FirstCyber Quote Service

Service Snapshot

Item	Sandbox	Production
Base URL	https://api-sandbox.k2cyber.co/quote/firstcyber	https://api.k2cyber.co/quote/firstcyber
Auth	OAuth 2.0 bearer token + Integration key header	OAuth 2.0 bearer token + Integration key header
Token URL	https://api-sandbox.k2cyber.co/auth/token	https://api.k2cyber.co/auth/token
Scope	quote	quote
Formats	JSON UTF-8	JSON UTF-8

Credentials

Both client credentials and integration keys are generated via the Partner Portal. Use the client credentials flow with your client_id and client_secret to obtain bearer tokens. Tokens should be cached and refreshed before expiry. Integration keys should be attached in an x-integration-key header with every request.

Sandbox Environment

The sandbox environment is available for integration development and testing with isolated synthetic data. Start your integration in sandbox and validate thoroughly before moving to production.

Downloads

Download the API specification and Postman collection for integration development:

Resource	Description
OpenAPI Spec (YAML)	OpenAPI 3.1 specification for code generation and API clients
Postman Collection	Pre-configured Postman collection with example requests

Using the Postman Collection

1. Import the collection into Postman
2. Set the base_url variable to https://api-sandbox.k2cyber.co/quote/firstcyber
3. Set the access_token variable with your OAuth token
4. Start testing endpoints immediately

Authentication

For each HTTP request to any K2 Cyber API endpoint:

1. Generate a bearer token

#Request...
curl -X POST https://api.k2cyber.co/auth/token \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "client_id=<CLIENT_ID>&client_secret=<CLIENT_SECRET>&grant_type=client_credentials&scope=quote"

#Response...
{
  "access_token": "eyJhbGc...",
  "token_type": "bearer",
  "expires_in": 3600,
}

2. Make an API Request with an integration key and the "access_token"

curl -X POST https://api.k2cyber.co/quote/firstcyber/submit \
  -H "x-integration-key: <INTEGRATION-KEY>"
  -H "Authorization: Bearer eyJhbGc..." \
  -H "Content-Type: application/json" \
  -d '{...}'

See our Partner Portal section for infromation on how to obtain these credentials.

Submit Quote

Create a new bindable quote by submitting all required underwriting information.

Endpoint

POST /submit

Required Fields

Field	Type	Description
broker_email	string (email)	Broker's email address
insured_name	string	Legal name of the insured entity
insured_location	object	Physical address of insured
claims	object	Prior claims history
effective_date	string (date)	Policy effective date (YYYY-MM-DD)
revenue	number/string	Annual revenue
naics	number	6-digit NAICS code
question_highrisk	boolean	High-risk operations flag
agg_limit	number/string	Aggregate policy limit
retention	number/string	Policy retention/deductible
website	object	Website information
insured_contact	object	Primary contact information

High Risk Operations

If the insured derives revenue from any of the operations listed below then the High-risk operations flag should be "true":

• Pornography
• Gambling
• Cannabis
• Cryptocurrency or Blockchain Technology
• Debt Collection
• Professional Data Processing / Aggregation, Storage, or Hosting
• Digital Tracking or Surveillance Services
• Managed Service or Security Service Provider (MSP or MSSP)
• Cyber Security Products or Services
• Managed, Accountable Care, or Nursing Care
• Sale of Firearms and Ammunition

Address Object

{
  "address_line1": "510 Meadowmont Village Circle #142",
  "address_line2": "Suite 200",
  "address_city": "Chapel Hill",
  "address_state": "NC",
  "address_zip": "27514"
}

Claims Object

{
  "claims_count": 1,
  "claims_amount": 1000000
}

Website Object

{
  "has_website": true,
  "domainName": "https://example.com"
}

Contact Object

{
  "first_name": "John",
  "last_name": "Doe",
  "email": "john.doe@example.com",
  "phone": "123-456-7890",
  "preferred_method": "Email"
}

Response

Success (200)

