{"activeVersionTag":"latest","latestAvailableVersionTag":"latest","collection":{"info":{"_postman_id":"099037be-8f08-4ac0-b0f4-c3c79f1bb9ee","name":"InsurFront API","description":"Welcome to the InsurFront API documentation! Our API is designed to offer a flexible and efficient way to integrate and automate your insurance operations, ensuring a seamless interaction with the InsurFront platform. This introduction provides an overview of the core aspects of the InsurFront API and how to get started with it.\n\n## Core Characteristics of the InsurFront API\n\nThe InsurFront API is structured around the principles of Representational State Transfer (REST). It is developed with a focus on simplicity, reliability, and predictability, ensuring a smooth integration process for developers. Here are some key features of the InsurFront API:\n\n### RESTful Architecture\n\n- **Resource-Oriented URLs:** The API uses intuitive and predictable URLs that are structured to be easily understandable and logically organized around resources.\n- **Form-Encoded Request Bodies:** Requests to the API are encoded as form submissions, making them easy to construct and compatible with standard web forms.\n- **JSON-Encoded Responses:** The responses from the API are encoded in JSON, providing a lightweight, text-based, and human-readable format.\n- **Standard HTTP Conventions:** InsurFront API adheres to standard HTTP practices, including the use of response codes, authentication methods, and verbs (GET, POST, PUT, DELETE), making it consistent with conventional web APIs.\n    \n\n### Test Mode Availability\n\n- **Safe Testing Environment:** The API offers a test mode, allowing developers to experiment and test their integrations without affecting live data or interacting with live networks of connected partners.\n- **Separate API Keys for Live and Test Modes:** The API key used for authentication determines whether the request is in live mode or test mode. This distinction ensures that test operations remain isolated from your production environment.\n- **Accessing Test Mode:** To gain access to the test mode, users can contact InsurFront through our support page. This process ensures controlled access to the testing environment.\n    \n\n### Limitations and Customizations\n\n- **No Bulk Updates:** The InsurFront API currently does not support bulk updates. Each request is limited to working on one object at a time, ensuring clarity and simplicity in data handling.\n- **Account-Specific API Customization:** The API is continually evolving, with new versions being released and functionalities being tailored. This means that the API may differ slightly for each account, offering customized solutions based on specific needs.\n- **Personalized Documentation:** Users can log in to view documentation that is customized to their specific version of the API. This personalized approach includes details on their unique API key and data, providing a tailored experience.\n    \n\n## Getting Started with the InsurFront API\n\nTo begin using the InsurFront API, users should first familiarize themselves with the standard RESTful practices and the specific conventions of our API. Access to both live and test modes requires authentication through API keys, which can be managed through the InsurFront platform. We encourage users to explore the test mode for safe and risk-free development before deploying their integrations in the live environment.\n\nThe InsurFront API is a powerful tool designed to streamline and enhance the capabilities of the InsurFront platform. With its RESTful design, intuitive structure, and customizable features, it offers developers a robust and flexible way to integrate with InsurFront’s insurance services. Whether you are looking to automate tasks, integrate with other systems, or develop new functionalities, the InsurFront API provides the necessary framework to achieve your goals efficiently and effectively.\n\n# Authentication\n\nProper authentication is a critical component of interacting with the InsurFront API. Ensuring secure and authorized access is fundamental to maintaining the integrity and confidentiality of the data exchanged through the API. This article provides detailed guidance on how developers can authenticate their API requests effectively.