Cowbell Cyber Platform REST APIs (v1.0)

Download OpenAPI specification:Download

Cowbell Cyber continuous underwriting platform is open to Digital Aggregators, Wholesaler brokers, Insurance agencies and Policyholders. You can integrate Cowbell cyber insurance processes and data (account, quote and policy, risk rating and more) into your own applications and workflows using these APIs. To get access credentials and become a partner, please contact us at support@cowbellcyber.ai.

Authentication

OAuth2

Security Scheme Type OAuth2
clientCredentials OAuth Flow
Token URL: /api/auth/v1/api/token
Scopes:

    Auth API

    Cowbell Platform uses OAuth2 with a client credentials grant to authenticate all requests. This HTTP authentication scheme requires that a valid accessToken is provided with every API request. Be sure to first retrieve a valid token from the authentication endpoint

    Get JWT Token

    Generates an access JWT token which must be used on all subsequent API calls

    Authorizations:
    Request Body schema: application/json

    body

    clientId
    required
    string

    Your Client ID, public identifier for your app

    secret
    required
    string

    Your Client Secret

    Responses

    200

    Successful Login

    401

    Unauthorized

    404

    Not Found

    post /api/auth/v1/api/token

    Production Server

    https://api.cowbellcyber.ai/api/auth/v1/api/token

    Staging Server

    https://api.morecowbell.ai/api/auth/v1/api/token

    Request samples

    Content type
    application/json
    Copy
    Expand all Collapse all
    {
    • "clientId": "string",
    • "secret": "string"
    }

    Response samples

    Content type
    application/json
    Copy
    Expand all Collapse all
    {
    • "accessToken": "string",
    • "refreshToken": "string"
    }

    Refresh Access Token

    Refresh your access token before it expires

    Authorizations:
    Request Body schema: application/json

    token

    refreshToken
    required
    string

    refreshToken you received on a successful login. You can use this token to refresh your access JWT token before it expires

    Responses

    200

    Successful Token Refresh

    400

    Bad Request

    401

    Unauthorized

    post /api/auth/v1/api/token/refresh

    Production Server

    https://api.cowbellcyber.ai/api/auth/v1/api/token/refresh

    Staging Server

    https://api.morecowbell.ai/api/auth/v1/api/token/refresh

    Request samples

    Content type
    application/json
    Copy
    Expand all Collapse all
    {
    • "refreshToken": "string"
    }

    Response samples

    Content type
    application/json
    Copy
    Expand all Collapse all
    {
    • "accessToken": "string",
    • "refreshToken": "string"
    }

    Roles API

    REST API to get user roles

    Get All Roles

    Get list of all roles supported for your account)

    Authorizations:
    OAuth2 (users:manageusers:viewroles:view)

    Responses

    200

    Success

    401

    Unauthorized

    get /api/auth/v1/roles

    Production Server

    https://api.cowbellcyber.ai/api/auth/v1/roles

    Staging Server

    https://api.morecowbell.ai/api/auth/v1/roles

    Response samples

    Content type
    application/json
    Copy
    Expand all Collapse all
    [
    • {
      }
    ]

    Get Lower Roles

    Get list of all roles supported for your account. API only return lower roles (i.e. roles with less permissions than yours)

    Authorizations:
    OAuth2 (users:manageusers:viewroles:view)

    Responses

    200

    Success

    401

    Unauthorized

    get /api/auth/v1/roles/lower

    Production Server

    https://api.cowbellcyber.ai/api/auth/v1/roles/lower

    Staging Server

    https://api.morecowbell.ai/api/auth/v1/roles/lower

    Response samples

    Content type
    application/json
    Copy
    Expand all Collapse all
    [
    • {
      }
    ]

    Get Role Details

    Get permissions for a given roleId

    Authorizations:
    OAuth2 (roles:view)
    path Parameters
    roleId
    required
    string

    Unique Id of the role

    Responses

    200

    Success

    401

    Unauthorized

    403

    Forbidden to access role

    404

    Role Not Found

    get /api/auth/v1/roles/{roleId}

    Production Server

    https://api.cowbellcyber.ai/api/auth/v1/roles/{roleId}

    Staging Server

    https://api.morecowbell.ai/api/auth/v1/roles/{roleId}

    Response samples

    Content type
    application/json
    Copy
    Expand all Collapse all
    {
    • "accountRealm": true,
    • "accountType": "AGENCY",
    • "description": "string",
    • "id": "string",
    • "name": "string",
    • "permissions":
      [
      ],
    • "realm": "a",
    • "teamRealm": true
    }

    Accounts API

    REST API for Accounts

    Register Account

    Submit a new policyholder account. Account name, address, and other firmographic data is required.

