Summary
The Rating API allows for rating or quoting an insurance product. The primary inputs include information like locations, coverages, limits and deductibles and the primary outputs are rates and premiums.
| Environment | External URL |
|---|---|
DEV |
|
UAT |
|
PROD |
Authorization
All endpoints on this API are secured with OAuth 2.0, using the client_credentials grant type.
| Environment | External URL |
|---|---|
DEV |
|
UAT |
|
PROD |
Example HTTP Request
POST /oauth/token HTTP/1.1
Authorization: Basic {{base64 encoded clientId:clientSecret}}
Content-Type: application/x-www-form-urlencoded
grant_type=client_credentialsExample HTTP Response
HTTP/1.1 200 OK
Content-Type: application/json
{
"api_product_list_json": [
"issuance-dev",
"rating-dev"
],
"token_type": "Bearer",
"access_token": "",
"expires_in": 3599,
}| Field | Type | Description |
|---|---|---|
api_product_list_json |
array |
Array of strings indicating the authorities granted to the client. |
token_type |
string |
This value should be placed in the Authorization header for API requests.
|
access_token |
string |
This value should be placed in the Authorization header for API requests.
|
expires_in |
number |
The time in seconds when the access token will expire. |
Dynamic Documentation
/api/endpoints
Call this endpoint first to determine which endpoints are available to you, as a consumer. This API serves multiple business divisions, and a variety of complex insurance products. Therefore, not all endpoints apply to all consumers.
Example HTTP Request
GET /api/endpoints HTTP/1.1
Authorization: Bearer {{access_token}}Example HTTP Response
HTTP/1.1 200 OK
Content-Type: application/json
{
"endpoints": [
"/api/example1",
"/api/example2"
]
}/api/docs
Call this endpoint to get specific request and response body details, which can vary based on factors such as the consumer, business division and product.
The /api/docs endpoint provides dynamic documentation based on those factors.
Determine the request body required by an endpoint.
Example HTTP Request
POST /api/docs HTTP/1.1
Authorization: Bearer {{access_token}}
Content-Type: application/json
{
"type": "request",
"endpoint": "/api/example1",
"format": "json",
"scope": {
"state": "OH"
}
}Determine the response body returned by an endpoint.
Example HTTP Request
POST /api/docs HTTP/1.1
Authorization: Bearer {{access_token}}
Content-Type: application/json
{
"type": "response",
"endpoint": "/api/example1",
"format": "json"
}| Field | Type | Required | Description |
|---|---|---|---|
type |
string |
true |
Valid values: |
endpoint |
string |
true |
One of the available API endpoints. |
format |
string |
true |
Valid values: |
scope |
object |
false |
Additional scoping necessary for the request. |
Additional /api/docs required field
Requests to /api/docs will require the field product if you are using the /api/rate endpoint. Valid values for the product field can be found by using the /api/products endpoint.
Endpoints
/api/products
Get all documented products if your available endpoints include /api/rate. Product codes are only used for /api/rate.
Keys in the response may be used for /api/docs. Values are used as UI labels
Example HTTP Request
POST /api/products HTTP/1.1
Authorization: Bearer {{access_token}}Example HTTP Response
HTTP/1.1 200 OK
Content-Type: application/json
{
"crime": "Crime",
"wc": "Workers' Compensation"
}/api/rate
Rate an insurance product.
/api/quote
Quote an insurance product.
Note: The following request/response is for both /api/rate and /api/quote.
Example HTTP Request
POST /api/rate HTTP/1.1
Authorization: Bearer {{access_token}}
Content-Type: application/json
{
"input": {
...
insert json from /api/docs here
...
},
"options": {
"testing": true
}
}Example HTTP Response
HTTP/1.1 200 OK
Content-Type: application/json
{
see /api/docs for example responses
}/api/taxes
Allows for the retrieval of detailed tax information and documents (including surplus line calculations)
Example HTTP Request
POST /api/taxes HTTP/1.1
Authorization: Bearer {{access_token}}
Content-Type: application/json
{
see /api/docs for example request
}Example HTTP Response
HTTP/1.1 200 OK
Content-Type: application/json
{
see /api/docs for example response
}HTTP Status Codes
Successful Responses
200 - OK
The request has succeeded.
Note: Please refer to /api/docs for documentation regarding successful response bodies.
Client Errors
400 Bad Request
The server could not understand the request due to invalid syntax.
Most 400 responses will contain the JSON structure in the example below.
The field errors will contain an array of objects.
Each object will have the fields: category, code and message.
Some 400 responses may also contain additional JSON structure.
Example HTTP Response
HTTP/1.1 400 Bad Request
Content-Type: application/json
{
"errors": [
{
"category": "Invalid Request",
"code": "INVALID",
"message": "The request was missing some piece of data."
}
]
}| Field | Description |
|---|---|
category |
The category of the error. |
code |
This value is meant to be read by code, so that the consuming system can respond to a give error programmatically. |
message |
A human readable message describing the error. |
401 - Unauthorized
Although the HTTP standard specifies "unauthorized", semantically this response means "unauthenticated". That is, the client must authenticate itself to get the requested response.
Example HTTP Response
HTTP/1.1 401 Unauthorized
Content-Type: application/json
{
"fault": {
"faultstring": "Invalid Access Token",
"detail": {
"errorcode": "keymanagement.service.invalid_access_token"
}
}
}403 - Forbidden
The client does not have access rights to the content; that is, it is unauthorized, so the server is refusing to give the requested resource. Unlike 401, the client’s identity is known to the server.
404 - Not Found
The server can not find the requested resource. This means that the endpoint is not available on this API.
Server Errors
500 - Internal Server Error
The server has encountered a situation it doesn’t know how to handle.
Example HTTP Response
HTTP/1.1 500 Internal Server Error
Content-Type: application/json
{
"timestamp": "2021-05-01T12:00:00.000-0400",
"status": 500,
"error": "Internal Server Error",
"message": "Something went wrong. Please contact CustomerCare@GAIG.COM",
"path": "/api/path"
}501 - Not Implemented
The request method is not supported by the server and cannot be handled.
Note: This response may be returned if the endpoint is not relevant for the client. Please refer to /api/docs for the list of endpoints available for a client.
Example HTTP Response
HTTP/1.1 501 Not Implemented
Content-Type: application/json
{
"timestamp": "2021-05-01T12:00:00.000-0400",
"status": 501,
"error": "Not Implemented",
"message": "API not yet implemented.",
"path": "/api/path"
}