Security Token Service


Description

The token service can be used to retrieve a token for use in any of the products within the Verisk Insurance Solutions-Underwriting API. Access token is retrieved via following REST call.

It will require you to provide the consumer key and consumer secret which you received on registering for the product with Verisk

Access token is valid for 60 minutes and should be cached for reuse. Once it expires, the Web Service will return HTTP 401 Unauthorized response.


Technical Details

  • Base URL
    • User Acceptance Environment (UAT): https://gatewayuat.verisk.com/token
    • For Production: https://gateway.verisk.com/token

  • HTTP Method
    • POST

  • Headers
    • Content-Type: application/x-www-form-urlencoded
    • Accept: application/json
    • Authorization: Basic <base64 encoded value of your consumer_key:consumer_secret values>

  • Request Payload
    • grant_type=client_credentials


Responses

  • 200 (Success) - Upon successful authentication, the service will return a 200 response along with the following data:
    • access_token: The access token issued by the authorization server.
    • token_type: The type of token issued. We will utilize ‘bearer’ token type.
    • Expires_in: The time in seconds of inactivity before the token expires

Include access_token in the header of all subsequent requests to the ProMetrix REST service. If your token expires, you can request a new access_token following these steps.

  • 400 (Bad Request) - The was a problem with the formatted request to the service.

  • 401 (Unauthorized) - The credentials supplied on the request are not authorized to access this service.

  • 500 (Internal Server Error): An error occurred while processing the request.



Example Request

  • Url: https://gatewayuat.verisk.com/token or https://gateway.verisk.com/token
  • Headers:
    • Content-Type: application/x-www-form-urlencoded
    • Accept: application/json
    • Authorization: Basic SzAFVWagPJNXX42XRF6yOHlfQ24wGEelDlNdGGpSvW42SghSN431elDPhlGHZSxReTE2UzSnU5Gf
      • This string is base64 encoded value of your consumer_key:consumer_secret
  • Request Payload:
    • grant_type: client_credentials



Example Response

 {
  "scope": "default",
  "token_type": "bearer",
  "expires_in": 1237,
  "access_token": "b456a2132bc5e7955898f5bd4e8190e"
}