External Two squares, one overlapping the bottom one. Top square has an arrow pointing away, as if leading you away

Registering an app

Registering Your App To Use The Zywave API

  1. Request access to Zywave Admin

    To start building an application using the Zywave API, you first must register your application through the Zywave admin tool. If you don't have access, contact your primary contact at Zywave and let them know you're interested in creating an application using Zywave APIs.

  2. Use Zywave Admin to register your application

    Click Registered Apps > Add application, then fill out the required information. Make sure you pay careful attention to the following.

    Application secret

    This automatically generated value is important for authentication with OAuth 2.0 and should be stored in a secure location. Once this value has been saved, it can't be accessed again from Zywave. If this value is ever lost, you will need to generate or provide a new value and save the the changes.

    Grant types

    These values dictate the method or methods your application will use to retrieve access tokens from IdentityServer. Consult the documentation for the particular library or framework you use for OAuth to determine which works best for your application.

    Scopes

    These values determine what data your application may access and when operations it may perform on the data. Consult the specification for the particular Zywave API endpoint you intend to use in order to determine which values to set.

    Which scopes does my registered app require?

    Scopes are related to the data your registered app is trying to access, which is often correlated to specific API endpoints. Below is a list of API endpoints and their related scopes.

    API version API endpoints Related scopes
    v3.x Industries api.industries
    Lead insights api.companies, api.companies:read
    v2.x Accounts and contacts api.accounts, api.accounts.read
    Agencies api.agencies, api.agencies.read
    Carriers api.carriers, api.carriers.read
    Commercial benchmark policy api.commercialpolicybenchmark, api.commercialpolicybenchmark:read
    Content api.content, api.content.read
    Group benefit quoting api.plans, api.plans.read
    Carriers api.carriers, api.carriers.read
    Licenses api.licenses, api.licenses.read
    Policies api.policies, api.policies.read
    User profiles api.profiles

    The below scopes are standard, OpenID Connect scopes. The descriptions are sourced from the OpenID Connect specification.

    Scope Use case
    profile This scope value requests access to the End-User's default profile Claims, which are: name, family_name, given_name, middle_name, nickname, preferred_username, profile, picture, website, gender, birthdate, zoneinfo, locale, and updated_at.
    email This scope value requests access to the email and email_verified Claims.
    phone This scope value requests access to the phone_number and phone_number_verified Claims.
    address This scope value requests access to the address Claim.
    offline_access This scope value requests that an OAuth 2.0 Refresh Token be issued that can be used to obtain an Access Token that grants access to the End-User's UserInfo Endpoint even when the End-User is not present (not logged in).