Provide access to local business unit Enterprise Content Management systems for documentation access. Small Enterprise Tower (SME) application will allow underwriters to go through the underwriting process for new policies, the following API will allow the retrieval of document from different Business Units following an uniform approach.

How this can help you

Generated documents as quote and final policy documents will be needed by Skie in order to support SME Tower processes, as new Business Units are added, the following API will be responsible to ensure a consistent document retrieval by consumers.

How does it work

The Documents Process API based on context information (Business Unit) will route the request to the relevant system on the Business Unit and return a common data model with Documents information.

How do I get access

New applications wishing to use the service can request access via the API Exchange. As part of the request, you will be asked for a cost center and to select the service tier you require. Once the API Owner accepts your request you will be issued a Client ID and Secret which you can use to call the API. See Getting Start page for more information.

All our API’s are designed to be easy and fast to consume! You can play with them from day 0 through our built in mocking services (were you can explore our API's before any further engagement), but if you want the real deal go through our Terms and conditions and Pricing pages and get started without exiting this site.

Step 0. First time

If this is your first time using one of our API's we suggest to go through our Terms and conditions to understand the overall conditions of use.

Step 1. Request API access

Yes, just click on the "Request Access" button in this page where you will need to:

1. Select the Environment you want to access (more details on our Environment page)
2. Select the right tier for your application, you can find more information on Pricing page and move to the next screen
3. "Select an existing client application" or "Create a new application" that will be allowed to call this api

4. Read the Terms & Conditions and check the box to accept them

   • Terms and conditions vary between API's, it is important take knowledge of this information to prevent any API missusage
   • Please read Terms and conditions page to know our global terms and this API specific terms

5. Access approval & account setup

   • All access requests are assessed and approved whithin 1 working day, during this phase you might be contacted for specific details (e.g. cost centre)

Step 2. Use the API

Once you client application gets approved, and you have your credentials, you can visit our Authentication page to understand which authentication mechanism should be used to interacting with our API.

You can use this API through your preferable wrapper, MuleSoft, Azure API, Java, Python... Just follow our API Runbook to understand how to use it, or exmplore our API documentation to see in more detail our API documentation.

Step 3. Monitor your API

Monitorization of your API is also a key aspect to improve you API usage, our API's are actively monitored, please through our Support page to know more on our monitoring solution.

Step 4. Maintain your Application

We are allways looking to improve our API's, this means that is also important for you to know how this API can evolve and how we manage it.

The Versioning page details which versioning model is being used, and how this can affect your dependent applications.

Step 5. Provide feedback and get support

Visit your Support page to know how to interact with us, but while you are here, feel free to use our Reviews section

Step 6. Decommissioning

Hope you are not thinking about it :) But if you must, simply delete your Application on "My Applications" page, and you will be unregistered from this API.

Costs exempt

This API is business unit specific as part of the overall SME Tower, for external use (outside SME Tower) please Contact the C4E team.

Our API is protected by Basic Auth: standard HTTP Authorization header with the authorization type to Basic

The user and password are governed through an Anypoint Platform enforced Client Id/Secret policy.

Client ID/Secret

Complete the pre-requisite steps on the Getting Started page to obtain API client credentials.

The Client Id/Secret is enforced using the Basic Authentication scheme. This requires the client_id and client_secret values are communicated using the standard HTTP Authorization header with the authorization type to Basic.

The format of the Authorization header is as follows:

Basic client_id:client_secret

In accordance with the Basic Authentication specification the client_id:client_secret value must be passed as base64-encoded string as shown below:

Basic Y2xpZW50X2lkOmNsaWVudF9zZWNyZXQ=

The API will return a 401 HTTP Status Code with code authentication_error in case of an invalid value or credential.

In order to speed up your integration we prepared a curated Zurich Postman collection which you can found on Zurich Postman Enterprise - CC_API_Centre for Enablement.

If you are a Zurich employee / contractor and you don't have access, please visit Zurich Get Postman link, and take the oportunity to visit our C4E Postman Best Practices while your access is being aproved.

Configure your environment variables

As defined on the Postman Best practices, this is a shared Collection, which is already curated for initial use.
When using the provided collection, please ensure you create your own copy into your team workspace and don't update the collection.

Only current values in environment properties can be changed as presented below:

Run your postman collection

Once you have configured the environment variables feel free to invoke the available methods and retrieve the API details.

Any additional question please contact the C4E team

This API uses conventional HTTP response codes to indicate the success or failure of an API request:

• Codes in the 2xx range indicate success.
• Codes in the 4xx range indicate an error that failed given the information provided (e.g., a required field was omitted).
• Codes in the 5xx range indicate an error with the server.

The sections below explain in detail the HTTSP status codes returned by the API and the error response message returned to the user.

Error HTTP Status Code Summary

The table below contains all the possible HTTP status codes that the API returns, however, one should refer to each individual resource and method endpoint definition for specific details on the possible status codes returned.

Please refer to each individual resource and method endpoint definition for specific details on the possible status codes returned.

Error Response

Independently of the error scenario a common error structure will be returned, allowing consumers to manage error results through a common structure, below the specific attributes that compose this error message structure can be checked in more details.

Attributes

Error Response Payload Examples

{
  "code" : "RESOUCE_UPDATE_FAILED",
  "message" : "Cannot update User account groups",
  "correlationId": "3d9445ca-dd6c-4fe2-b93d-c23423f0d612",
  "causes": [
    {
      "code": FAILED_UPDATE_SECURITY_TYPE_DEFAULT,
      "message": "Failed to set security type to 1"
    }
  ]
}

Exchange Name: gto-p-documents

This API is intended to support API development and operations lifecycle management functions. This API may be made available in the following environments:

Please refer to the API instances section to view which deployments are available.

Additional environments are provided for development of the API but these should only be used in consultation with the API team.

Contact the C4E team or your local service desk for more information or support.

If you are already having a specific issue, maybe our Known Issues section may help you:

Known Issues

Nothing to report... Hooray!

v1.0.0: Unreleased

The endpoints that will be available are:

1. /documents
2. /documents/{documentId}/content