{
  "status": "approved",
  "data": {
    "created_at": "2025-10-14T12:00:00.000Z",
    "message": "Please note that the minimum retention is $2,500 based on the information provided.",
    "quote_id": "123e4567-e89b-12d3-a456-426614174000",
    "quote_status": "ready_to_bind",
    "checkout_link": "https://checkout.k2cyber.co/...",
    "product_details": {
      "product_name": "FirstCyber Standard"
    },
    "policy_term": {
      "premium_only": "$5,000.00",
      "policy_fee": "$300.00",
      "agg_limit": "$1,000,000.00",
      "retention": "$2,500.00",
      "effective_date": "2025-11-01",
      "expiration_date": "2026-11-01",
      "include_tria": true,
      "prior_acts": "None"
    },
    "personal_cyber": {
      "premium": "$500.00",
      "count": 1,
      "limit": "$25,000.00",
      "retention": "$250.00"
    },
    "coverage_details": {
      "info_privacy_network_limit": "$1,000,000.00",
      "regulatory_limit": "$1,000,000.00",
      "pci_dss_limit": "$100,000.00",
      "business_interruption_limit": "$500,000.00",
      "vendor_bi_limit": "$250,000.00",
      "cyber_extortion_limit": "$500,000.00",
      "funds_transfer_limit": "$100,000.00",
      "fraudulent_instruction_limit": "$100,000.00",
      "invoice_manipulation_limit": "$100,000.00",
      "media_liability_limit": "$1,000,000.00",
      "system_failure_limit": "$500,000.00",
      "vendor_system_failure_limit": "$250,000.00",
      "incident_response_limit": "$50,000.00",
      "data_recovery_limit": "$50,000.00",
      "utility_fraud_limit": "$25,000.00",
      "reputational_harm_limit": "$25,000.00",
      "business_interruption_restoration_period": 30,
      "business_interruption_waiting_period": 8,
      "vendor_bi_restoration_period": 30,
      "vendor_bi_waiting_period": 8,
      "vendor_system_failure_restoration_period": 30,
      "vendor_system_failure_waiting_period": 8,
      "system_failure_restoration_period": 30,
      "system_failure_waiting_period": 8
    }
  }
}

Declined (400)

{
  "status": "declined",
  "error": {
    "message": "Risk does not meet underwriting guidelines"
  }
}

Error (400)

{
  "status": "error",
  "error": {
    "message": "Validation error details"
  }
}

A quote.created event will be emitted with the quote ID once the quote has finished rating. The quote proposal PDF becomes available to download from GET /document/quote-proposal/stream/{id} once the quote.proposalReady webhook event has been emitted for the same quote ID. See the webhook documentation for more details on these events.

Create Bindable Quote

POST

/submit

Submit underwriting information for a new piece of business and receive a bindable quote. Returns a quote identifier, status, rated coverage details, and a checkout link.

Authorizations

OAUTH2_1

OAuth 2.0 client-credentials flow. Obtain a bearer token from the auth service and include it on every request in an Authorization header with a Bearer <token> value.

clientCredentials Flow

Token URL"https://api-sandbox.k2cyber.co/auth/token"

Scopes:

• "quote"

+

APIKEY_1

Integration key issued via the Partner Portal. Required on every request alongside the bearer token.

TypeAPI Key (header: x-integration-key)

Request Body

application/json

{

"broker_email": "someemail@brokerdomain.com",

"insured_name": "Company Name",

"insured_location": {

"address_line1": "510 Meadowmont Village Circle #142",

"address_line2": "Suite 200",

"address_city": "Chapel Hill",

"address_state": "NC",

"address_zip": "27514"

},

"insured_taxid": "12-3456789",

"claims": {

"claims_count": 1,

"claims_amount": 1000000

},

"year_founded": 2025,

"effective_date": "2025-08-19",

"revenue": 100000,

"naics": 111110,

"question_highrisk": false,

"agg_limit": 50000,

"retention": 2500,

"website": {

"has_website": true,

"domainName": "https://example.com"

},

"insured_contact": {

"first_name": "First Name",

"last_name": "Last Name",

"email": "email@somedomain.com",

"phone": "123-456-7890",

"preferred_method": "Email"

}

}

Responses

New-business quote created.

Content-Type

application/json

{

"status": "approved",

"data": {

"created_at": "2025-10-14T12:00:00.000Z",

"message": "Please note that the minimum retention is $2,500 based on the information provided.",

"quote_id": "123e4567-e89b-12d3-a456-426614174000",

"quote_status": "string",

"checkout_link": "https://checkout.k2cyber.co/?quote_id=123e4567-e89b-12d3-a456-426614174000",

"product_details": {

"product_name": "FirstCyber Standard"

},

"policy_term": {

"premium_only": "$5,000.00",

"policy_fee": "$300.00",

"agg_limit": "$1,000,000.00",

"retention": "$2,500.00",

"effective_date": "2025-11-01",

"expiration_date": "2026-11-01",

"include_tria": true,

"prior_acts": "Full Prior Acts"

