At-Bay Quickstart

This page will help you get started with At-Bay. You'll be up and running in no time!

At-Bay’s REST API provides automatic quote-to-bind functionality for our two surplus lines products:

Cyber and Technology Errors & Omissions.

For our Cyber instant quotes, we offer up to $3M in aggregate limits for companies up to $100M in annual revenue.

For Tech E&O instant quotes, At-Bay offers up to $3M in aggregate limits for companies up to $25M in annual revenue.

🚧

Limits > $3M and annual revenues > $100M (Cyber) or $25M (TEO)

When submitting a quote outside these parameters, the quote will be referred.

Referred quotes will be reviewed by an underwriter within 48 hours and GET'ing the quote via API will result in a premium or decline.

Authentication

In order to get started, you’ll need two different API tokens:

  • one for our demo environment
  • one for our production environment.

We use a JSON Web Token for authentication.
An HTTP authorization header must be included with a specific syntax and token to make a successful API call.

These tokens are a string of about 150 to 200 characters.

-H "Authorization: Bearer {{token}}"

Location

At-Bay API is versioned: all endpoints' locations are prefixed with a version number.
The latest version of the At-Bay API is version 2.0 (v2).
There are two relevant API locations, one for testing and another for production.

Testing API: https://api-demo.at-bay.com/v2
Production API: https://api.at-bay.com/v2

Examples of the full URL for an API call:

Testing API: https://api-demo.at-bay.com/v2/endpoint
Production API: https://api.at-bay.com/v2/endpoint

🚧

You can test the At-Bay API in our demo environment, which will not affect your organization’s live data.

We do not subject submissions tested in our demo environment to our Broker of Record clearance process. This relaxation allows you to get multiple quotes using the same domain name or address during the testing process.

In our production environment, all submissions are subject to our Broker of Record (BOR) clearance process. The API will block any submission which shares a domain or physical address with another organization submitted in the previous 60 days.

Handling your first Cyber/Tech E&O submission via API

Making a submission via API involves 3 steps:

  1. Make a POST request to our /quotes endpoint.
  2. Save the unique quote_identifiers and company_id from the request.
  3. Poll our /quotes endpoint by repeatedly making GET request to /quotes/{quote_identifier} to view the quote.

Example Request

curl -X POST 'https://api-demo.at-bay.com/v2/quotes' \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer $YOUR_DEMO_TOKEN' \
-d '{
    "client": {
        "broker_email": "[email protected]",
        "domains": [
            "at-bay.com"
        ],
        "name": "docs test",
        "industry": "713290",
        "revenue": 1000000,
        "address": {
            "city": "Mountain View",
            "state": "California",
            "street": "Castro street 15",
            "zip": "32542",
            "street2": "#This is an optional field!"
        }
    },
    "policy": {
        "insurance_product": "CYB",
        "quotes": [
            {
                "aggregate_limit": 1000000,
                "aggregate_retention": 5000
            },
            {
                "aggregate_limit": 2000000,
                "per_claim_limit": 10000
            },
            {
                "aggregate_limit": 3000000,
            }
        ]
    },
    "questions": [
        {
            "id": "2244",
            "value": ["None of the above"]
        },
        {
            "id": "2245",
            "value": "true"
        },
        {
            "id": "2159",
            "value": "false"
        },
        {
            "id": "2147",
            "value": "false"
        },
        {
            "id": "2146",
            "value": "false"
        },
        {
            "id": "2143",
            "value": "true"
        },
        {
            "id": "2142",
            "value": "true"
        },
        {
            "id": "2141",
            "value": "true"
        }
    ]
}'

The API Response

Since we requested 3 different policies, we'll get three corresponding objects for each quote.

The company_id is the unique identifier representing the applicant.

Make sure to save the company_id and a quote_identifier for later!

{
    "company_id": "20307",
    "quotes": [
        {
            "aggregate_limit": 1000000,
            "aggregate_retention": 5000,
            "per_claim_limit": 1000000,
            "quote_identifier": "04a9e085-5f59-4c2b-8c06-66af88d23be7"
        },
        {
            "aggregate_limit": 2000000,
            "aggregate_retention": 2500,
            "per_claim_limit": 2000000,
            "quote_identifier": "79ac61d1-9708-46bd-8012-4f5a88350353"
        },
        {
            "aggregate_limit": 3000000,
            "aggregate_retention": 5000,
            "per_claim_limit": 3000000,
            "quote_identifier": "50a65b08-3171-4ea6-9c8c-869f3110aa40"
        }
    ]
}

Retrieving a Completed Quote

Once a scan of the domain is completed and documents have been generated, your quote will be ready!

Our P90 for quote readiness is 40 seconds.
We recommend a polling strategy of making a GET request every 10 seconds to retrieve the quote as soon as possible. However, your interval can vary depending on your system and user requirements.

For retrieving the 1000000 quote above, our GET request will look like:

curl 'https://api-demo.at-bay.com/v2/quotes/04a9e085-5f59-4c2b-8c06-66af88d23be7' \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer $YOUR_DEMO_TOKEN'

Once the quote is ready, the response will include a complete quote object.