If you find errors or omissions in this document, please don’t hesitate to submit an issue or open a pull request with a fix. We also encourage you to ask questions and discuss any aspects of the project on the mailing list or in the chat room. New contributors are always welcome!

Release notes

26/01/2024, v7.0, new methods freeze, details and field financingEndDate in application
28/04/2023, v6.2, new field swappableCovers in application and in quotation and section coversSwappable in bundleCode
26/10/2021, v6.1, rename resource nationality from nationalityCode
12/10/2021, v6, new method requestCustomerApproval in application
27/01/2021, v5, new field firstRegistrationDate in application and in quotation
12/05/2020, v4, payment code, application as document, example response and fixed links in move to Prepay and issue by Charge, proposed packages in pricing
26/09/2019, v3, add indirectAgentCode and grossWeight in application and policy
12/09/2019, v2, return discounts in bundles pricing
22/08/2019, v1.4, addition of cards api
22/08/2019, v1.3, add last receipt and amendment in application and policy
12/06/2019, v1.2.3, renamed search parameter "size" to "limit" and max value for applications and policies
28/05/2019, v1.2.2, add more parameters for bundle pricing in quotes
24/04/2019, v1.2.1, fix description on issue renewal by charging
17/04/2019, v1.2, addition of greencard actions in policies
10/04/2019, v1.0.2, fix typos and field names in request on applications and policies search

1. Introduction

The Big Picture

The api gateway is a place where Allianz European Reliance’s API’s of web services as APIs are exposed together with a portal help site for developers.

What are the web services APIs?

Behind the gateway, exposed, are our enterprise insurance services, which can be used by external developers, for applications that produce and consume insurance data, consumed by external parties.

Namely, it is, at the moment:

mtr-api

Service for vehicle insurance application and policy processing, pricing, quoting plus more.

2. API gateway

In front of all the services there is a common layer called gateway. It is enforcing constraints common to all services like security, accounting and rate limiting.

Gateway is responsible for:

  • The first level of authentication and authorization of every call to the internal services

  • Counting the invocations and rate limiting them.

It is essentially the gateway guard that every call must show its credentials in order to pass.

Each API call passes from two levels of authentication and authorization.

2.1. Authentication and authorization

Levels of authentication and authorization
  • First level: each call is being checked to see two things. if it contains an API key that is authorized to access the specified API resource and if it obeys some specified rate limiting access rules. If it doesn’t then a specific gateway error response is returned (see General Web Service Errors and Web Service Rate Limits).

  • Second level: Depending on the service, each call is checked if it contains an Authorization header with a valid Bearer token.

An authorization token is fetched first from a specific service endpoint.
Steps

If a company user wants to use an externally provided program (your program) he must first authorize it to impersonate him by following a specific procedure through our company’s portal.

Within that procedure the user publishes a user-key, a 40 character key, that ties his identity with the identity of your program. This bond can be enabled, disabled, deleted, and recreated by the user whenever he wants.

The user is instructed to deliver this user-key to your program in order for you to use it for the purpose of obtaining an authorization token from the API.

This authorization token together with your api-key must be supplied as header parameters with any API call.

2.1.1. First check

At first, you must obtain an API key that uniquely identifies you, by following the procedure of signing up. After approval you will be given access to certain provided APIs.

2.1.2. Second check

The second level of authorization is the API specific authorization. Each call is checked to see if it contains an authorization header. If not then a 401 Unauthorized error response is returned.

The authorization header is an “Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxx” where the xxxx part is the token and is obtained by accessing a specific “tokens” address (see later). Steps

Please take care of your api-key, the client user-key and the resulting authorization tokens are to be stored safely and never be shared with third parties.

Use always secure communication protocols

Our services are served under HTTPS only. If you believe that your api-key or any other key or token got leaked to the outside world contact us immediately. We will disable them and supply you with new one.

If we don’t disable them, they may be used in an illegal way by a third party without us having a way to differentiate a valid usage from an invalid one. If you want your api-key to be tied permanently with your IP for added security, contact us.

2.2. API Key Usage

How to use your API key after signing up.

After signing up, you’ll be given your own, unique API key which is a 40 character string. The key:

  • Uniquely identifies you.

  • Gives you access to europisti.gr’s Web services.

  • Should be kept private and should not be shared.

The API may be used several ways. In order of precedence:

HTTP Header, the preferred way

Pass the API key into the X-api-key header:

curl -H 'X-api-key: DEMO_KEY' "https://gateway.europisti.gr/dev/mtr-api/resources/parameters"
GET Request Query Param

To use your key, simply pass the key as a URL query parameter when making Web service requests. For example:

curl https://gateway.europisti.gr/dev/mtr-api/resources/?api_key=YOUR_KEY"

Regardless of the HTTP method being called, the API key can always be passed as a GET parameter in the URL query. So even if you are POSTing or PUTing to a specific service, the api_key query parameter can be supplied in the URL query parameters.

Alternative Method

Depending on your usage, it can sometimes be easier to pass the API key along as HTTP Basic authentication. If you want to use this method, pass your API key in as the username, while leaving the password blank. For example:

curl "http://YOUR_KEY_HERE@gateway.europisti.gr/dev/mtr-api/resources"

2.3. Web Service Rate Limits

Daily and hourly rate limits on accessing europisti.gr’s Web services.

Rate Limits

There is a limit on the number of europisti.gr web service requests you can make using your API key. Rate limits may vary by service, but the defaults are:

Hourly Limit: 1,000 requests per hour

For each API key, these limits are applied across all europisti.gr web services requests. Exceeding these limits will lead to your API key being temporarily blocked from making further requests. Depending on the limit exceeded, the block will be lifted automatically by waiting until the next hour or calendar day.

