Introduction
This guide will provide you with all the necessary information to interact with KASKO API.
Welcome to the KASKO REST API documentation.
KASKO API follows the principles of Representational State Transfer (REST), providing a flexible and standardized approach to interact with resources on the platform.
Authentication
Authenticate your account when using the API by including your secret API key in the request.
Your API keys carry many privileges, so be sure to keep them secret! Do not share your secret API keys in publicly accessible areas such GitHub, client-side code, etc.
Requests that require authentication in some instances will return 404 Not Found, instead of 403 Forbidden. This is to prevent the accidental leakage of sensitive data to unauthorized users.
Authentication to the API is performed via HTTP Basic Auth. Provide your API key as the basic auth username value. You do not need to provide a password.
If you need to authenticate via bearer auth (e.g., for a cross-origin request), use:
-H "Authorization: Bearer sk_test_SECRET_KEY"
All API requests must be made over HTTPS. Calls made over plain HTTP will fail.
Errors
KASKO uses conventional HTTP response codes to indicate the success or failure of an API request. These codes communicate the status of your request and provide information about the outcome of the operation.
HTTP status code summary
200 OK
The request was successful, and the server has returned data.
201 Created
The request has been fulfilled, and a new resource is created.
204 No Content
The request was successful, but there is no response data to send.
400 Bad Request
The server cannot understand the request or it was unacceptable, often due to missing or invalid provided parameter.
401 Unauthorized
No valid API key provided for the request.
403 Forbidden
The API key doesn't have permissions to perform the request.
404 Not Found
The requested resource or endpoint could not be found.
409 Conflict
The request conflicts with another request.
405 Method Not Allowed
The requested HTTP method is not supported for the specified resource.
500, 502, 503, 504 Server Errors
Something went wrong on KASKO's end.
Responses
KASKO API returns responses in JavaScript Object Notation (JSON) format.
Error messages
Typical error message consists of status and message parameter, that briefly explains the error encountered.
Additionally errors array can be provided that lists one or more fields from the request that are invalid.
Request Ids
Each API request has an associated request identifier. You can find this value in the response headers, under X-Request-Id.
Note: If you need to contact us about a specific request, providing the request identifier will ensure the fastest-possible resolution.
Keys
Secret Keys
KASKO will provide you with two Secret keys to be used with the KASKO API.
TEST key is for development purposes and used for test data without real insurance policies being affected. The key is specifically intended for sandbox or staging purposes, allowing to test integrations, simulate various scenarios, and ensure the correct behavior of the application.
LIVE key is exclusively for interactions with KASKO live, production environment.
It is crucial to handle keys with the utmost care and do not share your secret API keys in publicly accessible areas such GitHub, client-side code, etc.
If you are concerned about the security of one of your secret keys please contact support@kasko.io immediately and we will rotate the key.
Product Keys
KASKO will provide you with distinct product keys for each insurance product that you have access to.
This key must be provided to the REST API.
Go Live
When testing is complete and youโre ready to Go Live, please swap the Client TEST key for the Client LIVE key in your production site.
Last updated
