Types of callers

Within the context of system API authentication, a caller is a user or service who triggers a system API call from a caller application.

There are several different types of callers. This documentation uses the following terms to identify them:

  • Internal user - This is a person who is listed as a user in the ClaimCenter operational database. For example, Andy Applegate, a ClaimCenter adjuster, is an internal user.
    • Note that internal users can use caller applications and trigger system API calls from those applications. For example, suppose there is a loss documentation portal that contains pictures of a damaged auto taken by a third-party field agent. An adjuster reviews and selects pictures to be saved to ClaimCenter. This action triggers a system API call by an internal user from a caller application.
  • External user - This is a person who is known to the insurer but who is not listed as a user in the ClaimCenter operational database. For ClaimCenter, there are two typical types of external users:
    • Policyholders - Users who want to interact with information about claims on their policies. For example, Ray Newton, who is a policyholder and wants to check on the status of a claim filed against his personal auto policy.
    • Service providers - Users who want to interact with service requests. For example, Mike's Auto Detailing Shop, who wants to accept a request to repair Ray Newton's vehicle.
  • Service - This is a service, also referred to as a service-to-service application. For example, a service that periodically creates new claims based on FNOL information entered into an external system. There are several ways in which a service can make a call:
    • As a standalone service, in which the service executes the call as itself. It does not execute the call on behalf of a specific person or through a ClaimCenter user account.
    • As a service with user context, in which the service presents information about itself and about a specific user. The call is able to do only the things that both the service by itself could do and the user by itself could do.
    • As a service with service account mapping, in which the service is mapped to an account in the ClaimCenter database and has access as determined by that account.
    • Do not confuse service providers and services. A service provider is a person or business who is an external user that provides assistance to a claimant. A service provider can also be referred to as a vendor. However, a service is a process or application that can execute action without direct human interaction.
  • Unauthenticated caller - This is a user or service who provides no authentication information. Unauthenticated callers can access only metadata endpoints. Unauthenticated callers are typically callers who need information about the system APIs.

Within the context of authentication and authorization, this documentation uses the following terms in the following way:

  • User is used exclusively for callers that are people.
  • Service is used exclusively for callers that are not people and that take action without direct action from a person.
  • Service account is used to refer to an account in the ClaimCenter database that is used exclusively by a service and that defines access for that service.
  • Caller is used to collectively refer to users and services.