    Authorizations:
    OAuth2 (accounts:manage)
    Request Body schema: application/json

    body

    accountId
    string

    Account ID, only required when updating an existing account

    address1
    required
    string

    Address Line 1

    address2
    string

    Address Line 2

    agencyId
    required
    string

    ID of the Retail Agency to which the account belongs

    agentEmail
    string

    Agent / Producer email id

    agentFirstName
    string

    Agent / Producer first name

    agentLastName
    string

    Agent / Producer last name

    agentPhone
    string

    Agent / Producer phone number

    city
    required
    string

    City

    claimHistory
    required
    integer <int32>
    Enum: 0 1 2 3 4 5

    Past Claim History. 0=Never, 1=within last 12 months, 2=with last 2 years, 3=within last 3 years, 4=within last 4 years, 5=within 5years or more

    country
    required
    string
    Value: "US"

    Country

    dbaOrTradestyle
    string

    DBA or Trade Style

    description
    string

    Business description

    domainName
    string

    Main domain name, e.g. abc.com

    domains
    string

    Other domains. Comma separated

    dunsNumber
    string

    DUNS Number

    ein
    integer <int32>

    Employer Identification Number (EIN)

    entityType
    string
    Enum: "Independent" "Parent" "Subsidiary"

    Entity Type

    isAuthenticatingFundTransferRequests
    required
    boolean

    Do policy holder employees authenticate funds transfer requests (e.g. by calling a customer to verify the request at a predetermined phone number)? Affirmative answer is required to be eligible for Social Engineering endorsement

    isFranchise
    required
    boolean

    Is Franchise

    isPreventingUnauthorizedWireTransfers
    required
    boolean

    Do policy holder employees prevent unauthorized employees from initiating wire transfers? Affirmative answer is required to be eligible for Social Engineering endorsement

    isSecurityOfficer
    required
    boolean

    Does the policyholder agree to be the Designated Information Security Contact?

    isSecurityTraining
    required
    boolean

    Does policyholder provide mandatory information security training to all employees at least annually? If not, are they willing to implement it during the policy period?

    isVerifyingBankAccounts
    required
    boolean

    Do policy holder employees verify vendor/supplier bank accounts before adding to accounts payable systems. Affirmative answer is required to be eligible for Social Engineering endorsement

    naicsCode
    required
    integer <int32>

    6-digit NAICS Code. Use NAICS API to find teh industry code, if needed

    name
    required
    string

    Registered business name (not DBA)

    natureOfBusiness
    string

    Nature Of Business

    noOfEmployeesAll
    required
    integer <int32>

    Number of Employees

    ownershipType
    required
    string
    Enum: "Public" "Private" "Non-Profit" "Private Sector" "Partnership" "Non-Corporates"

    Ownership Type

    phoneNumber
    string

    Business Phone Number

    policyContactEmail
    required
    string

    Policyholder Contact Email

    policyContactFirstName
    required
    string

    Policyholder Contact First Name

    policyContactLastName
    required
    string

    Policyholder Contact Last Name

    policyContactPhone
    string

    Policyholder Contact Phone number

    revenue
    required
    number <double>

    Latest revenue in USD

    state
    required
    string

    State

    useCloudStorage
    required
    boolean

    Does the policyholder have sensitive information stored on the cloud?

    useEncryption
    required
    boolean

    Does the policyholder encrypt all emails, mobile and computing devices containing sensitive information (e.g., PII, PHI, PCI) sent to external parties?