2.3.1. How Do I See My Current Usage?

Your can check your current rate limit and usage details by inspecting the X-RateLimit-Limit and X-RateLimit-Remaining HTTP headers that are returned on every API response. For example, if an API has the default hourly limit of 1,000 request, after making 2 requests, you will receive these HTTP headers in the response of the second request:

X-RateLimit-Limit: 1000
X-RateLimit-Remaining: 998

2.3.2. Understanding Rate Limit Time Periods

Hourly Limit

The hourly counters for your API key reset on a rolling basis. Example:

  1. If you made 500 requests at 10:15AM and 500 requests at 10:25AM, your API key would become temporarily blocked.

  2. This temporary block of your API key would cease at 11:15AM, at which point you could make 500 requests.

  3. At 11:25AM, you could then make another 500 requests.

2.3.3. Rate Limit Error Response

If your API key exceeds the rate limits, you will receive a response with an HTTP status code of 429 (Too Many Requests).

2.3.4. Need Higher Limits?

If you’re building an application that needs higher rate limits, we’d be happy to work with you. Contact us for more details.

2.3.5. Errors at gateway’s level

Certain, general errors will be returned in a standardized way from all web services. Additional, service-specific error messages may also be returned (see individual service documentation for those details). The following list describes the general errors any application may return:

Error Codes
Error Code HTTP Status Code Description

API_KEY_MISSING

403

An API key was not supplied. Read API key usage for details on how to pass your API key to the API.

API_KEY_INVALID

403

An invalid API key was supplied. Double check that the API key being passed in is valid, or sign up for an API key.

API_KEY_DISABLED

403

The API key supplied has been disabled by an administrator. Please contact us for assistance.

API_KEY_UNAUTHORIZED

403

The API key supplied is not authorized to access the given service. Please contact us for assistance.

API_KEY_UNVERIFIED

403

The API key supplied has not been verified yet. Please check your e-mail to verify the API key. Please contact us for assistance if needed.

HTTPS_REQUIRED

400

Requests to this API must be made over HTTPS. Ensure that the URL being used is over HTTPS.

OVER_RATE_LIMIT

429

The API key has exceeded the rate limits. Read rate limits for more details or contact us for assistance.

NOT_FOUND

404

An API could not be found at the given URL. Check your URL.

Error Response Body

The error response body will contain an error code value from the table above and a brief description of the error. The descriptions are subject to change, so it’s suggested that any error handling must use the HTTP status code or the error code value for error handling (and not the content of the message description).

Error Message Response Formats

Depending on the detected format of the request, the error message response may be returned in JSON, XML, CSV, or HTML. Requests of an unknown format will return errors in JSON format.

JSON Example

{
 "error": {
   "code": "API_KEY_MISSING",
   "message": "No api_key was supplied. Get one at https://gateway.europisti.gr"
  }
}

XML Example

<response>
  <error>
    <code>API_KEY_MISSING</code>
    <message>No api_key was supplied. Get one at https://gateway.europisti.gr</message>
  </error>
</response>

CSV Example

Error Code,Error Message
API_KEY_MISSING,No api_key was supplied. Get one at https://gateway.europisti.gr

HTML Example

<html>
  <body>
    <h1>API_KEY_MISSING</h1>
    <p>No api_key was supplied. Get one at https://gateway.europisti.gr</p>
  </body>
</html>

2.4. Dev vs Prod

In order to access a developer’s sandbox for developing and testing reasons, it is enough just to add the word dev in the path after the server name and before the actual api’s path, for example:

Production URI        https://gateway.europisti.gr/mtr-api/resources
Sandbox URI           https://gateway.europisti.gr/dev/mtr-api/resources

Of course it is necessary for your API key to be accepted and given access to both environments by the authorization procedures that are established with your registration.

By having a valid and authorized X-api-key, any call can pass gateway’s checks and access any internal APIs that was given access to it. One such API is the mtr-api.

3. MTR-API intro

General information

The mtr-api is accessible via https://gateway.europisti.gr/dev/mtr-api/resources. In order to use this API, you must pass:

  • Your API key via one of the supported methods, preferably as header parameter

  • AND an authorization token via the Authorization header.

To make requests to the API two headers are required:

X-Api-Key:     YOUR_API_KEY_HERE
Authorization: Bearer CLIENT_BEARER_TOKEN_HERE

Without these two headers all calls to mtr-api will be rejected with the response 401-Unauthorized

3.1. Authorization

3.1.1. Getting authorization tokens

An Authorization client bearer token is thus required, and the way to get it is via a POST request to https://gateway.europisti.gr/dev/mtr-api/resources/tokens which requires only the api-key header as prerequisite and a JSON encoded payload of the user-key.

As an example from command line use:

curl -i \
-H 'Content-type: application/json' \
-H 'X-Api-Key: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' \
-X POST https://gateway.europisti.gr/dev/mtr-api/resources/tokens \
-d '{"user-key": "vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv"}'

With a correct and existing api-key and user-key which have been connected by the client internally, the response will be a 201 Created, and as the body the token and an Authorization header containing a token of type Bearer will be returned.

This token-in-body or token-in-header must be saved on the client side and must be used in all subsequent calls to every other mtr-api. The only exception to this rule, of course, is the current https://gateway.europisti.gr/dev/mtr-api/resources/tokens for creating new tokens.

A convenience header X-Token-Expires-In: xxxx seconds is returned by default. It is the time remaining in seconds for which the token will be valid. With this header it is possible to calculate beforehand when a token renewal call will be needed.

By default the token is valid for 30 minutes after which the server will reject subsequent calls with the response 401 Unauthorized and an extra error header X-Error: Token Expired

If the client receives this error he can request a new token which will be valid for 30 more minutes.

No extra header
If the client gets response 401 Unauthorized without the extra header, then that means the authentication failed on the server side due to either wrong keys or because the client of the user-key refuses access to the X-Api-Key holder. In such case it is advised to first get in contact with your client (of user-key) to remedy the situation.
User impersonating another user

Sometimes a user needs to impersonate another user. For example a secretary might need access to various services in the name of an agent that gave her such rights. If the user has the right to use another person’s code (as dictated by company’s internal rules), you can grand them permission by appending a field named “agent-code” with the impersonated agent’s code as value. As an example:

curl -i \
-H 'Content-type: application/json' \
-H 'X-Api-Key: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' \
-X POST "https://gateway.europisti.gr/dev/mtr-api/resources/tokens" \
-d '{"user-key": "vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv", “agent-code”: “SSSS”}'
string ISO date

When the specification of a date named field is “string ISO date”, it is expected to be supplied with a date in ISO 8601 format like “2018-10-28” or a datetime like “2018-10-28T13:55:00”.

