POST /api/quote
Quote endpoint
Accepts cart and device context, returns pricing, coverage, routing metadata, and a pilot-stage insurer response path.
Developer View
API concept for quote, policy, claim, and onboarding flows
Ynsure now exposes a pilot-ready API surface with protected quote, policy, and claim flows, onboarding endpoints, PDF policy confirmations, and a sandbox insurer handoff path.
POST /api/policy
Policy endpoint
Issues sandbox policies after customer acceptance, triggers the insurer sandbox client, and returns a policy document URL.
POST /api/claim
Claim endpoint
Captures a claim initiation event, persists the request when configured, and triggers a pilot-stage claim notification.
x-api-key header
Authentication
Protected server-to-server routes accept an x-api-key header. Pilot mode stores only key prefix and SHA-256 hash.
POST /api/pilot-request
Pilot request endpoint
Captures qualified lead and pilot intake data for e-commerce platforms, marketplaces, and insurer partners.
POST /api/onboarding/*
Onboarding APIs
Create platform onboarding records, request sandbox API keys, and track checklist progress toward go-live.
Quote Example
{
"platformId": "optional",
"productCategory": "smartphone",
"productPrice": 500,
"country": "Morocco",
"currency": "EUR"
}Policy Example
{
"quoteId": "q_1714554000_ab12cd",
"customerName": "Jane Doe",
"customerEmail": "jane@example.com",
"productName": "iPhone 15",
"productSerial": "SN123456789"
}Claim Example
{
"policyId": "pol_1714554100_de34fg",
"claimantName": "Jane Doe",
"claimantEmail": "jane@example.com",
"claimType": "damage",
"description": "Screen damaged after accidental drop."
}Authentication
Use x-api-key on protected endpoints
Protected quote, policy, and claim endpoints expect an x-api-key header. For demo mode and local walkthroughs, use demo_ynsure_key.
API key lifecycle in Sprint 5: generate once from the operator or onboarding flow, return plaintext one time, store only key prefix and SHA-256 hash, and use sandbox credentials until full production controls are in place.
Onboarding API
Start onboarding before go-live review
{
"companyName": "Atlas Devices",
"website": "https://atlasdevices.ma",
"country": "Morocco",
"platformType": "E-commerce",
"monthlyVolume": "10000 orders",
"adminName": "Nadia Rahal",
"adminEmail": "ops@atlasdevices.ma",
"technicalName": "Youssef Alaoui",
"technicalEmail": "tech@atlasdevices.ma",
"productType": "device_protection",
"targetCategory": "smartphones",
"countriesCovered": "Morocco",
"estimatedMonthlyInsuredOrders": "1200"
}Policy Document Endpoint
Generated policy responses now return a document URL that points to /api/policy/<policyId>/document. This endpoint now returns a lightweight PDF confirmation for pilot workflows.
Sandbox Insurer Note
Policy issuance now performs a real outbound sandbox call with graceful fallback and can be logged to Supabase when configured. This is not a live insurer production integration.
Quote cURL
curl -X POST https://ynsure.co/api/quote \
-H "Content-Type: application/json" \
-H "x-api-key: demo_ynsure_key" \
-d '{"productCategory":"smartphone","productPrice":500,"country":"Morocco","currency":"EUR"}'Policy cURL
curl -X POST https://ynsure.co/api/policy \
-H "Content-Type: application/json" \
-H "x-api-key: demo_ynsure_key" \
-d '{"quoteId":"q_demo_001","customerName":"Jane Doe","customerEmail":"jane@example.com","productName":"iPhone 15"}'Claim cURL
curl -X POST https://ynsure.co/api/claim \
-H "Content-Type: application/json" \
-H "x-api-key: demo_ynsure_key" \
-d '{"policyId":"pol_demo_001","claimantName":"Jane Doe","claimantEmail":"jane@example.com","claimType":"damage","description":"Screen cracked"}'