\n\n## Bearer Authentication\n\nInsurFront uses bearer authentication, a popular method for sending a security token with HTTP requests. This approach is straightforward and secure, making it an optimal choice for API interactions.\n\n### Obtaining the Bearer API Key\n\nTo authenticate with the InsurFront API, developers first need to obtain a bearer API key. This key acts as a token, confirming the legitimacy and authorization of the API requests. Here’s how to acquire it:\n\n1. **Access the Developer Page:** Developers must log into the InsurFront admin dashboard and navigate to the Developer page. This page is specifically designed for managing API interactions.\n2. **Creating API Keys:** Within the Developer page, developers have the option to create an unlimited number of API keys. This flexibility allows for distinct keys for different applications or environments, aiding in better management and security.\n3. **Scope of Access:** Each API key generated provides unrestricted access to all database entries associated with the developer’s insurance company. Therefore, it is crucial to manage these keys with utmost caution to prevent unauthorized access.\n    \n\n## Making API Requests\n\nOnce the bearer API key is obtained, it should be included in the HTTP request headers to authenticate API calls. Here are the key considerations for making authenticated API requests:\n\n### HTTPS Requirement\n\n- **Secure Communication:** All API requests to InsurFront must be made over HTTPS. This requirement ensures that the data transmitted between the client and the server is encrypted and secure.\n- **Failure over HTTP:** Any API calls made over plain HTTP, without encryption, will fail. This policy is in place to protect the data integrity and prevent potential security vulnerabilities.\n    \n\n### Including the Authentication Token\n\n- **Bearer Token in Headers:** The obtained bearer API key must be included in the HTTP header of every API request. The standard format for including the bearer token is: `Authorization: Bearer YOUR_API_KEY`.\n- **Mandatory Authentication:** Any API requests without the appropriate authentication header will fail. This safeguard ensures that every request is verified for authorization, maintaining the security of the platform’s data.\n    \n\n## Best Practices for API Key Management\n\nGiven that the API keys provide comprehensive access to sensitive data, it’s essential to follow best practices for key management:\n\n- **Secure Storage:** API keys should be stored securely and should not be hard-coded into applications or exposed in client-side code.\n- **Limited Distribution:** Share the API keys only with personnel who require access, and avoid unnecessary distribution.\n- **Regular Rotation:** Regularly updating or changing API keys can help mitigate the risk of unauthorized access.\n    \n\n# Rate Limits\n\nIn order to maintain optimal performance and ensure equitable access for all users, the InsurFront API enforces rate limits on the number of requests that can be made to the API within a certain time frame. These limits vary depending on the company's subscription plan.\n\nIn any API, rate limiting is an essential feature that ensures fair usage and prevents system overload by regulating the number of requests a user can make within a certain time frame. The InsurFront API enforces specific rate limits to maintain the platform's reliability and performance.\n\n## Rate Limit Policy in InsurFront\n\nThe InsurFront API implements different rate limits based on the type of subscription plan. These limits are designed to optimize the system's performance and ensure equitable access for all users.\n\n### Rate Limits for Different Plans\n\n- **Self Setup Plans:** For users on the Self Setup Plans, the API rate limit is set to 10 requests per second. This limit is suitable for most standard operations required by smaller insurance companies or individual users.\n- **Enterprise Plans:** Users subscribed to the Enterprise Plans have a higher rate limit, set at 580 requests per second. This increased limit caters to the more demanding needs of larger organizations that require extensive data transactions and more frequent API calls.