The date fields are expected to be in the Greek time zone and the conversions are handled by the api. When a datetime field is returned and it doesn’t end with a 'Z' (which denotes a UTC date) then it is supposed to be a Greek LocalDate value.

3.2. Errors

When the mtr-api encounters an error condition outside the normal flow, it tries to return that error condition with a specific header named X-Error. So when it encounters incomplete or bad requests, incoming data validation errors or specific internal error conditions, it sets the error header informing the client application with a more specific message.

You will use this information for correcting the condition and maybe retrying the operation. For example when the authentication token expires, the client application receives a 401 Unauthorized status with the specific header X-Error: Token Expired signalling that a new token must be obtained first from the “tokens” resource and then the operation can be retried.

3.2.1. Other headers

When an operation returns with a failure status, it is possible that a header named X-Error is returned and usually an error entity with error details for both.

For operations like POSTing new entities and for the success status 201 Created, a Location header is set, according to standards with the uri of the new entity.

Some operations return extra information or actions in the Link headers. For example when issuing an application a link for the notification document is included. The operations that return this kind of information are documented.

For reference purposes, click this link to find out more about known response status codes.

3.3. CORS

The mtr-api supports CORS and set required headers.

4. Applications

Overview

The following API endpoints can be used to programmatically create, retrieve and delete applications.

Available actions are:

Search for application

Returns a list of applications for the search criteria. Can be paged if start and limit request parameters is used.

Retrieve an application

Retrieve an application.

Retrieve an empty new template application

Retrieve an empty application to be used as template for new application.

Insert new application

Create a new application.

Update an application

Change an existing application for new policy, as long as it is in initial status.

Cancel an application/application in prepay status/renewal application in prepay status

Cancel an application. Can be used to cancel a new application for policy or a renewal application in prepay status.

Freeze application

Set an application in a special pending status while waiting for vehicle delivery date to issue the policy.

Update a freezed application

An application, previously freezed, for specific sales channels, can be partially changed.

Request for application approval

Set an application that needs approval from an underwriter, in that status.

Request for customer application approval

Request approval of a complete application from the customer.

Move an application to PREPAY status

A new application without errors must be set in PREPAY status in order to trigger the notification procedures. In that status, the user can create an application document for the client or a payment notification document or retrieve a payment code for paying by bank or other means or even proceed with issuing the application to policy by charging his/her account if that is possible or even notify the client with a URI for online payment and paying by card and fixed payment bank order.

Retrieve payment code

Retrieve a payment code for an application in PREPAY status to use for paying by card and/or fixed payment bank order.

Issue application to policy by charging user

Issue an application if it is possible for the user to charge his/her account.

Retrieve a payment notification document

Create a payment notification document from an application in PREPAY status or from a renewal application in PREPAY status.

Retrieve an application as document

Create a completed application document for a client to sign from an application in PREPAY status.

Guides

Fields with names ending in Code (like bundleCode) expect to receive the parametric code while fields with names ending in Title (like bundleTitle) contain a description for the field. The description fields are not required when inserting or updating an application, only the code fields are. Values for the code fields are supposed to be found from the appropriate parameter calls on parameters resource.

The api informs you for any payload validation errors or other type of errors with an error status and an entity.

An application when validated from the server usually contain some extra information in the form of applicationMessages that are supposed to be seen by the user.

An application expects at least to be supplied with client details. If the insured party is the same as the client the details are not required to be inserted because the api will supply the same entity for the client and the insured.

A bundleCode is mandatory for an application. Any extra covers must be supplied in the form of space or comma delimited string in the field named extraCovers. For added convenience the extraCovers field is returned calculated for existing applications. An extra cover may be used as a swappable (replacement) cover if the bundle supports it, look at bundle as parameter definition. The coversSwappable map mandatory covers with possible swappables covers defined at bundle layer. Any swappable covers must be supplied in the form of space or comma delimited string in the field named swappableCovers.

The status of an application does not change automatically without an action. With every action of inserting or updating an application, a new status is calculated. If you wanted to recalculate an application you should, for example, first fetch the current version of the application if you do not already have it and then update it with the same information. This will force the system to recalculate it. There are many criteria that an application must meet in order to be valid and some of them can not be influenced by the end user.

Status of an application and possible next actions:

00, 20, 25

in entry with errors requiring user intervention and update, next steps are update application or requestApproval from underwriter or cancel application

01, 04

it is OK and can proceed to prepay, next steps are issuePrepay or cancel

45

in prepay, next steps are application as document or notification document or retrieve paymentCode of application or issueCharge policy or cancel application

02, 22

cancelled application

03, 30, 31, 32 etc

is pending and managed by an underwriter, it is possible that there are messages for any pending issues, next steps are done only from the underwriter

39

is waiting for customer approval

05, 06

published policy

4.1. Search for

In order to search for user’s applications a GET request must be submitted to the resource. The response is a JSON array of search result rows.

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Parameters
Name Required Description Default Size Example

start

optional

starting row number, used for paging

1

1

limit

optional

result page size, max rows, used for paging

20

5000

20

clientName

optional

starting letters of client’s last name, usually greek capital letters, url encoded if not ascii chars

20

ABC

fromDate

optional

application insert date

10

2018-09-30

clientAfm

optional

client’s tax number

9

012345678

plateNo

optional

plate number, greek capital letters and numbers, url encoded

15

%CE%91%CE%92%CE%961234

statusCode

optional

application’s status

2

01

applicationNo

optional

application’s number

10

1234567890

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
"https://gateway.europisti.gr/dev/mtr-api/resources/applications?start=1&size=100&statusCode=01"
Example Response
[
 {
  "agentCode": "string",
  "agentTitle": "string",
  "applicationDate": "string",
  "applicationNo": "string",
  "branchCode": "string",
  "branchTitle": "string",
  "clientAfm": "string",
  "clientCode": "string",
  "clientName": "string",
  "id": number,
  "payFrequencyInMonths": number,
  "plateNo": "string",
  "policyEndDate": "string",
  "policyNo": "string",
  "policyStartDate": "string",
  "rowNo": number,
  "statusCode": "string",
  "statusTitle": "string"
 }
]

4.2. Retrieve one

In order to return an application when the application id is known, a GET request must be submitted to the resource followed by the application id. In case the application exists and the user has the rights to display, it will return a success 200 Success response status with entity details or a 400 Bad request response status with an error entity describing the error condition.