},

"personal_cyber": {

"premium": "$500.00",

"count": 1,

"limit": "$25,000.00",

"retention": "$250.00"

},

"coverage_details": {

"info_privacy_network_limit": "$1,000,000.00",

"regulatory_limit": "$1,000,000.00",

"pci_dss_limit": "$100,000.00",

"business_interruption_limit": "$500,000.00",

"vendor_bi_limit": "$250,000.00",

"cyber_extortion_limit": "$500,000.00",

"funds_transfer_limit": "$100,000.00",

"fraudulent_instruction_limit": "$100,000.00",

"invoice_manipulation_limit": "$100,000.00",

"media_liability_limit": "$1,000,000.00",

"system_failure_limit": "$500,000.00",

"vendor_system_failure_limit": "$250,000.00",

"incident_response_limit": "$50,000.00",

"data_recovery_limit": "$50,000.00",

"utility_fraud_limit": "$25,000.00",

"reputational_harm_limit": "$25,000.00",

"business_interruption_restoration_period": 30,

"business_interruption_waiting_period": 8,

"vendor_bi_restoration_period": 30,

"vendor_bi_waiting_period": 8,

"vendor_system_failure_restoration_period": 30,

"vendor_system_failure_waiting_period": 8,

"system_failure_restoration_period": 30,

"system_failure_waiting_period": 8

}

}

}

POST

/submit

Playground

Server

Authorization

OAUTH2_1

APIKEY_1

Body

Samples

cURL

JavaScript

PHP

Python

Powered by VitePress OpenAPI

Get Quote Status

Retrieve current status and details for an existing quote.

Endpoint

GET /status/{id}

Parameters

Parameter	Type	Required	Description
id	UUID	Yes	Quote ID returned from submit endpoint

Response

Returns the same structure as the submit response, with updated status and details.

Get Quote

GET

/status/{id}

Retrieve the latest status and rated details for a previously created quote.

Authorizations

OAUTH2_1

OAuth 2.0 client-credentials flow. Obtain a bearer token from the auth service and include it on every request in an Authorization header with a Bearer <token> value.

clientCredentials Flow

Token URL"https://api-sandbox.k2cyber.co/auth/token"

Scopes:

• "quote"

+

APIKEY_1

Integration key issued via the Partner Portal. Required on every request alongside the bearer token.

TypeAPI Key (header: x-integration-key)

Parameters

Path Parameters

id*

Quote identifier returned from POST /submit.

Typestring

Required

Example"123e4567-e89b-12d3-a456-426614174000"

Format"uuid"

Responses

Quote retrieved.

Content-Type

application/json

{

"status": "success",

"data": {

"created_at": "2025-10-14T12:00:00.000Z",

"message": "Please note that the minimum retention is $2,500 based on the information provided.",

"quote_id": "123e4567-e89b-12d3-a456-426614174000",

"quote_status": "string",

"checkout_link": "https://checkout.k2cyber.co/?quote_id=123e4567-e89b-12d3-a456-426614174000",

"product_details": {

"product_name": "FirstCyber Standard"

},

"policy_term": {

"premium_only": "$5,000.00",

"policy_fee": "$300.00",

"agg_limit": "$1,000,000.00",

"retention": "$2,500.00",

"effective_date": "2025-11-01",

"expiration_date": "2026-11-01",

"include_tria": true,

"prior_acts": "Full Prior Acts"

},

"personal_cyber": {

"premium": "$500.00",

"count": 1,

"limit": "$25,000.00",

"retention": "$250.00"

},

"coverage_details": {

"info_privacy_network_limit": "$1,000,000.00",

"regulatory_limit": "$1,000,000.00",

"pci_dss_limit": "$100,000.00",

"business_interruption_limit": "$500,000.00",

"vendor_bi_limit": "$250,000.00",

"cyber_extortion_limit": "$500,000.00",

"funds_transfer_limit": "$100,000.00",

"fraudulent_instruction_limit": "$100,000.00",

"invoice_manipulation_limit": "$100,000.00",

"media_liability_limit": "$1,000,000.00",

"system_failure_limit": "$500,000.00",

"vendor_system_failure_limit": "$250,000.00",

"incident_response_limit": "$50,000.00",

"data_recovery_limit": "$50,000.00",

"utility_fraud_limit": "$25,000.00",

"reputational_harm_limit": "$25,000.00",

"business_interruption_restoration_period": 30,

"business_interruption_waiting_period": 8,

"vendor_bi_restoration_period": 30,

"vendor_bi_waiting_period": 8,

"vendor_system_failure_restoration_period": 30,

"vendor_system_failure_waiting_period": 8,

"system_failure_restoration_period": 30,

"system_failure_waiting_period": 8

}

}

}

GET

/status/{id}

Playground

Server

Authorization

OAUTH2_1

APIKEY_1

Variables

Key

Value

id*

Samples

cURL

JavaScript

PHP

Python

Powered by VitePress OpenAPI

Quote Status Values

The quote_status field indicates the current state of a quote in the processing workflow:

Status	Description
pending	Quote is being processed or awaiting review
approved_rate	Quote has been approved with a rate, but broker is not onbaorded to K2 Cyber
ready_to_bind	Quote is ready to be bound
bound	Quote has been bound
issued	Policy has been successfully issued
declined	Quote was declined by underwriting
underwriter_review	Quote requires manual underwriter review
failed	Quote processing failed due to an error

Status Flow: For straight-through processing, quotes follow this progression:

pending → ready_to_bind → bound → issued

Get Quote Preview Document

Retrieve the quote preview document as a PDF byte stream.

Endpoint

GET /document/quote-preview/stream/{id}

Parameters

Parameter	Type	Required	Description
id	UUID	Yes	Quote ID returned from submit endpoint

Response

Success (200)

Returns the quote preview document as a PDF byte stream with Content-Type: application/pdf.

Error (400)

Returns a plain text error message with Content-Type: text/plain.

Error message describing what went wrong

Get Quote Preview Document as Byte Stream

GET

/document/quote-preview/stream/{id}

Retrieve the quote preview PDF for a quote.

Authorizations

OAUTH2_1

OAuth 2.0 client-credentials flow. Obtain a bearer token from the auth service and include it on every request in an Authorization header with a Bearer <token> value.

clientCredentials Flow

Token URL"https://api-sandbox.k2cyber.co/auth/token"

Scopes:

• "quote"

+

APIKEY_1

Integration key issued via the Partner Portal. Required on every request alongside the bearer token.

TypeAPI Key (header: x-integration-key)

Parameters

Path Parameters

id*

Quote identifier.

Typestring

Required

Example"123e4567-e89b-12d3-a456-426614174000"

Format"uuid"

Responses

Quote preview PDF.

Content-Type

application/pdf

"string"

GET

/document/quote-preview/stream/{id}

Playground

Server

Authorization

OAUTH2_1

APIKEY_1

Variables

Key

Value

id*

Samples

cURL

JavaScript

PHP

Python

Powered by VitePress OpenAPI

Get Quote Proposal Document

Retrieve the rated quote proposal document as a PDF byte stream. The quote proposal is the rated, customer-facing PDF that accompanies a fully rated quote — distinct from the quote preview (which can be available earlier in the lifecycle).

The proposal is ready to download as soon as the quote.proposalReady webhook event has been emitted for the corresponding quote_id. If you are not subscribed to that event, see the Availability table below for the equivalent quote statuses.

Endpoint

GET /document/quote-proposal/stream/{id}

Parameters

Parameter	Type	Required	Description
id	UUID	Yes	Quote ID returned from submit endpoint

Availability

The quote proposal is generated once the quote has finished rating. It can be retrieved when the quote is in one of the following statuses:

Status	Proposal Available
approved_rate	Yes
ready_to_bind	Yes
underwriter_review	Yes
issued	Yes
pending	Not yet — quote is still being rated
bound	Not available — quote has transitioned past proposal
declined	Not available
failed	Not available

Response

Success (200)

Returns the quote proposal document as a PDF byte stream with Content-Type: application/pdf.

Not Ready (409)

Returned while the quote is still being rated or is in a bind/issue transition. Retry once the quote reaches approved_rate, ready_to_bind, underwriter_review, or issued.

Quote proposal is not ready, please try again later.

Not Found (404)

Returned when the quote does not exist, or when the quote is in a state where no proposal is produced (for example a declined or failed quote).

Quote not found

Error (400 / 500)

Returns a plain text error message with Content-Type: text/plain.

Error message describing what went wrong

Polling

If your integration retrieves the proposal immediately after POST /submit, expect a brief window where 409 Not Ready is returned while rating completes. Poll GET /status/{id} until quote_status is ready_to_bind (or another proposal-eligible status above) before requesting the proposal.

Get Quote Proposal Document as Byte Stream

GET

/document/quote-proposal/stream/{id}

Retrieve the rated quote-proposal PDF for a quote. Available once the quote has finished rating (approved_rate, ready_to_bind, underwriter_review, or issued). Returns 409 while the quote is still rating or in a bind/issue transition state.