    yearEstablished
    required
    integer <int32>

    Year when the business was established / registered

    zipCode
    required
    string

    Zip Code

    Responses

    200

    Success

    400

    Bad Request

    401

    Unauthorized

    409

    Conflict

    post /api/account/v1/account

    Production Server

    https://api.cowbellcyber.ai/api/account/v1/account

    Staging Server

    https://api.morecowbell.ai/api/account/v1/account

    Request samples

    Content type
    application/json
    Copy
    Expand all Collapse all
    {
    • "accountId": "string",
    • "address1": "string",
    • "address2": "string",
    • "agencyId": "string",
    • "agentEmail": "string",
    • "agentFirstName": "string",
    • "agentLastName": "string",
    • "agentPhone": "string",
    • "city": "string",
    • "claimHistory": 0,
    • "country": "US",
    • "dbaOrTradestyle": "string",
    • "description": "string",
    • "domainName": "string",
    • "domains": "string",
    • "dunsNumber": "string",
    • "ein": 0,
    • "entityType": "Independent",
    • "isAuthenticatingFundTransferRequests": true,
    • "isFranchise": true,
    • "isPreventingUnauthorizedWireTransfers": true,
    • "isSecurityOfficer": true,
    • "isSecurityTraining": true,
    • "isVerifyingBankAccounts": true,
    • "naicsCode": 0,
    • "name": "string",
    • "natureOfBusiness": "string",
    • "noOfEmployeesAll": 0,
    • "ownershipType": "Public",
    • "phoneNumber": "string",
    • "policyContactEmail": "string",
    • "policyContactFirstName": "string",
    • "policyContactLastName": "string",
    • "policyContactPhone": "string",
    • "revenue": 0,
    • "state": "string",
    • "useCloudStorage": true,
    • "useEncryption": true,
    • "yearEstablished": 0,
    • "zipCode": "string"
    }

    Response samples

    Content type
    application/json
    Copy
    Expand all Collapse all
    {
    • "accountType": "ACCOUNT",
    • "address1": "string",
    • "address2": "string",
    • "agencyId": "string",
    • "agencyName": "string",
    • "agentEmail": "string",
    • "agentFirstName": "string",
    • "agentLastName": "string",
    • "agentPhone": "string",
    • "city": "string",
    • "claimHistory": "0,1,2,3,4,5",
    • "country": "US",
    • "created": "2020-08-09T20:26:12Z",
    • "dbaOrTradestyle": "string",
    • "description": "string",
    • "domainName": "abc.com",
    • "domains":
      [
      ],
    • "dunsNumber": "string",
    • "ein": 0,
    • "emailDomain": "string",
    • "entityType": "Independent",
    • "errorMessage": "string",
    • "excludedFromSE": true,
    • "hostname": "company-name.cowbellcyber.ai",
    • "id": "string",
    • "incidentHistory":
      [
      ],
    • "isAuthenticatingFundTransferRequests": true,
    • "isFranchise": true,
    • "isPreventingUnauthorizedWireTransfers": true,
    • "isSecurityOfficer": true,
    • "isSecurityTraining": true,
    • "isVerifyingBankAccounts": true,
    • "modified": "2020-08-09T20:26:12Z",
    • "naicsCode": 0,
    • "name": "string",
    • "natureOfBusiness": "string",
    • "noOfEmployeesAll": 0,
    • "ownershipType": "Public",
    • "phoneNumber": "string",
    • "policyContactEmail": "string",
    • "policyContactFirstName": "string",
    • "policyContactLastName": "string",
    • "policyContactPhone": "string",
    • "primaryIndustry": "string",
    • "productType": "P100,P250,P1000",
    • "profileScore": 0,
    • "revenue": 0,
    • "secondaryIndustry": "string",
    • "state": "string",
    • "status": "Open,Quoted,Declined,Active Policy",
    • "useCloudStorage": true,
    • "useEncryption": true,
    • "yearEstablished": 0,
    • "zipCode": "string"
    }

    Search Accounts

    Search and get a paginated list of policyholder accounts based on search results, across all agencies in your portfolio

    Authorizations:
    OAuth2 (accounts:manageaccounts:view)
    query Parameters
    offset
    integer <int64>
    pageNumber
    integer <int32>
    pageSize
    integer <int32>
    paged
    boolean
    sort.sorted
    boolean
    sort.unsorted
    boolean
    terms
    required
    string

    terms