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
-X GET "https://gateway.europisti.gr/dev/mtr-api/resources/applications/123456789"
Example Error Response

A typical error entity is:

{
 "status": "ERROR",
 "error": "-1",
 "message": "ΔΕΝ ΕΧΕΤΕ ΠΡΟΣΒΑΣΗ ΣΤΗΝ ΑΙΤΗΣΗ"
}
Example Success Response
{
 "agentCode": "0000",
 "agentTitle": "ΧΧΧΧΧΧΧΧΧΧΧΧ",
 "applicationDate": "2018-09-27",
 "applicationMessages": [
  {
   "id": "1",
   "description": "Προστέθηκε η έκπτωση οικογενειακού αυτοκινήτου."
  },
  {
   "id": "2",
   "description": "Απαιτείται πιστοποίηση έδρας του ασφαλισμένου. Πρέπει να επισυνάψετε Άδεια Κυκλοφορίας ή Λογ/σμο Κινητής Τηλ/νιας ή Εκκαθ.Εφορίας."
  }
 ],
 "applicationNo": "000000000",
 "amendmentIssueDate": "2019-05-30",
 "amendmentNo": 234567,
 "bonusMalus": -2,
 "branchCode": "10",
 "branchTitle": "ΑΥΤΟΚΙΝΗΤΩΝ",
 "bundleCode": "216",
 "bundleTitle": "BASIC 200",
 "client": {
  "addressCity": "ΧΧΧΧΧΧΧΧΧ",
  "addressPostcode": "00000",
  "addressStreet": "ΧΧΧΧΧΧΧΧΧΧΧΧΧ",
  "afm": "000000000",
  "birthdate": "1982-06-13",
  "doyCode": "0000",
  "doyTitle": "ΧΧΧΧΧΧΧΧΧΧΧ",
  "fathersName": "ΧΧΧΧΧΧΧΧΧΧΧ",
  "firstName": "ΧΧΧΧΧΧΧΧΧ",
  "genderCode": "1",
  "genderTitle": "ΑΝΔΡΑΣ",
  "jobCode": "000",
  "jobTitle": "ΧΧΧΧΧΧΧΧΧΧΧΧΧΧΧΧ",
  "lastName": "ΧΧΧΧΧΧΧΧΧΧΧΧ",
  "mobile": "6980000000",
  "personTypeCode": "01",
  "personTypeTitle": "ΦΥΣΙΚΟ ΠΡΟΣΩΠΟ",
  "phone": "1234567890"
 },
 "covers": [
  {
   "coverCode": "001",
   "coverTitle": "Σωματικές Βλάβες Τρίτων και Επιβαινόντων (ανά θύμα)",
   "insuredValue": 1220000,
   "deductible": 0,
   "netPremium": 0000,
   "grossPremium": 00000
  },
  {
   "coverCode": "002",
   "coverTitle": "Αστική Ευθύνη εντός Φυλασσομένων χώρων, Ferry, Εξωτερικό",
   "insuredValue": 0,
   "deductible": 0,
   "netPremium": 0000,
   "grossPremium": 0000
  },
  {
   "coverCode": "011",
   "coverTitle": "Υλικές Ζημιές Τρίτων (ανά ατύχημα)",
   "insuredValue": 1220000,
   "deductible": 0,
   "netPremium": 0000,
   "grossPremium": 0000
  },
  {
   "coverCode": "060",
   "coverTitle": "Φροντίδα Ατυχήματος Inter Partner Assistance",
   "insuredValue": 0,
   "deductible": 0,
   "netPremium": 0000,
   "grossPremium": 0000
  },
  {
   "coverCode": "065",
   "coverTitle": "Προστασία B/M και κάλυψη Υ. Ζ. από Ανασφ. όχημα έως 30.000 ευρώ",
   "insuredValue": 0,
   "deductible": 0,
   "netPremium": 0000,
   "grossPremium": 0000
  },
  {
   "coverCode": "070",
   "coverTitle": "Ρυμούλκηση από Ατύχημα Inter Partner Assistance",
   "insuredValue": 0,
   "deductible": 0,
   "netPremium": 0000,
   "grossPremium": 0000
  }
 ],
 "discounts": [
  {
   "id": 131,
   "title": "Έκπτωση οικογενειακού οχήματος",
   "discount": 5
  }
 ],
 "driverBirthYear": 1982,
 "driverLicenceDate": "2002-08-08",
 "driverLicenceTitle": "ΕΡΑΣΙΤΕΧΝΙΚΟ",
 "driverLicenceType": "2",
 "engineCc": 1286,
 "extraCovers": "070",
 "factoryName": "HYUNDAI",
 "financingEndDate": "2028-01-01",
 "firstRegistrationDate": "1998-01-01",
 "fuelType": 0,
 "frameNumber": "00000000000",
 "grossWeight": 3500,
 "id": 123456789,
 "insured": {
  "addressCity": "ΧΧΧΧΧΧΧΧΧ",
  "addressPostcode": "00000",
  "addressStreet": "ΧΧΧΧΧΧΧΧΧΧΧΧΧ",
  "afm": "000000000",
  "birthdate": "1982-06-13",
  "doyCode": "0000",
  "doyTitle": "ΧΧΧΧΧΧΧΧΧΧΧ",
  "fathersName": "ΧΧΧΧΧΧΧΧΧΧΧ",
  "firstName": "ΧΧΧΧΧΧΧΧΧ",
  "genderCode": "1",
  "genderTitle": "ΑΝΔΡΑΣ",
  "jobCode": "000",
  "jobTitle": "ΧΧΧΧΧΧΧΧΧΧΧΧΧΧΧΧ",
  "lastName": "ΧΧΧΧΧΧΧΧΧΧΧΧ",
  "mobile": "6980000000",
  "personTypeCode": "01",
  "personTypeTitle": "ΦΥΣΙΚΟ ΠΡΟΣΩΠΟ",
  "phone": "1234567890"
 },
 "indirectAgentCode": "123456",
 "indirectAgentTitle": "XXXXXXXXXXXXXX",
 "insuredValue": 2000,
 "leaseType": 0,
 "makeCode": "022",
 "makeTitle": "HYUNDAI",
 "manufactureYear": 1998,
 "modelCode": "001",
 "ownershipTransferDate": "2019-09-30",
 "payFrequencyInMonths": 12,
 "pendingMessages": [],
 "plateNo": "ΧΧΧ1234",
 "policyAnniversaryDate": "2019-09-30T23:59:00",
 "policyEndDate": "2019-09-30T23:59:00",
 "policyNo": "000000000",
 "policyStartDate": "2018-09-30T00:00:00",
 "powerInKw": 0,
 "rateCode": "000",
 "rateTitle": "(000) ΧΧΧΧΧΧΧΧΧΧΧΧ",
 "receiptIssueDate": "2018-09-30",
 "receiptNo": 123456,
 "regionCode": "01",
 "regionName": "Αττικής",
 "statusCode": "25",
 "statusTitle": "ΧΡΗΖΕΙ ΑΠΟΣΤΟΛΗΣ ΓΙΑ ΕΓΚΡΙΣΗ",
 "taxableHp": 9,
 "usageCode": "00",
 "usageSubcode": "0",
 "usageTitle": "ΕΙΧ. ",
 "vehicleSeats": 5
}

