experience - fr - omnichannel - risk-management

Risk management API

Authenticating

Before calling API, client needs to request for a JSON Web Token (JWT) from authorisation server.

JSON Web Token (JWT) is a URL-secure method of representing claims to be transferred between two parties. The claims in a JWT are encoded as a JSON object that is used as the payload of a JSON Web Signature (JWS), or as a JSON web encryption (JWE) structure in plain text. This enables the claims to be digitally signed and integrity protected with a message authentication code (MAC). Because the token is signed, you can trust the information and its source.

Here steps to perform an API call :

1. Client send request into Authorisation server sending athorisation Client id and secret (provided by lafarge holcim) as authorisation header. Then access token is returned in response payload.
2. Client calls api using obtained Access token as Authorisation header and client id and secret as http headers. Here client id/ secret couple is difference than the one used in Authorization request, and it's also provided by Lafage Holcim.

You can request Lafarge Holcim to share the full details of Authentication procedure in seperate document.

Available operations

• POST claim: This allows to post claim resource into Lafarge holcim systems.
• PUT claim : Allows to update a specific claim resource in Lafarge holcim systems (in-build).
• POST file: Allows tu upload attachments into a specific claim.

Others considerations

Resources are asynchronously propagated in Lafarge holcim systems, then when the client call post or patch an API resource and obtains success http reponse (200 or 201), it's doesn't mean that the resource was fully created/updated in Lafarge systems.