Cloud API Developer Guide
PolicyCenter Cloud API Developer Guide
Endpoint architecture
CRUD endpoint architecture
Reasons to modify configuration files
Syntax for schema configuration files
Schema file syntax
Mapping file syntax
Updater file syntax
Extension files
Swagger and apiconfig files
Integration graphs
Configuration troubleshooting
Adding properties to resources
Adding scalars
The schema extension file
The mapping extension file
The updater extension file
Adding compound datatypes
The schema extension file
The mapping extension file
The updater extension file
Adding foreign keys
Tools for configuring foreign keys
The SimpleReference schema
The ResourceReference mapper
Value resolvers
The URI Mapping
Foreign keys in the schema configuration files
The schema extension file
The mapping extension file
The updater extension file
The shared apiconfig file
Updater case 1: Root and resolved value have no common ancestor
Complete code sample for case 1
Updater case 2: Root and resolved value have a common ancestor
Update case 3: Accessibility of resolved value is conditional
Update case 4: Resolved value cannot be easily resolved by id alone
Adding one-to-ones
Example one-to-one
One-to-one relationships in the schema configuration files
The schema extension file
The mapping extension file
The updater extension file
Reserving IDs and checksums
Configuring ID and checksum behaviors
One-to-ones in responses and requests
Complete code sample for one-to-ones
Tutorials: Adding Properties
Tutorial: Schema configuration with scalars
Tutorial: Schema configuration with compound datatypes
Modifying endpoint behaviors
Collection-level behaviors
Making properties read only
Making properties required by the database
Making properties writeable at creation only
Making properties sortable
Making properties filterable
Excluding properties from responses
Adding additional metadata for properties
Obfuscating response data
Nullifying response data
Masking response data
Unmasking the base configuration taxID field
Localizing schemas
Architecture of localized text
Associating display keys with API elements
Localization key prefixes
Display key patterns for schema.json-files
Display key patterns for swagger.yaml files
Providing locale specific content for a given locale
Adding localized text for existing API elements
Adding localized text for new API elements
Adding a new locale
Generating extension endpoints
The REST endpoint generator
REST endpoint generator overview
Architecture and the REST endpoint generator
REST endpoint generator restrictions
Process for generating CRUD endpoints for an entity
Special use cases
Running the REST endpoint generator
Issues to consider before running the generator
The API for the new endpoints
The parent of the custom resource
Populating collections
Additional considerations
Running the REST endpoint generator
Running the REST endpoint generator from Studio
Create a run configuration for the REST endpoint generator
Use the run configuration to run the REST endpoint generator
Running the REST endpoint generator from the command prompt
The REST endpoint generator prompts
Completion of the script
Completing the configuration
Configuring the resource definition files
The resource definition files
Configuring the schema file for generated endpoints
Overview of schema file syntax
Modifications made to the schema file
Configuring the mapping file for generated endpoints
Overview of mapping file syntax
Modifications made to the mapping file
Configuring the updater file for generated endpoints
Overview of updater file syntax
Modifications made to the updater file
Configuring the swagger file for generated endpoints
Overview of swagger file syntax
Modifications made to the swagger file
Completing the configuration
Configuring glue and impl classes for generated endpoints
The glue and impl classes for generated endpoints
Configuring the apiconfig file
Configuring the element resource file
Configuring the collection resource file
Completing the configuration
Configuring authorization for generated endpoints
Configuring endpoint access for generated endpoints
Code generated in role.yaml files
Configuring code in role.yaml files
Configuring resource access for generated endpoints
Code generated in access.yaml files
Generated resource access code for internal users
Generated resource access code for external users
Generated resource access code for services
Generated resource access code for special use cases
Configuring generated resource access code
Completing the configuration
Additional considerations for generated endpoints
Integration graphs
The graph schema file
The graph mapper file
Mapping in the apiconfig file
Marking graph properties as eventSafe
Base configuration entities
Supertype entities
Shared handling
Separate handling
Root resource endpoints
Root resource endpoints in Cloud API
Generating root resource endpoints
Configuring root resource endpoints
Root resource endpoint restrictions
Generating LOB-specific endpoints
Generating LOB-specific endpoints
Products and lines of business
Product sources
LOB artifacts
Visualized and installed products
Generating LOB-specific endpoints for APD-native products
Generating LOB-specific endpoints for non-APD-native products
Files used to generate LOB-specific endpoints
Files generated by the process
Overview of the process
Generate LOB-specific endpoints for non-APD-products
Fixing product validation errors
Error information in the <ProductName> screen
Correcting "Short Name must be a valid name" errors
Correcting "naming conflict with an existing field" warnings
Files that define LOB-specific endpoints
Correcting compile errors
Regenerating LOB-specific endpoints
Regenerate endpoints by first removing the template
Regenerating endpoints by first removing the generated files
Toggling between visualized and installed endpoints
Which set of endpoints are active?
