Changelog
The changelog highlights notable updates to customer-facing APIs and portals.
2025-12-11 (v1.6.0)
Changed
Partner Portal Documentation: Comprehensive rewrite based on current implementation
- Clarified credential management workflow (Integration Keys, M2M Clients, Webhook Keys)
- Important clarification: Webhook Keys are registration tokens for Webhook Portal access only—they are NOT signing secrets
- Updated authentication flow examples with correct endpoints
- Added detailed explanations for each credential type and its purpose
- Improved troubleshooting section with common issues
Webhook Portal Documentation: Major update to reflect actual implementation
- Documented two access methods: Partner Admin Login (recommended) and Webhook Key Registration
- Important clarification: Signing secrets for webhook verification are generated per-endpoint, not from Partner Portal webhook keys
- BREAKING: Corrected webhook header names:
Event-ID(notX-K2-Event-Id)Timestamp(notX-K2-Delivery-Timestamp)X-Platform-Signature(notX-K2-Signature)
- BREAKING: Corrected signature verification: Signature is computed over
${Event-ID}.${Timestamp}.${RequestBody}, not just the body - Corrected timeout: 8 seconds (not 30 seconds)
- Corrected retry logic: Exponential backoff (1s, 2s, 4s... up to 60s), max 10 attempts
- Added circuit breaker documentation: Endpoints disabled after 5 failures in 5 minutes
- Updated event types to accurately reflect the 3 currently available events
- Added complete code examples for Node.js and Python signature verification
- Added idempotency implementation example
Quick Start Guide: Added Partner Portal URLs to environment table
2025-12-11
- BREAKING CHANGE: An Integration key in the
x-integration-keyheader is now REQUIRED when using endpoints within the quote service.- Sandbox and Production Integration keys (as well as m2m clients to get OAuth2.0 Bearer Tokens) can be generated @ https://partners-sandbox.k2cyber.co and https://partners.k2cyber.co respectively.
- Updated quick start and partner portal documentation to reflect current implementation around credential management and usage.
2025-12-08
- Sandbox Environment Now Available: The sandbox environment is now live for integration development and testing
- API Sandbox:
https://api-sandbox.k2cyber.co - Partner Portal Sandbox:
https://partners-sandbox.k2cyber.co - Webhook Portal Sandbox:
https://webhook-portal-sandbox.k2cyber.co - Isolated synthetic data for safe testing
- Updated documentation across Quick Start, FirstCyber Quote Service, Personal Cyber Quote Service, Partner Portal, and Webhook Portal
- OpenAPI specs now default to sandbox URLs for "Try it out" functionality
- API Sandbox:
2025-20-17
- POST /quote/firstcyber/submit: taxid is no longer required to create a quote.
2025-11-17
- Added GET /document/quote-preview/:id endpoint to firstcyber-quote.yaml and corresponding .md
2025-11-06
- Added M2M (Machine-to-Machine) Client documentation to Partner Portal
- New authentication method using Stytch for API access
- Includes setup instructions, usage examples, and comparison with Integration Keys
- M2M clients automatically provisioned with
quotescope - Support for activate/deactivate operations
2025-10-23
- Temporarily disabled Personal Cyber Quote Service documentation from navigation (content preserved for future re-enablement)
2025-10-22
- Corrected Partner Portal URL
2025-10-21
- Updated Personal Cyber Quote Service documentation to match FirstCyber format
- Removed test environment URL (api-test.k2cyber.co) in favor of "Sandbox Environment - Coming Soon" message
- Consistent messaging across all quote service documentation
2025-02-15
- Added admin quote endpoint documentation and sample payloads.
- Improved webhook portal insight panels with retry counts.
2025-01-12
- Partner Portal added integration key rotation workflow and deployment-ready Dockerfile.
2024-12-03
- Initial publication of the customer documentation portal.