\n    \n\nThese rate limits are enforced as a 'hard limit,' meaning that once the limit is reached, additional requests within the same second will be restricted.\n\n### Handling Rate-Limited Requests\n\nWhen a request exceeds the prescribed rate limit, the InsurFront API responds with an HTTP 429 error code. This error indicates that too many requests have been made in a given amount of time, and the user should slow down their request rate.\n\n## Best Practices for Managing Rate Limits\n\nTo efficiently work within these rate limits and avoid encountering HTTP 429 errors, users are advised to consider the following best practices:\n\n1. **Optimize API Calls:** Structure your API calls to retrieve or modify as much data as possible within a single request, reducing the total number of calls needed.\n2. **Implement Exponential Backoff:** In case of a rate limit error, implement an exponential backoff strategy in your API client. This involves progressively increasing the delay between retry attempts to reduce the likelihood of hitting the rate limit again.\n3. **Monitor API Usage:** Regularly monitor your API usage to understand your request patterns and adjust your API call strategy as necessary.\n4. **Caching Responses:** Where feasible, cache API responses to minimize the need for repetitive requests for the same data.\n    \n\n# Base URL\n\nIn order to interact with the InsurFront API, it is essential for developers to understand and utilize the correct base URL. The base URL serves as the foundational address for all API requests and varies depending on the environment and subscription plan.\n\n## Base URLs for Different Environments\n\nInsurFront provides two separate environments for API interaction – the Sandbox (test version) and Production (live version). Each environment has its unique base URL:\n\n- **Sandbox Environment:** The Sandbox environment is designed for testing and development purposes. The base URL for the Sandbox environment is `https://insurfront.com/version-test/api/1.1/wf`. This environment allows users to test their API integrations without affecting live data.\n- **Production Environment:** The Production environment is the live version used for actual operations. The base URL for the Production environment is `https://insurfront.com/api/1.1/wf`. This is where the API interacts with real data and is used for all live operations.\n    \n\n## Custom Domains for Enterprise Plan Customers\n\nEnterprise Plan customers have the additional option of using a custom domain for their API interactions. This feature provides a more branded and personalized experience. The base URLs for custom domains are as follows:\n\n- **Sandbox with Custom Domain:** For testing and development on a custom domain, the base URL is structured as `https://[custom_domain]/version-test/api/1.1/wf`. Here, \"\\[custom_domain\\]\" should be replaced with the company's specific custom domain.\n- **Production with Custom Domain:** For live operations on a custom domain, the base URL is `https://[custom_domain]/api/1.1/wf`. Similar to the Sandbox environment, \"\\[custom_domain\\]\" is a placeholder for the company's chosen custom domain.\n    \n\n# Error Codes\n\nWhen working with the InsurFront API, it's essential to understand how the system communicates issues or problems encountered during API requests. This is primarily done through error codes – specific codes that represent various types of errors. Understanding these error codes is crucial for effectively debugging and resolving issues that may arise while using the API.\n\nError codes in the InsurFront API are designed to be intuitive and informative, providing clear indications of what went wrong and where. They follow standard HTTP status code conventions, making them recognizable to developers who are familiar with web development. Each error code corresponds to a particular type of error, ranging from client-side errors like incorrect request formats to server-side issues such as service unavailability.