Toggle a product's active endpoints through the user interface
Determining which set of endpoints is active
Working with products and product templates
Export a product template from an installed product
Export a product template from a visualized product
Disable a visualized product's endpoints
Remove a visualized product
Disable an installed product's endpoints
Removing an installed product's endpoints
Special use cases
Endpoints for pre-Hakuba products
Endpoints for scheduled items in SBT products
Endpoints for multi-line products
Generating endpoints for the Personal Auto product
The base configuration Personal Auto product
Composite request submission example for Personal Auto
Codegen config files
Codegen config file location and names
Codegen config file syntax
The types property
Overrides at the type level
Overrides at the fields level
Overrides at the fields level - APD adoption EA
The wizardStepIds override
Example codegen config file
Endpoints for managing product templates
Querying for visualized products
Importing products
Import XML templates and mind maps using Postman
Generating an installed product from a visualized product
Toggle a product's endpoints
Determining which endpoints are active
Working with product editions
Removing a visualized product
Configuration for other specific use cases
Configuring batch processes
Configuring Cloud API to support custom batch process arguments
Configuring the BatchProcessArguments schema
Configuring the BatchProcessExtResource class
Configuring address locales
Properties in the Address schema
Properties in the addresses.i18n.yaml file
Configuration tasks
Choosing an authentication flow
Overview of authentication
Types of callers
Authentication architecture
Types of access
Authentication methods
Constructing JWTs
Authentication failure error messages
List of developer tasks
Selecting an authentication flow
Auth flows to choose from
Detailed discussion of issues to consider
Which OAuth flow must the caller application use?
Which user is attached to the session?
Where do authorization values come from?
Who enforces resource access?
What values are used as resource access IDs?
Summary of the issues to consider
Additional auth flows
Authentication flows in detail
Basic authentication
Overview of basic authentication
Credentials
Authorization
Request headers
Example flow for basic authentication
Supported environments for basic auth
Disable basic auth in development environments
Implementation checklist for basic authentication
Sending authenticated calls with basic authentication
Send a Postman call with basic authentication
OAuth2 authorization code flow: Internal users
Overview of authentication for internal users
Credentials
Authorization
JWTs for internal users
Logging
Example flow for internal users
Implementation checklist for internal users
Sending authenticated calls for internal users
OAuth2 authorization code flow: External users
Overview of authentication for external users
Credentials
Authorization
JWTs for external users
Logging
Example flow for external users
Implementation checklist for external users
Sending authenticated calls for external users
OAuth2 authorization code flow: Anonymous users
Overview of authentication for anonymous users
Credentials
Authorization
JWTs for anonymous users
Example flow for anonymous users
Implementation checklist for anonymous users
Creating an account as an unauthenticated user
Recovering incomplete submissions as an unauthenticated user
Sending calls as an anonymous user
OAuth2 client credential flow: Standalone services
Authentication options for services
Overview of authentication for standalone services
Credentials
Authorization
JWTs for standalone services
Logging
Example flow for standalone services
Implementation checklist for standalone services
Sending authenticated calls for standalone services
OAuth2 client credential flow: Services with user context
Authentication options for services
Overview of authentication for services with user context
Credentials
Authorization
JWTs for services with user context
Logging
Example flow for services with user context
Implementation checklist for services with user context
Sending authenticated calls for services with user context
OAuth2 client credential flow: Services with service account mapping
Authentication options for services
Overview of authentication for services with service account mapping
Credentials
Authorization
JWTs for services with service account mapping
Mapping services to service accounts
Logging
Example flow for services with service account mapping
Implementation checklist for services with service account mapping
Sending authenticated calls for services with service account mapping
Unauthenticated callers
Overview of authentication for unauthenticated callers
Credentials
Authorization
JWTs for unauthenticated callers
Logging
Example flow for unauthenticated callers
Implementation checklist for unauthenticated callers
Implementing authentication
Enabling bearer token authentication
Enabling asymmetric encryption
Enable asymmetric encryption
Specifying deployment information
Configuring the IdP
Configure the IdP for internal users
Configure the IdP for external users
Registering the caller application with Guidewire Hub
Register an application with Guidewire Hub
Endpoint access
API role files
API role names
API role endpoints
API role accessible fields
API role special permissions
API role example
Assigning API roles to callers
Assigning API roles to internal users
Assigning API roles to external users
Assigning API roles to standalone services
Assigning API roles to services with user context
Assigning API roles to services with service account mapping
Assigning API roles to other types of callers
Reserved roles
Designing API role files
Configuring API roles
Create an API role file
Modify an API role file
API roles and lookup performance
API roles and localization
Resource access
Overview of resource access strategies
Functionality of specific resource access strategies
The service resource access strategy
Resource access strategy files
Sections of a resource access file
Resource access files: permissions
Resource access files: filters
Proxy user access
Proxy users
When is proxy user information used?
Configuring proxy users
Configuring the IExpandTokenPlugin plugin
Implementing the IExpandTokenPlugin plugin
Creating an IExpandTokenPlugin implementation class
Register the IExpandTokenPlugin plugin
Security levels
Configuring the reauthorize anonymous user flow
Implementing the /recover-new-jobs endpoint
Define search criteria properties
Define the query logic
Extend the RecoverNewJobsRequestAttributes schema
Calling the /recover-new-jobs endpoint
Configuring general new job recovery behavior
Configuring calls between InsuranceSuite applications
Troubleshooting auth issues
Examples of auth errors in the log
ContactManager authentication
ContactManager authentication
Supported caller types
Resource access for ContactManager
Tag-based access to contacts