Get started
Authentication
To use the Database API, authenticate with Guidewire Hub and obtain an access token. To perform any operations, you must have an access token with tenant.{tenantId} or any.tenant scopes.
To get credentials, submit a case to create a Guidewire Hub application using the Register Guidewire Home API Application (GWHUB-0100) template.
Get an access token
To authenticate with a user access token, you must be in the user group managed by Guidewire Hub. For details, see Access Cloud Platform apps and services.
Send the following request containing your client ID and client secret:
curl -s --location --request POST ${GWHUB_URL} \
--data-urlencode "grant_type=client_credentials" \
--data-urlencode "scope=tenant.{tenantId} ${SCOPES}" \
--data-urlencode "client_id=${OKTA_CLIENT_ID}" \
--data-urlencode "client_secret=${OKTA_CLIENT_SECRET}" | jq -r '.access_token'
Where:
${GWHUB_URL}depends on your region. Use one of the following URLs:
| Region | URL |
|---|---|
| AMER | https://guidewire-hub.okta.com/oauth2/aus11vix3uKEpIfSI357/v1/token |
| CANADA | https://guidewire-hub.okta.com/oauth2/aus11vix3uKEpIfSI357/v1/token |
| EMEA | https://guidewire-hub-eu.okta.com/oauth2/ausc2q01c40dNZII0416/v1/token |
| SWITZERLAND | https://guidewire-hub-eu.okta.com/oauth2/ausc2q01c40dNZII0416/v1/token |
| APAC | https://guidewire-hub-apac.okta.com/oauth2/ausbg05gfcTZQ7bpH3l6/v1/token |
| JAPAN | https://guidewire-hub-apac.okta.com/oauth2/ausbg05gfcTZQ7bpH3l6/v1/token |
${SCOPES}are the supported scopes. Enter at least on of the following scopes:
| Scope | Description |
|---|---|
gcc.deployments.read | Get database backup details. |
gcc.deployments.write | Create and delete database backups. |
dbservice.snapshots.write | Import a masked snapshot of your production database to a non-production star system. |
The response contains a JSON object with the requested access token:
{
"token_type": "Bearer",
"expires_in": 3600,
"access_token": "xxxxxxxx",
"scope": "scope=gcc.deployments.read
tenant.{tenantId}"
}
An access token expires after 60 minutes.
Make an authenticated call
Add the following header with the obtained access token to all your requests:
Authorization: Bearer {access_token}
For example:
curl -s --location --request GET "$DATABASE_API_URL" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $ACCESS_TOKEN"
Base URLs
Depending on your region, use one of the following base URLs:
| Region | Base URL |
|---|---|
| AMER | https://databaseservice.api.omega2-andromeda.guidewire.net/ |
| CANADA | https://databaseservice.api.omega2-butterfly.guidewire.net/ |
| EMEA | https://databaseservice.api.omega2-cartwheel.guidewire.net/ |
| SWITZERLAND | https://databaseservice.api.omega2-whirlpool.guidewire.net/ |
| APAC | https://databaseservice.api.omega2-circinus.guidewire.net/ |
| JAPAN | https://databaseservice.api.omega2-milkyway.guidewire.net/ |
When the documentation refers to {baseUrl}, replace it with the correct URL for your region.