\n\n| HTTP code | Description |\n| --- | --- |\n| 400 | Conditions under which the data can be retrieved or updated have not been met. |\n| 401 | Permission was denied, generally because parameters would access data that is not available to the insurance company in question. |\n| 404 | The resource entry not found. |\n| 405 | The wrong method/verb was used. |\n| 429 | Hard limit of requests per second/minute exceeded. |\n| 500 | Internal bug. Contact InsurFront support to report the issue. |\n| 503 | Service unavailable. Contact InsurFront support to report the issue. |\n| Success: 200 | If a request is successful, this HTTP code is received. |","schema":"https://schema.getpostman.com/json/collection/v2.0.0/collection.json","isPublicCollection":false,"owner":"31980110","team":5997014,"collectionId":"099037be-8f08-4ac0-b0f4-c3c79f1bb9ee","publishedId":"2s9Ykrcg7r","public":true,"publicUrl":"https://devdocs.insurfront.com","privateUrl":"https://go.postman.co/documentation/31980110-099037be-8f08-4ac0-b0f4-c3c79f1bb9ee","customColor":{"top-bar":"FFFFFF","right-sidebar":"303030","highlight":"F77C00"},"documentationLayout":"classic-double-column","customisation":{"metaTags":[{"name":"description","value":""},{"name":"title","value":"InsurFront"}],"appearance":{"default":"system_default","themes":[{"name":"dark","logo":"https://content.pstmn.io/255da339-b768-4dc4-a5d7-adc835f55574/dHJhbnNwYXJlbnQgd2hpdGUucG5n","colors":{"top-bar":"212121","right-sidebar":"303030","highlight":"F77C00"}},{"name":"light","logo":"https://content.pstmn.io/bb33293c-55cd-41ad-87d4-a89e8db376bf/dHJhbnNwYXJlbnQgbG9nby5wbmc=","colors":{"top-bar":"FFFFFF","right-sidebar":"303030","highlight":"F77C00"}}]}},"version":"8.10.1","publishDate":"2024-01-26T00:27:01.000Z","activeVersionTag":"latest","documentationTheme":"light","metaTags":{"title":"InsurFront","description":""},"logos":{"logoLight":"https://content.pstmn.io/bb33293c-55cd-41ad-87d4-a89e8db376bf/dHJhbnNwYXJlbnQgbG9nby5wbmc=","logoDark":"https://content.pstmn.io/255da339-b768-4dc4-a5d7-adc835f55574/dHJhbnNwYXJlbnQgd2hpdGUucG5n"}},"statusCode":200},"environments":[{"name":"Sandbox","id":"247c98cb-7e87-4cae-951e-e95741acc040","owner":"31980110","values":[{"key":"Base URL","value":"https://insurfront.com/version-test/api/1.1/wf","enabled":true,"type":"default"},{"key":"Bearer token","value":"","enabled":true,"type":"secret"}],"published":true}],"user":{"authenticated":false,"permissions":{"publish":false}},"run":{"button":{"js":"https://run.pstmn.io/button.js","css":"https://run.pstmn.io/button.css"}},"web":"https://www.getpostman.com/","team":{"logo":"https://res.cloudinary.com/postman/image/upload/t_team_logo_pubdoc/v1/team/7a2646d4f32ed59b134de0c71516f95e0454499268e47a8c6ada19293d14b6ba","favicon":"https://insurfront.com/favicon.ico"},"isEnvFetchError":false,"languages":"[{\"key\":\"csharp\",\"label\":\"C#\",\"variant\":\"HttpClient\"},{\"key\":\"csharp\",\"label\":\"C#\",\"variant\":\"RestSharp\"},{\"key\":\"curl\",\"label\":\"cURL\",\"variant\":\"cURL\"},{\"key\":\"dart\",\"label\":\"Dart\",\"variant\":\"http\"},{\"key\":\"go\",\"label\":\"Go\",\"variant\":\"Native\"},{\"key\":\"http\",\"label\":\"HTTP\",\"variant\":\"HTTP\"},{\"key\":\"java\",\"label\":\"Java\",\"variant\":\"OkHttp\"},{\"key\":\"java\",\"label\":\"Java\",\"variant\":\"Unirest\"},{\"key\":\"javascript\",\"label\":\"JavaScript\",\"variant\":\"Fetch\"},{\"key\":\"javascript\",\"label\":\"JavaScript\",\"variant\":\"jQuery\"},{\"key\":\"javascript\",\"label\":\"JavaScript\",\"variant\":\"XHR\"},{\"key\":\"c\",\"label\":\"C\",\"variant\":\"libcurl\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Axios\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Native\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Request\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Unirest\"},{\"key\":\"objective-c\",\"label\":\"Objective-C\",\"variant\":\"NSURLSession\"},{\"key\":\"ocaml\",\"label\":\"OCaml\",\"variant\":\"Cohttp\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"cURL\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"Guzzle\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"HTTP_Request2\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"pecl_http\"},{\"key\":\"powershell\",\"label\":\"PowerShell\",\"variant\":\"RestMethod\"},{\"key\":\"python\",\"label\":\"Python\",\"variant\":\"http.client\"},{\"key\":\"python\",\"label\":\"Python\",\"variant\":\"Requests\"},{\"key\":\"r\",\"label\":\