menu
Particeep

Particeep Insurance API

Presentation

This REST API provides an end to end server side application. This insurance service is provided by Particeep and contracts are managed by insurance companies like AXA.
If you need to offer insurance products online with customers data collection, premium calculation, agreement, payment and signature online. This API is the product you need
If you need API keys or integration support please contact us at support@particeep.com

Response Format

Except said otherwise, all responses are of type 'application/json' using the following envelop:

{
	"error" : {
		"hasError" : false,
		"errors" : [ //endlist of potential error ]
	}, 
	"result" : {
		//result data
	},
	"meta" : { 
		"version": "1"
	}
}
		

Data Format

  • All date must be encoded in iso 8601 format.
  • In response we always use UTC timezone.
  • We use UTF-8 encoding for everything.
  • The content-type of requests must be text/json.

Access

Every call to the Insurance API are requesting on the following url:

  • Test environnement: https://test-insurance.particeep.com/v1
  • Production environnement: https://insurance.particeep.com/v1

Registration

To access the Insurance API you need to register your app. Send us an email at contact@particeep.com or call us to get your API key.

Authentification

To access the Insurance API, every request header must be signed like this:

  • DateTime: the date of the request in the iso 8601 format. e.g: 2015-10-19T11:04:18Z
  • Authorization: a hash formed with the api keys and the DateTime.

How to build the Authorization

Here are the step to follow to build your Authorization. This is provided with an example implementation in Java.

  • Concat your keys and DateTime in the following order : APISecret + APIKey + DateTime.
  • String apiKey = "1234567890";
    String apiSecret = "0987654321";
    String dateTime = "2015-10-19T11:04:18Z";
    
    String toSign = apiSecret + apiKey + dateTime;
    		
  • Get a list of bytes from the resulting string in UTF-8 format.
  • byte[] messageBytes = toSign.getBytes("UTF-8");
  • Get a list of bytes from your APISecret in UTF-8 format.
  • byte[] secretBytes = apiSecret.getBytes("UTF-8")
  • Sign 'dataBytes' with 'secretBytes' using SHA1.
  • Mac mac = Mac.getInstance("HmacSHA1");
    SecretKeySpec signingKey = new SecretKeySpec(secretBytes, "HmacSHA1");
    mac.init(signingKey);
    byte[] result = mac.doFinal(messageBytes);
    		
  • Encode the resulting bytes in hexadecimal format.
  • int len = result.length;
    char[] hexChars = new char[len * 2];
    	
    for (int charIndex = 0, startIndex = 0; charIndex < hexChars.length;) {
        int bite = result[startIndex++] & 0xff;
        hexChars[charIndex++] = HEX_CHARS[bite >> 4];
        hexChars[charIndex++] = HEX_CHARS[bite & 0xf];
    }
    	
    String sign = new String(hexChars);
    		
  • Encode the bytes of the result in base 64.
  • String signature = new String(Base64.encodeBase64(sign.getBytes("UTF-8")));
  • Concat all results like this: PTP:APIKey:signature
  • String authorization = "PTP:" + apiKey + ":" + signature;

If you don't provide the correct authentification information, you will get a '403 - Forbidden' response.

EndPoints