4.3. Retrieve a template

An empty application is returned to be used as template for a new application.

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
-X GET "https://gateway.europisti.gr/dev/mtr-api/resources/applications/template"
Example Response

An prefilled with sample data application

{
 "agentCode": "0000",
 "agentTitle": "ΧΧΧΧΧΧΧΧΧΧΧΧ",
 "applicationDate": "2018-09-27",
 ...
}

4.4. Insert

Field regionPostcode is mandatory and it is the postcode of the area that the vehicle is currently in. It replaces any older notion of regionCode and rateCode. From that field the appropriate values for the other two is calculated internally. BundleCode is then validated against this field, so the correct way to fill an application is first to find the correct bundleCodes for a postCode and then fill the code in the application. If this step is omitted, then it is possible for the application to fail validation with a message that says that the combination is not correct. Available combinations is expected to be changed often and may be depended from the current user.

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

The field policyStartDate must contain the desired date with time information, formatted as "yyyy-MM-ddTHH:mm:ss" for example "2019-02-15T13:40:00" or "2019-02-15T00:00:00"
Retrieving a template application and filling the appropriate fields is an easy way to prepare an application
Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
-H 'Content-type: application/json' \
-X POST "https://gateway.europisti.gr/dev/mtr-api/resources/applications"
-d '{"agentCode": "string",
     "commisionAgentCode": "string",
     "serviceAgentCode": "string",
     "client": {
        "lastName": "string",
        "firstName": "string",
        "fathersName": "string",
        "addressStreet": "string",
        "addressCity": "string",
        "addressPostcode": "string",
        "phone": "string",
        "mobile": "string",
        "email": "string",
        "jobCode": "string",
        "birthdate": "string ISO date",
        "genderCode": "string",
        "afm": "string",
        "doyCode": "string",
        "identityNo": "string",
        "identityDate": "string ISO date",
        "amka": "string",
        "passport": "string",
        "citizenship": "string",
        "personTypeCode": "string",
        "personType": "string"
         }
     "pawnerTitle": "string",
     "policyStartDate": "string ISO date",
     "payFrequencyInMonths": number,
     "bundleCode": "string",
     "extraCovers": "string",
     "swappableCovers": "string",
     "regionPostcode": "string",
     "plateNo": "string",
     "usageCode": "string",
     "usageSubcode": "string",
     "bonusMalus": number,
     "taxableHp": number,
     "engineCc": number,
     "powerInKw": number,
     "grossWeight": number,
     "insuredValue": number,
     "firstRegistrationDate": "string ISO date",
     "fuelType": number,
     "autonomousType": number,
     "leaseType": number,
     "vehicleSeats": number,
     "manufactureYear": number,
     "driverBirthYear": number,
     "driverLicenceType": "string",
     "driverLicenceDate": "string ISO date",
     "frameNumber": "string",
     "makeCode": "string",
     "modelCode": "string",
     "secondOwner": "string",
     "discountCodes": "string",
     "contactwayCode": "string",
     "comments": "string",
     "indirectAgentCode": "string",
     "financingEndDate": "string ISO date",
     "ownershipTransferDate": "string ISO date"
}'
Example Error Response
{
 "status": "ERROR",
 "error": "-2",
 "message": "...."
}
Example Success Response
{
  "agentCode": "0000",
 "agentTitle": "ΧΧΧΧΧΧΧΧΧΧΧΧ",
 "applicationDate": "2018-09-27",
 ...
}

From the openapi resource specification we can see that the complete application resource with supporting entities is:

"MtrApplication": {
     "userName": "string",
     "id": number,
     "branchCode": "string",
     "branchTitle": "string",
     "statusCode": "string",
     "statusTitle": "string",
     "policyNo": "string",
     "applicationNo": "string",
     "applicationDate": "string ISO date",
     "agentCode": "string",
     "agentTitle": "string",
     "commisionAgentCode": "string",
     "commisionAgentTitle": "string",
     "serviceAgentCode": "string",
     "serviceAgentTitle": "string",
     "client": { MtrPerson }
     "id": number,
     "insured": { MtrPerson"}
     "pawnerTitle": "string",
     "policyIssueDate": "string ISO date",
     "policyStartDate": "string ISO date",
     "policyEndDate": "string ISO date",
     "policyAnniversaryDate": "string ISO date",
     "payFrequencyInMonths": number,
     "rateCode": "string",
     "rateTitle": "string",
     "bundleCode": "string",
     "bundleTitle": "string",
     "extraCovers": "string",
     "swappableCovers": "string",
     "regionPostcode": "string",
     "regionCode": "string",
     "regionName": "string",
     "plateNo": "string",
     "factoryName": "string",
     "usageCode": "string",
     "usageTitle": "string",
     "usageSubcode": "string",
     "bonusMalus": number,
     "taxableHp": number,
     "engineCc": number,
     "powerInKw": number,
     "grossWeight": number,
     "insuredValue": number,
     "fuelType": number,
     "fuelTitle": "string",
     "autonomousType": number,
     "autonomousTitle": "string",
     "leaseType": number,
     "leaseTypeTitle": "string",
     "grossWeight": number,
     "vehicleSeats": number,
     "manufactureYear": number,
     "driverName": "string",
     "driverBirthYear": number,
     "driverLicenceType": "string",
     "driverLicenceTitle": "string",
     "driverLicenceDate": "string ISO date",
     "frameNumber": "string",
     "makeCode": "string",
     "makeTitle": "string",
     "modelCode": "string",
     "modelTitle": "string",
     "secondOwner": "string",
     "discountCodes": "string",
     "contactwayCode": "string",
     "contactwayTitle": "string",
     "comments": "string",
     "covers": [ {
        "coverCode": "string",
        "coverTitle": "string",
        "insuredValue": number,
        "deductible": number,
        "netPremium": number,
        "grossPremium": number
                  } ]
     "discounts": [{ "id": "string", "description": "string" }],
     "pendingMessages": [{ "id": "string", "description": "string" }],
     "applicationMessages": [{ "id": "string", "description": "string" }],
     "actionOutcome": { "no": "string", "message": "string" },
     "receiptNo": number,
     "receiptIssueDate": "string ISO date",
     "amendmentNo": number,
     "amendmentIssueDate": "string ISO date",
     "indirectAgentCode": "string",
     "indirectAgentTitle": "string",
     "financingEndDate": "string ISO date",
     "ownershipTransferDate": "string ISO date,

}


"MtrPerson": {
     "id": "string",
     "lastName": "string",
     "firstName": "string",
     "fathersName": "string",
     "addressStreet": "string",
     "addressCity": "string",
     "addressPostcode": "string",
     "phone": "string",
     "mobile": "string",
     "email": "string",
     "jobCode": "string",
     "jobTitle": "string",
     "birthdate": "string",
     "licenceDate": "string ISO date",
     "genderCode": "string",
     "genderTitle": "string",
     "afm": "string",
     "doyCode": "string",
     "doyTitle": "string",
     "identityNo": "string",
     "identityDate": "string ISO date",
     "amka": "string",
     "passport": "string",
     "citizenship": "string",
     "personTypeCode": "string",
     "personTypeTitle": "string",
     "licenceType": "string",
     "licenceTitle": "string",
     "personType": "string"
   }

4.5. Update

The most easy way to update an existing application is first to fetch it, let the user change it and submit it with a PUT request to the resource followed by the application id.

It will return a success 200 Success response status with entity details or a 400 Bad request response status with an error entity describing the error condition.

The success entity is the same as in the Find an application example as is the error response.

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

The field policyStartDate must contain the desired date with time information, formatted as "yyyy-MM-ddTHH:mm:ss" for example "2019-02-15T13:40:00" or "2019-02-15T00:00:00"
Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
-H 'Content-type: application/json' \
-X PUT "https://gateway.europisti.gr/dev/mtr-api/resources/applications/123456789"
-d '{... application}'
Example Error Response
{
 "status": "ERROR",
 "error": "-1",
 "message": "ΔΕΝ ΕΧΕΤΕ ΠΡΟΣΒΑΣΗ ΣΤΗΝ ΑΙΤΗΣΗ"
}
Example Success Response
{
  "agentCode": "0000",
 "agentTitle": "ΧΧΧΧΧΧΧΧΧΧΧΧ",
 "applicationDate": "2018-09-27",
 ...
}

4.6. Cancel

Cancel an application/application in prepay status/renewal application in prepay status.

A DELETE request to the resource followed by the application id. A response of 204 No Content is returned. The application immediately after that will be in Cancelled status.

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
-X DELETE "https://gateway.europisti.gr/dev/mtr-api/resources/applications/123456789"
Example Error Response
{
 "status": "ERROR",
 "error": "-1",
 "message": "ΔΕΝ ΕΧΕΤΕ ΠΡΟΣΒΑΣΗ ΣΤΗΝ ΑΙΤΗΣΗ"
}

4.7. Freeze application

For an application in status 01 (OK) and for specific sales channels, it is possible to set it in a special pending status, waiting for vehicle delivery date to issue the policy. In this pending status, application can only be updated by an equally special method of "details" of plateNumber and firstRegistrationDate.

A PUT with an empty entity on resource URL sets it in this special pending status. A response with a status of 200 OK is returned with an entity in body containing the requested application id, a 25 digit pay code and total amount to deposit as payment in advance. The application immediately after that will be in pending status. On failure, it returns response with status 400 Bad Request and error object in body.

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
-X PUT "https://gateway.europisti.gr/dev/mtr-api/resources/applications/123456789/freeze"
Example Success Response
{
 "id": 123456789,
 "upid": "1234567890123456789012345",
 "amount": 1234.56
}
Example Error Response
{
 "status": "ERROR",
 "error": "-4",
 "message": "Η ΑΙΤΗΣΗ ΔΕΝ ΒΡΕΘΗΚΕ Η ΔΕΝ ΕΙΝΑΙ ΣΤΗΝ ΚΑΤΑΛΛΗΛΗ ΚΑΤΑΣΤΑΣΗ"
}

4.8. Update a freezed application

An application, previously freezed, for specific sales channels, can be updated, specifically the plateNumber and the firstRegistrationDate can be changed. On success the api will respond with a 205 Reset Content status. The application will continue to be in pending status. The user can proceed with 'move to prepay' and 'issue by charging user' in order to complete policy issuance. On error the response will be a 400 Bad Request with the error object in body.