Authorizations

OAUTH2_1

OAuth 2.0 client-credentials flow. Obtain a bearer token from the auth service and include it on every request in an Authorization header with a Bearer <token> value.

clientCredentials Flow

Token URL"https://api-sandbox.k2cyber.co/auth/token"

Scopes:

• "quote"

+

APIKEY_1

Integration key issued via the Partner Portal. Required on every request alongside the bearer token.

TypeAPI Key (header: x-integration-key)

Parameters

Path Parameters

id*

Quote identifier.

Typestring

Required

Example"123e4567-e89b-12d3-a456-426614174000"

Format"uuid"

Responses

Quote proposal PDF.

Content-Type

application/pdf

"string"

GET

/document/quote-proposal/stream/{id}

Playground

Server

Authorization

OAUTH2_1

APIKEY_1

Variables

Key

Value

id*

Samples

cURL

JavaScript

PHP

Python

Powered by VitePress OpenAPI

Update Quote

Update contact information for a quote before binding.

Endpoint

PUT /update/{id}

Parameters

Parameter	Type	Required	Description
id	UUID	Yes	Quote ID to update

Request Body

All fields are optional:

{
  "insured_contact": {
    "first_name": "Jane",
    "last_name": "Smith",
    "email": "jane.smith@example.com",
    "phone": "123-456-7890",
    "preferred_method": "Email"
  },
  "it_manager_same": false,
  "it_manager_contact": {
    "first_name": "Bob",
    "last_name": "Johnson",
    "email": "bob.johnson@example.com",
    "title": "IT Manager"
  }
}

Response

{
  "status": "success",
  "data": {
    "id": "123e4567-e89b-12d3-a456-426614174000",
    "status": "pending"
  }
}

Update Quote before bind

PUT

/update/{id}

Update contact information on a quote prior to binding. Quote must be in ready_to_bind or approved_rate status.

Authorizations

OAUTH2_1

OAuth 2.0 client-credentials flow. Obtain a bearer token from the auth service and include it on every request in an Authorization header with a Bearer <token> value.

clientCredentials Flow

Token URL"https://api-sandbox.k2cyber.co/auth/token"

Scopes:

• "quote"

+

APIKEY_1

Integration key issued via the Partner Portal. Required on every request alongside the bearer token.

TypeAPI Key (header: x-integration-key)

Parameters

Path Parameters

id*

Quote identifier returned from POST /submit.

Typestring

Required

Example"123e4567-e89b-12d3-a456-426614174000"

Format"uuid"

Request Body

application/json

{

"insured_contact": {

"first_name": "string",

"last_name": "string",

"email": "string",

"phone": "string",

"preferred_method": "string"

},

"it_manager_same": true,

"it_manager_contact": {

"first_name": "string",

"last_name": "string",

"email": "string",

"title": "string"

}

}

Responses

Update accepted; quote re-rating queued.

Content-Type

application/json

{

"status": "success",

"data": {

"id": "123e4567-e89b-12d3-a456-426614174000",

"status": "string"

}

}

PUT

/update/{id}

Playground

Server

Authorization

OAUTH2_1

APIKEY_1

Variables

Key

Value

id*

Body

Samples

cURL

JavaScript

PHP

Python

Powered by VitePress OpenAPI

Bind Quote

Finalize a quote and issue the policy.

Endpoint

PUT /bind/{id}

Parameters

Parameter	Type	Required	Description
id	UUID	Yes	Quote ID to bind

Request Body

Empty object (no additional data required):

{}

Response

Success (202 Accepted)

{
  "status": "accepted",
  "data": {
    "id": "123e4567-e89b-12d3-a456-426614174000"
  }
}

The bind operation is processed asynchronously. The response returns immediately with a 202 Accepted status and the quote ID. A policy.created event will be emitted with the policy ID once the bind operation completes. See the webhook documentation for more details on this event.

Bind & Issue Quote

PUT

/bind/{id}

Bind a quote and issue the policy. The bind operation is processed asynchronously — the response returns immediately with status: accepted and the quote identifier, and a policy.created webhook event is emitted once bind completes.

Authorizations

OAUTH2_1

OAuth 2.0 client-credentials flow. Obtain a bearer token from the auth service and include it on every request in an Authorization header with a Bearer <token> value.

clientCredentials Flow

Token URL"https://api-sandbox.k2cyber.co/auth/token"

Scopes:

• "quote"

+

APIKEY_1

Integration key issued via the Partner Portal. Required on every request alongside the bearer token.

