Overview

Key concepts
Available methods

All requests to the Underwriting API must be made over HTTPS and authenticated with a Bearer token, generated using the OAuth 2.0 protocol.

Key concepts

Secure data transmission: API requests must be made via HTTPS. Calls over plain HTTP will not succeed.
Bearer token authentication: All API requests must include a Bearer token in the Authorization header. This is compliant with OAuth 2.0.

Your client secret must be stored securely. It is not recoverable after creation — if lost, you must generate a new one.

Available methods

Client credentials

Server-to-server authentication using the OAuth 2.0 client_credentials grant. Your backend exchanges a client ID and secret for a short-lived access token. Use this for all backend API calls.

Application lifecycle Client credentials

⌘I

Getting started

Authentication

Applications

Stakeholders

Decision components

Information requests

Webhooks

Key concepts

Available methods

Client credentials

Getting started

Authentication

Applications

Stakeholders

Decision components

Information requests

Webhooks

​Key concepts

​Available methods

Client credentials

Key concepts

Available methods