api/example2"
    ]
}

/api/docs

Call this endpoint to get specific request and response body details, which can vary based on factors such as the consumer, business division and product. The /api/docs endpoint provides dynamic documentation based on those factors.

Determine the request body required by an endpoint.

Example HTTP Request
POST /api/docs HTTP/1.1
Authorization: Bearer {{access_token}}
Content-Type: application/json

{
    "type": "request",
    "endpoint": "/api/example1",
    "format": "json",
    "scope": {
        "state": "OH"
    }
}

Determine the response body returned by an endpoint.

Example HTTP Request
POST /api/docs HTTP/1.1
Authorization: Bearer {{access_token}}
Content-Type: application/json

{
    "type": "response",
    "endpoint": "/api/example1",
    "format": "json"
}
Request Body Fields
Field Type Required Description

type

string

true

Valid values: request, response

endpoint

string

true

One of the available API endpoints.

format

string

true

Valid values: json, details

scope

object

false

Additional scoping necessary for the request.

Endpoints

/api/symbols

Get all symbols:

Example HTTP Request
POST /api/symbols HTTP/1.1
Authorization: Bearer {{access_token}}
Content-Type: application/json

{}
Example HTTP Response
HTTP/1.1 200 OK
Content-Type: application/json

{
  "symbols": [
    "ACE",
    "CMP",
    "GL",
    "NEL",
    "SAA"
  ]
}

Get symbols by line of business:

Example HTTP Request
POST /api/symbols HTTP/1.1
Authorization: Bearer {{access_token}}
Content-Type: application/json

{
  "requestingBusinessUnitCode": 20,
  "date": "2020-10-24"
}
Example HTTP Response
HTTP/1.1 200 OK
Content-Type: application/json

{
  "symbols": [
    {
      "symbol": "ACE",
      "shortDescription": "Vehicle Protection Insurance",
      "longDescription": "Vehicle Protection Insurance",
      "requestingBusinessUnitName": "Specialty Equipment Services [020]",
      "requestingBusinessUnitCode": 20,
      "producingBusinessUnitName": null,
      "producingBusinessUnitCode": null,
      "lobName": "Commercial Automobile [60]",
      "lobCode": 60,
      "inServiceDate": "1900-01-01T05:00:00.000+00:00",
      "outOfServiceDate": "2099-12-31T05:00:00.000+00:00"
    },
    {
      "symbol": "MCP",
      "shortDescription": "Manuscripted Commercial Property",
      "longDescription": "Manuscripted Commercial Property Policy",
      "requestingBusinessUnitName": "Specialty Equipment Services [020]",
      "requestingBusinessUnitCode": 20,
      "producingBusinessUnitName": null,
      "producingBusinessUnitCode": null,
      "lobName": "Commercial Inland Marine [26]",
      "lobCode": 26,
      "inServiceDate": "2014-01-01T05:00:00.000+00:00",
      "outOfServiceDate": "2099-12-31T05:00:00.000+00:00"
    }
  ]
}
Symbols Request Fields
Field Type Required Description

date

string

true

Used to date control response values.

symbol

string

false

Policy symbol to search for.

requestingBusinessUnitCode

number

false

Business unit code to search for.

/api/availability

Get a list of products available in a particular platform/system.

Please see the Dynamic Documentation section for information on how to use the /api/docs endpoint get a json example or schema details for either the request or response for a given endpoint.

/api/classCodes

Get information about class code appetite for a given product.

Please see the Dynamic Documentation section for information on how to use the /api/docs endpoint get a json example or schema details for either the request or response for a given endpoint.

/api/classOfBusiness

Get information on eligibility status for a class of business record.

Please see the Dynamic Documentation section for information on how to use the /api/docs endpoint get a json example or schema details for either the request or response for a given endpoint.

/api/programCodes

Get program code details.

Please see the Dynamic Documentation section for information on how to use the /api/docs endpoint get a json example or schema details for either the request or response for a given endpoint.

/api/categories

Get list of categories and subcategories.

Please see the Dynamic Documentation section for information on how to use the /api/docs endpoint get a json example or schema details for either the request or response for a given endpoint.

/api/products

Get list of product information.

Please see the Dynamic Documentation section for information on how to use the /api/docs endpoint get a json example or schema details for either the request or response for a given endpoint.

/api/submitCategories

Submit new or updated categories and subcategories.

Please see the Dynamic Documentation section for information on how to use the /api/docs endpoint get a json example or schema details for either the request or response for a given endpoint.

HTTP Status Codes

Successful Responses

200 - OK

The request has succeeded.

Note: Please refer to /api/docs for documentation regarding successful response bodies.

Client Errors

400 Bad Request

The server could not understand the request due to invalid syntax. Most 400 responses will contain the JSON structure in the example below. The field errors will contain an array of objects. Each object will have the fields: category, code and message. Some 400 responses may also contain additional JSON structure.

Example HTTP Response
HTTP/1.1 400 Bad Request
Content-Type: application/json

{
    "errors": [
        {
            "category": "Invalid Request",
            "code": "INVALID",
            "message": "The request was missing some piece of data."
        }
    ]
}
400 Response Fields
Field Description

category

The category of the error.

code

This value is meant to be read by code, so that the consuming system can respond to a give error programmatically.

message

A human readable message describing the error.

401 - Unauthorized

Although the HTTP standard specifies "unauthorized", semantically this response means "unauthenticated". That is, the client must authenticate itself to get the requested response.

Example HTTP Response
HTTP/1.1 401 Unauthorized
Content-Type: application/json

{
    "fault": {
        "faultstring": "Invalid Access Token",
        "detail": {
            "errorcode": "keymanagement.service.invalid_access_token"
        }
    }
}

403 - Forbidden

The client does not have access rights to the content; that is, it is unauthorized, so the server is refusing to give the requested resource. Unlike 401, the client’s identity is known to the server.

404 - Not Found

The server can not find the requested resource. This means that the endpoint is not available on this API.

Server Errors

500 - Internal Server Error

The server has encountered a situation it doesn’t know how to handle.

Example HTTP Response
HTTP/1.1 500 Internal Server Error
Content-Type: application/json

{
    "timestamp": "2021-05-01T12:00:00.000-0400",
    "status": 500,
    "error": "Internal Server Error",
    "message": "Something went wrong. Please contact CustomerCare@GAIG.COM",
    "path": "/api/path"
}

501 - Not Implemented

The request method is not supported by the server and cannot be handled.

Note: This response may be returned if the endpoint is not relevant for the client. Please refer to /api/docs for the list of endpoints available for a client.

Example HTTP Response
HTTP/1.1 501 Not Implemented
Content-Type: application/json

{
    "timestamp": "2021-05-01T12:00:00.000-0400",
    "status": 501,
    "error": "Not Implemented",
    "message": "API not yet implemented.",
    "path": "/api/path"
}