"R\",\"variant\":\"httr\"},{\"key\":\"r\",\"label\":\"R\",\"variant\":\"RCurl\"},{\"key\":\"ruby\",\"label\":\"Ruby\",\"variant\":\"Net::HTTP\"},{\"key\":\"shell\",\"label\":\"Shell\",\"variant\":\"Httpie\"},{\"key\":\"shell\",\"label\":\"Shell\",\"variant\":\"wget\"},{\"key\":\"swift\",\"label\":\"Swift\",\"variant\":\"URLSession\"}]","languageSettings":[{"key":"csharp","label":"C#","variant":"HttpClient"},{"key":"csharp","label":"C#","variant":"RestSharp"},{"key":"curl","label":"cURL","variant":"cURL"},{"key":"dart","label":"Dart","variant":"http"},{"key":"go","label":"Go","variant":"Native"},{"key":"http","label":"HTTP","variant":"HTTP"},{"key":"java","label":"Java","variant":"OkHttp"},{"key":"java","label":"Java","variant":"Unirest"},{"key":"javascript","label":"JavaScript","variant":"Fetch"},{"key":"javascript","label":"JavaScript","variant":"jQuery"},{"key":"javascript","label":"JavaScript","variant":"XHR"},{"key":"c","label":"C","variant":"libcurl"},{"key":"nodejs","label":"NodeJs","variant":"Axios"},{"key":"nodejs","label":"NodeJs","variant":"Native"},{"key":"nodejs","label":"NodeJs","variant":"Request"},{"key":"nodejs","label":"NodeJs","variant":"Unirest"},{"key":"objective-c","label":"Objective-C","variant":"NSURLSession"},{"key":"ocaml","label":"OCaml","variant":"Cohttp"},{"key":"php","label":"PHP","variant":"cURL"},{"key":"php","label":"PHP","variant":"Guzzle"},{"key":"php","label":"PHP","variant":"HTTP_Request2"},{"key":"php","label":"PHP","variant":"pecl_http"},{"key":"powershell","label":"PowerShell","variant":"RestMethod"},{"key":"python","label":"Python","variant":"http.client"},{"key":"python","label":"Python","variant":"Requests"},{"key":"r","label":"R","variant":"httr"},{"key":"r","label":"R","variant":"RCurl"},{"key":"ruby","label":"Ruby","variant":"Net::HTTP"},{"key":"shell","label":"Shell","variant":"Httpie"},{"key":"shell","label":"Shell","variant":"wget"},{"key":"swift","label":"Swift","variant":"URLSession"}],"languageOptions":[{"label":"C# - HttpClient","value":"csharp - HttpClient - C#"},{"label":"C# - RestSharp","value":"csharp - RestSharp - C#"},{"label":"cURL - cURL","value":"curl - cURL - cURL"},{"label":"Dart - http","value":"dart - http - Dart"},{"label":"Go - Native","value":"go - Native - Go"},{"label":"HTTP - HTTP","value":"http - HTTP - HTTP"},{"label":"Java - OkHttp","value":"java - OkHttp - Java"},{"label":"Java - Unirest","value":"java - Unirest - Java"},{"label":"JavaScript - Fetch","value":"javascript - Fetch - JavaScript"},{"label":"JavaScript - jQuery","value":"javascript - jQuery - JavaScript"},{"label":"JavaScript - XHR","value":"javascript - XHR - JavaScript"},{"label":"C - libcurl","value":"c - libcurl - C"},{"label":"NodeJs - Axios","value":"nodejs - Axios - NodeJs"},{"label":"NodeJs - Native","value":"nodejs - Native - NodeJs"},{"label":"NodeJs - Request","value":"nodejs - Request - NodeJs"},{"label":"NodeJs - Unirest","value":"nodejs - Unirest - NodeJs"},{"label":"Objective-C - NSURLSession","value":"objective-c - NSURLSession - Objective-C"},{"label":"OCaml - Cohttp","value":"ocaml - Cohttp - OCaml"},{"label":"PHP - cURL","value":"php - cURL - PHP"},{"label":"PHP - Guzzle","value":"php - Guzzle - PHP"},{"label":"PHP - HTTP_Request2","value":"php - HTTP_Request2 - PHP"},{"label":"PHP - pecl_http","value":"php - pecl_http - PHP"},{"label":"PowerShell - RestMethod","value":"powershell - RestMethod - PowerShell"},{"label":"Python - http.client","value":"python - http.client - Python"},{"label":"Python - Requests","value":"python - Requests - Python"},{"label":"R - httr","value":"r - httr - R"},{"label":"R - RCurl","value":"r - RCurl - R"},{"label":"Ruby - Net::HTTP","value":"ruby - Net::HTTP - Ruby"},{"label":"Shell - Httpie","value":"shell - Httpie - Shell"},{"label":"Shell - wget","value":"shell - wget - Shell"},{"label":"Swift - URLSession","value":"swift - URLSession - Swift"}],"layoutOptions":[{"value":"classic-single-column","label":"Single Column"},{"value":"classic-double-column","label":"Double Column"}],"versionOptions":[],"environmentOptions":[{"value":"0","label":"No Environment"},{"label":"Sandbox","value":"31980110-247c98cb-7e87-4cae-951e-e95741acc040"}],"canonicalUrl":"https://devdocs.insurfront.com/view/metadata/2s9Ykrcg7r"}