TypeAPI Key (header: x-integration-key)

Parameters

Path Parameters

id*

Quote identifier to bind.

Typestring

Required

Example"123e4567-e89b-12d3-a456-426614174000"

Format"uuid"

Request Body

application/json

{

}

Responses

Bind request accepted for asynchronous processing.

Content-Type

application/json

{

"status": "accepted",

"data": {

"id": "123e4567-e89b-12d3-a456-426614174000"

}

}

PUT

/bind/{id}

Playground

Server

Authorization

OAUTH2_1

APIKEY_1

Variables

Key

Value

id*

Body

Samples

cURL

JavaScript

PHP

Python

Powered by VitePress OpenAPI

Get Policy Document

Retrieve the policy document as a PDF byte stream. Policy Documents are available once a quote is in an 'issued' status.

The policy document is ready to download as soon as the policy.created webhook event has been emitted for the corresponding quote_id. If you are not subscribed to that event, poll GET /status/{id} until quote_status is issued before requesting the document.

Endpoint

GET /document/policy/stream/{id}

Parameters

Parameter	Type	Required	Description
id	UUID	Yes	Quote ID returned from submit endpoint

Response

Success (200)

Returns the policy document as a PDF byte stream with Content-Type: application/pdf.

Error (400)

Returns a plain text error message with Content-Type: text/plain.

Error message describing what went wrong

Get Policy Document as Byte Stream

GET

/document/policy/stream/{id}

Retrieve the issued policy PDF. Only available once the quote is in issued status.

Authorizations

OAUTH2_1

OAuth 2.0 client-credentials flow. Obtain a bearer token from the auth service and include it on every request in an Authorization header with a Bearer <token> value.

clientCredentials Flow

Token URL"https://api-sandbox.k2cyber.co/auth/token"

Scopes:

• "quote"

+

APIKEY_1

Integration key issued via the Partner Portal. Required on every request alongside the bearer token.

TypeAPI Key (header: x-integration-key)

Parameters

Path Parameters

id*

Quote identifier of the issued policy.

Typestring

Required

Example"123e4567-e89b-12d3-a456-426614174000"

Format"uuid"

Responses

Issued policy PDF.

Content-Type

application/pdf

"string"

GET

/document/policy/stream/{id}

Playground

Server

Authorization

OAUTH2_1

APIKEY_1

Variables

Key

Value

id*

Samples

cURL

JavaScript

PHP

Python

Powered by VitePress OpenAPI

Error Handling

HTTP Status Codes

Code	Meaning
200	Success
202	Accepted - request accepted for asynchronous processing (bind endpoint)
400	Bad Request - validation error or declined quote
401	Unauthorized - invalid or expired token
404	Not Found - quote ID doesn't exist
500	Internal Server Error

Error Response Format

{
  "status": "error",
  "error": {
    "message": "Detailed error message"
  }
}

Declined Quote Format

{
  "status": "declined",
  "error": {
    "message": "Reason for decline"
  }
}

Best Practices

Token Management

• Cache tokens and reuse until near expiry
• Implement token refresh logic before expiration
• Store tokens securely (never in client-side code or logs)

Error Handling

• Implement exponential backoff for 5xx errors
• Log all error responses with quote IDs for troubleshooting
• Handle both error and declined status appropriately in your UI

Status Polling

• Poll /status/{id} endpoint to check quote processing status
• Use reasonable polling intervals (e.g., every 2-3 seconds)
• Stop polling once status is ready_to_bind, approved_rate underwriter_review, or failed
• Status flow: pending → ready_to_bind → bound → issued

Validation

• Validate email formats before submission
• Ensure NAICS codes are 6 digits
• Format dates as YYYY-MM-DD
• Use proper EIN format for tax IDs

Integration Checklist

• [ ] Obtain OAuth credentials from Partner Portal
• [ ] Implement token acquisition and refresh logic
• [ ] Test submit endpoint with sample data
• [ ] Implement status polling for async quote processing
• [ ] Handle declined quotes gracefully
• [ ] Test update endpoint for contact changes
• [ ] Test bind endpoint for policy issuance
• [ ] Implement proper error logging with quote IDs
• [ ] Complete integration testing before production deployment

Support

For technical support or questions about the FirstCyber Quote Service:

• Email: ray@k2cyber.ai
• Include the quote_id and timestamp in all support requests