Skip to main content

APIs

Client Domain Rest APIs

Description of the design and implementation of the APIs


Swagger

ServiceEnvironmentDocs
client domain apinon-prodapi docs
client id mapper apinon-prodapi docs

Postman

icon

Client Domain
OperationEnvironmentEndpoint
Create clientnon-prodhttps://api-stg.uhg.com/api/financial/commerce/client-domain/v2.4/clientDomain/client
Update clientnon-prodhttps://api-stg.uhg.com/api/financial/commerce/client-domain/v2.4/clientDomain/client/{id}
Get clientnon-prodhttps://api-stg.uhg.com/api/financial/commerce/client-domain/v2.4/clientDomain/client/{id}
Create addressnon-prodhttps://api-stg.uhg.com/api/financial/commerce/client-domain/v2.4/clientDomain/address/client/{client-id}
Update addressnon-prodhttps://api-stg.uhg.com/api/financial/commerce/client-domain/v2.4/clientDomain/address/{address-id}
Get addressnon-prodhttps://api-stg.uhg.com/api/financial/commerce/client-domain/v2.4/clientDomain/address/{address-id}
Create contactnon-prodhttps://api-stg.uhg.com/api/financial/commerce/client-domain/v2.4/clientDomain/contact/client/{client-id}
Update contactnon-prodhttps://api-stg.uhg.com/api/financial/commerce/client-domain/v2.4/clientDomain/contact/{contact-id}
Get contactnon-prodhttps://api-stg.uhg.com/api/financial/commerce/client-domain/v2.4/clientDomain/contact/{contact-id}
Client ID Mapper
OperationEnvironmentEndpoint
Createnon-prodhttps://api-stg.uhg.com/api/financial/commerce/client-id-mapper/v1.1/clientIdMapper
Getnon-prodhttps://api-stg.uhg.com/api/financial/commerce/client-id-mapper/v1.1/clientIdMapper/clientId/{clientId}/platformEmployerId/{platformEmployerId}/accountCode/{accountCode}
Updatenon-prodhttps://api-stg.uhg.com/api/financial/commerce/client-id-mapper/v1.1/clientIdMapper/clientId/{clientId}/platformEmployerId/{platformEmployerId}/accountCode/{accountCode}
Patchnon-prodhttps://api-stg.uhg.com/api/financial/commerce/client-id-mapper/v1.1/clientIdMapper/clientId/{clientId}/platformEmployerId/{platformEmployerId}/accountCode/{accountCode}
Deletenon-prodhttps://api-stg.uhg.com/api/financial/commerce/client-id-mapper/v1.1/clientIdMapper/clientId/{clientId}/platformEmployerId/{platformEmployerId}/accountCode/{accountCode}

Publishing API to HCP

To publish the API to HCP, the following steps need to be followed:

  1. Login to the HCP API Management Console, ensuring that the resource group for the API being published is selected from the dropdown at the top of the page.
  2. Click the Register API button
  3. Upload the Open API specification in either JSON or YAML format
  4. Complete the API metadata information form
    1. enter the required Title, Slug, Version, and Description fields
    2. select the appropriate Package/Subpackage
    3. choose the radio button to indicate if you want the API displayed in the API Catalog
    4. enter an optional short description
    5. enter a full description
    6. click the Next button
  5. Complete the form to configure instances for prod and/or non-prod (use the Delete Instance button to delete the Prod environment instance if you only want to register a non-prod instance)
    1. enter an optional Read/Write Timeout (default is 1000 ms)
    2. enter an optional Connection Timeout (default is 500 ms)
    3. enter the Backend Targets Host
    4. enter the Backend Targets Port (default is 443)
    5. enter an optional Backend Targets Path
    6. select a Backend Targets Location (e.g. azure-centralus, aws-us-east-1, hcp-elr)
    7. enter the Backend Targets Weight (default is 100)

Field Descriptions

SyntaxDescription
TitleA title for the API
SlugA unique name for the API that will be used in the gateway path behind the package/subpackage
VersionThe version number for the API
Package/SubpackageThe package and subpackage of the API (Financial / Commerce for client Domain API)
Display in API CatalogSelect this option to display the API in API Catalog
Short DescriptionAn optional field used for description of the API (the maximum number of characters allowed are 200)
DescriptionA detailed description of the API
Gateway EndpointAn endpoint for the API
Read/Write TimeoutA timeout value for read/write
Connection TimeoutA timeout value for connection
HostThe host of the backend
PortThe port that the service is listening on, default value is 443
PathThe path of the URL that gateway will proxy to
LocationThe cloud provider and region to which requests will run through a kong data plane. This should be where the upstream service is hosted.
WeightA number [0-100] which is used for balancing traffic between multiple backends
Global scopesGlobal scopes grant access to all paths and operations of the API, regardless of what is defined at a path/operation level
Path operation scopesPath operation scopes grant access to individual path and operations

Oauth2.0 Client Credentials

To successfully make requests to the Client Domain endpoints, an OAuth token must be generated. To generate the token, the following steps need to be followed:

  1. Generate a client_id and client_secret by visiting the Identity & Access Management page and selecting OAuht2 Clients. Select the Resource Group for which the client_id and client_secret should be added, and generate the client_id and client_secret, noting the values for the next step.

  2. Generate a temporary access_token. The token generation call is the first out of two steps to successfully authenticate to an OAuth Client Credentials protected API. The access_token issued on a successful request is valid for the expires_in time (seconds), and can be used successfully within that window.

    curl --request POST \
      --url https://api-stg.uhg.com/oauth2/token \
      --header 'content-type: application/x-www-form-urlencoded' \
      --data client_id=[Client ID issued by Digital Identity] \
      --data 'client_secret=[Client Secret issued by Digital Identity]' \
      --data grant_type=client_credentials \
      --data scope=https://api.uhg.com/.default

    Successful Token Generation Response

    {
      "token_type": "Bearer",
      "expires_in": "3599",
      "ext_expires_in": "3599",
      "expires_on": "1636039992",
      "not_before": "1636036092",
      "resource": "00000002-0000-0000-c000-000000000000",
      "access_token": "[JWT Access Token]"
    }

  3. Pass the access_token to Stargate upon successful token generation, by adding a request header Authorization: Bearer <access_token> to the proxy call.

Authorization: Bearer <access_token>

note If the environment is not a production environment and the X-Upstream-Env header is omitted, a response body of "message": "no Route matched with those values" will be shown.