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
-H 'Content-type: application/json' \
-X PUT "https://gateway.europisti.gr/dev/mtr-api/resources/applications/123456789/details"
-d '{"plateNo": "string", "registrationDate": "string"}'
Example Error Response
{
 "status": "ERROR",
 "error": "-1",
 "message": "ΔΕΝ ΕΧΕΤΕ ΠΡΟΣΒΑΣΗ ΣΤΗΝ ΑΙΤΗΣΗ"
}

4.9. Request approval

An application depending on some conditions might return messages saying that an approval from an underwriter is required. In these situations, if the user wants to proceed with requesting approval, it is enough to PUT an empty entity on resource URL. On success the api will respond with a 205 Reset status in which case the application cannot be altered by the user any more. When an underwriter examines the application, it will be changed back to a status that is actionable by the user.

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
-H 'Content-type: application/json' \
-X PUT "https://gateway.europisti.gr/dev/mtr-api/resources/applications/123456789/requestApproval"
Example Error Response
{
 "status": "ERROR",
 "error": "-1",
 "message": "ΔΕΝ ΕΧΕΤΕ ΠΡΟΣΒΑΣΗ ΣΤΗΝ ΑΙΤΗΣΗ"
}

4.10. Request customer approval

For an application in status 01 (OK), it is possible to communicate with the customer the need for application approval. An email with instructions to follow will be send to the customer. It will contain a link for a specific web based application in which the customer will be presented with a printable version of the application and be asked for approval. In order for this communication to happen, it is important that the customer email address and mobile phone are correct.

In order to proceed with requesting approval, it is enough to PUT an empty entity on resource URL. On success the api will respond with a 200 OK status, and the url to redirect the customer in order to see/download the application as a document and approve it. The application cannot be altered by the user any more. The application immediately after will be in status 39 waiting for customer approval. Next, when and if the customer approves the application, it will move in status 45 (Prepay) and the customer will be presented with options to pay online or by other means.

If a need arise for a change, the application can be changed back to a status that is actionable by the user only by contacting an underwritter.

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
-H 'Content-type: application/json' \
-X PUT "https://gateway.europisti.gr/dev/mtr-api/resources/applications/123456789/requestCustomerApproval"
Example Success Response
{
  "url": "https://myservices.europisti.gr/pls/apex/f?p=ms:eaccept:::NO:APP:H200:CE4C26298F5A5112E0538402010A003F"
}
Example Error Response
{
  "status": "ERROR",
  "error": "-4",
  "message": "Η ΑΙΤΗΣΗ ΔΕΝ ΒΡΕΘΗΚΕ Η ΔΕΝ ΕΙΝΑΙ ΣΤΗΝ ΚΑΤΑΛΛΗΛΗ ΚΑΤΑΣΤΑΣΗ"
}

4.11. Move to PREPAY

If a user wants to proceed with an application and issue a PREPAY notification, a PUT with an empty resource is needed on entity URL. On success the api will respond with a 205 Reset status, a Link header for application document retrieval, a Link header for notification document retrieval and a Link header with the uri for issue by charging for users that can and want to proceed that way and an x-payment-code header with the payment code to use in online banking payment systems.

A link is used to express a typed relationship with another resource, where the relation type is defined by RFC 5988

Returned header link titles are: Application, Notification, Issue by Charge and Online pay link.

An application in PREPAY status can be canceled by the user or canceled automatically after some days have passed (usually 15 days, defined by the issuing department). An application in that status isn’t a policy yet, even if it is assigned a policy number. You can see that an application like that doesn’t have an issue date nor a receipt number.

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
-H 'Content-type: application/json' \
-X PUT "https://gateway.europisti.gr/dev/mtr-api/resources/applications/123456789/issuePrepay"
Example Success Response Headers
...
link: <https://gateway.europisti.gr/dev/mtr-api/resources/applications/123456789/application>; rel="document"; title="Application"; type="application/pdf", <https://gateway.europisti.gr/dev/mtr-api/resources/applications/123456789/notification>; rel="document"; title="Notification"; type="application/pdf", <https://gateway.europisti.gr/dev/mtr-api/resources/applications/123456789/issueCharge>; rel="issue"; title="Issue by Charge"; type="application/json", <http://thasos.europisti.gr/pls/apex/f?p=ms:1:0:EXTERNAL:NO:1:P1_20DIGIT:00000012345678912345>; rel="online-pay"; title="Online pay link"; type="text/html"
x-payment-code: 00000012345678912345
...
Example Error Response
{
   "status": "ERROR",
   "error": "-1",
   "message": "ΔΕΝ ΕΧΕΤΕ ΠΡΟΣΒΑΣΗ ΣΤΗΝ ΑΙΤΗΣΗ"
}

4.12. Payment code

A payment code is a 20 digit code that can be used in paying by online means like by card or in a banking system. A payment code can be created for an application that is in the specific status of prepay. Additionaly the responce contains the link for company’s secure online payment system where the real client can arrange fixed payment orders or pay by cards.

This code is also returned as available in success response headers of the action issuePrepay as x-payment-code.

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
-X GET "https://gateway.europisti.gr/dev/mtr-api/resources/applications/123456789/paymentCode"
Example Success Response
{
 "paymentCode": "00000012345678912345",
 "onlinePayUrl": "http://thasos.europisti.gr/pls/apex/f?p=ms:1:0:EXTERNAL:NO:1:P1_20DIGIT:00000012345678912345"
}
Example Error Response
{
 "status": "ERROR",
 "error": "-1",
 "message": "ΔΕΝ ΕΧΕΤΕ ΠΡΟΣΒΑΣΗ ΣΤΗΝ ΑΙΤΗΣΗ"
}

4.13. Issue by charging user

if the user wants and is able to proceed by charging his account, a PUT with an empty resource is needed on entity URL in order to issue the application immediately. On success the api will respond with a 205 Reset status and a Link header for policy document retrieval.

