How to register
After you as a partner have a valid contractual agreement with Allianz, the named users can register for using the Marketplace and access the descriptions for the available APIs. After you have validated your email address and your user account is approved by the administrator (please see User Guide for this process), you should have access to all APIs for your business partnership with Allianz in Germany.
Please reach out via email in case of any uncertainty.
The following flow describes the process for registration:
Accessing an API
This describes how an API can be accessed by authenticating and getting an API access token to consume an API.
Detailed information about specific endpoints and how authentication information has to be handed, will be provided directly to the partner or is describer in addition to each API in the catalog.
Standard access flow
This describes the standard access pattern to Allianz APIs.
Auth Flow for Consumer to get Token for API access:
- Auth request goes to OIDC Proxy
- Depending on provided informations Auth proxy decides which auth method is used
- API Key configured inside of API Gateway. No external IdP is needed
- External IdP. Authentication information which has to be provided is defined by IdP
- Authentication against API Gateway API Key or external IdP is done
- If successful in next step the created opaque OAuth token is returned to the user
Partner Auth flow with integrated IdPs
For dedicated partners we developed a state of the art Auth flow based on oAuth mechanisms where we establish a trust relationship between the Partner Identity Provider (IdP) and the federated Systems of Allianz. This open the possibility to consume Allianz APIs without ease.
- Request (contains Partner oAuth token) goes to API proxy
- API Proxy verifies the requestor identity based on the provided OAuth token
- Auth Token is verified against API Gateway
- Additional user data is added by API Gateway/Allianz IdP
- Request is sent to backend REST service
- Backend API validates oAuth Token, authorizes and handles request and sends response
- Response is sent back to Requestor