Picture

NASSA's REST APIs

NASSA’s APIs (Application Programming Interfaces) power its platform for insurances services. Behind these APIs there is a software layer that connects and optimizes services so that our clients and brokers can make requests for the management of their policies or portfolios completely online.

What's a REST API, anyway?

An API is an application programming interface - in short, it’s a set of rules that lets programs talk to each other, exposing data and functionality across the internet in a consistent format. REST stands for Representational State Transfer. This is an architectural pattern that describes how distributed systems can expose a consistent interface. When people use the term ‘REST API,’ they are generally referring to an API accessed via HTTP protocol at a predefined set of URLs.

These URLs represent various resources - any information or content accessed at that location, which can be returned as JSON, HTML, audio files, or images. Often, resources have one or more methods that can be performed on them over HTTP, like GET, POST, PUT and DELETE.

ASSA, for example, provides many separate REST APIs for policies, managing claims, policy issuance, premium pricing, managing your accounts, and a whole lot more. In NASSA’s ecosystem, each product is its own API, but you will work with each of them in roughly the same way, whether over HTTP or using libraries for several different programming languages.

Authenticate with HTTP

NASSA supports HTTP Bearer authentication. This allows you to protect the URLs on your web server so that only you and ASSA can access them. In order to authenticate with HTTP, you may provide a username and password with the following URL format:

curl --location --request POST 'https://apidev.assanet.com/authentication/connect/token' --header 'Content-Type: application/x-www-form-urlencoded' --header 'Accept: */*' --data-urlencode 'grant_type=password' --data-urlencode 'client_id=[CLIENT ID]' --data-urlencode 'client_secret=[CLIENT SECRET]' --data-urlencode 'username=[EMAIL]' --data-urlencode 'password=[PASSWORD]'

For HTTP Bearer authentication, you will use your ASSA access token:

curl --location --request GET 'https://apidev.assanet.com/gateway/uri/[REQUEST ID]' --header 'Authorization: Bearer [BEARER TOKEN]'

You can find both your username and password in the email after signing up for a account.

How to request an endpoint with postman?

  1. Log in to the developer portal to obtain the application key.

  2. Import the curl in postman. The curl can be extracted from the API section in the try on button.

  3. Save the request under the name of convenience.

  4. Add the header of the Application-Key that you get in the Profile section to the developer portal.

  5. Add the Authorization Bearer header that you get from the authentication endpoint

  6. Execute the query by pressing the send button.

    Note: Remember that you must provide the headers to be able to authorize you correctly

Picture