A link is used to express a typed relationship with another resource, where the relation type is defined by RFC 5988
Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
-H 'Content-type: application/json' \
-X PUT "https://gateway.europisti.gr/dev/mtr-api/resources/applications/123456789/issueCharge"
Example Success Response Headers
...
link: <https://gateway.europisti.gr/dev/mtr-api/resources/applications/123456789/documents/-987654/image>; rel="document"; title="Policy"; type="application/pdf"
...
Example Error Response
{
    "status": "ERROR",
    "error": "-501",
    "message": "ΑΝΕΝΕΡΓΗ ΔΥΝΑΤΟΤΗΤΑ ΕΙΣΠΡΑΞΗΣ"
}

4.14. Payment notification

A payment notification document will be created for an application that is in the specific status of prepay. It means that only entites in this status will be able to produce a notification document. If the entity is already issued as a policy then only other type of documents can be returned.

This action is also returned as available in success response headers of the action issuePrepay with a relation of "document" and title of "Notification".

This notification document can be produced as many times as the user wants and it is always created with the last entity status and data.

Resource Information

Response formats

binary

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
-X GET "https://gateway.europisti.gr/dev/mtr-api/resources/applications/123456789/notification"
Example Error Response
{
 "status": "ERROR",
 "error": "-1",
 "message": "ΔΕΝ ΕΧΕΤΕ ΠΡΟΣΒΑΣΗ ΣΤΗΝ ΑΙΤΗΣΗ"
}

4.15. Application as document

A completed application as document will be created for an application that is in the specific status of prepay. It means that only entites in this status will be able to produce a document. If the entity is already issued as a policy then only other type of documents can be returned.

The document serves the purpose of the completed application which the client must accept and sign.

This action is also returned as available in success response headers of the action issuePrepay with a relation of "document" and title of "Application".

This application document can be produced as many times as the user wants and it is always created with the last entity status and data.

Resource Information

Response formats

binary

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
-X GET "https://gateway.europisti.gr/dev/mtr-api/resources/applications/123456789/application"
Example Error Response
{
 "status": "ERROR",
 "error": "-1",
 "message": "ΔΕΝ ΕΧΕΤΕ ΠΡΟΣΒΑΣΗ ΣΤΗΝ ΑΙΤΗΣΗ"
}

4.16. List documents

When a GET request is issued on resource, the api will return an array of documents that exist under that application. The field named id contains the document id that can be used for subsequent operations on that document. Each document metadata consists of the id, the filename of the document the document category and user comments. Maximum file length of an image must be less than 3MB.

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
-X GET "https://gateway.europisti.gr/dev/mtr-api/resources/applications/123456789/documents"
Example Response
[
  {
    "fileName": "data.pdf",
    "categoryId": 12,
    "category": "Αντίγραφο Συμβολαίου άλλης Εταιρίας",
    "comments": "Κάποια σχόλια"
  },
  ...
]
Example Error Response
{
 "status": "ERROR",
 "error": "-1",
 "message": "ΔΕΝ ΕΧΕΤΕ ΠΡΟΣΒΑΣΗ ΣΤΗΝ ΑΙΤΗΣΗ"
}

4.17. Retrieve a document

Accessing with GET the resource will return the metadata of the document with an id which is related with application. If the reqouest parameter withfile=1 is passed, then the response will also contain the image encoded as BASE64.

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Parameters
Name Required Description Default Max Example

withfile

optional

include file in json response as BASE64 encoded image

0

1

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
-X GET "https://gateway.europisti.gr/dev/mtr-api/resources/applications/123456789/documents/1234"
Example Response
{
  "fileName": "data.pdf",
  "categoryId": 12,
  "category": "Αντίγραφο Συμβολαίου άλλης Εταιρίας",
  "comments": "Κάποια σχόλια"
}
Example Request with added parameter
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
-X GET "https://gateway.europisti.gr/dev/mtr-api/resources/applications/123456789/documents/1234?withfile=1"
Example Response with file
{
  "fileName": "data.pdf",
  "categoryId": 12,
  "category": "Αντίγραφο Συμβολαίου άλλης Εταιρίας",
  "comments": "Κάποια σχόλια",
  "image": "_9j_4AwUC__EFhcYGR..."
}
Example Error Response
{
 "status": "ERROR",
 "error": "-1",
 "message": "ΔΕΝ ΕΧΕΤΕ ΠΡΟΣΒΑΣΗ ΣΤΗΝ ΑΙΤΗΣΗ"
}

4.18. Retrieve as file

Accessing with GET the resource will return the file image of the document which is related with application.

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
-X GET "https://gateway.europisti.gr/dev/mtr-api/resources/applications/123456789/documents/2345678"
Example Response
Binary image of the file
Example Error Response
{
 "status": "ERROR",
 "error": "-1",
 "message": "ΔΕΝ ΕΧΕΤΕ ΠΡΟΣΒΑΣΗ ΣΤΗΝ ΑΙΤΗΣΗ"
}

4.19. Insert document

In order to insert a new document, except the image by itself, it’s file name, an appropriate document category and ,optionally ,user comments. Because these fields may be posted as request parameters, it must be url encoded and escaped in order to be inserted correctly. So by POSTing to resource a raw file of supported formats and size, this new file is inserted. The api will reply with a 201 Accepted and the document resource in Location header and an entity with the id and link of the new document.

Acceptable MIME content types for usual file extensions
extension MIME type

jpeg, jpg

"image/jpeg"

png

"image/png"

tiff

"image/tiff"

pdf

"application/pdf"

csv

"text/csv"

txt

"text/plain"

zip

"application/zip"

rtf

"application/rtf"

doc

"application/msword"

ppt

"application/vnd.ms-powerpoint"

xls

"application/vnd.ms-excel"

docx, odt

"application/vnd.openxmlformats-officedocument.wordprocessingml.document"

xlsx, ods

"application/vnd.openxmlformats-officedocument.spreadsheetml.sheet"

pptx, odt

"application/vnd.openxmlformats-officedocument.presentationml.presentation"

URL Parameters
Name Required Description Default Max Example

fileName

optional

the file name (url encoded)

some_image.jpg

categoryId

optional

document category (from parameters)

0

12

comments

optional

user comments (url encoded)

500

some+comments

An example call is:

curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token’' \
-H 'Content-type: image/jpeg' --data "@some_image.jpg" \
-X POST "https://gateway.europisti.gr/dev/mtr-api/resources/applications/123456/documents?fileName=some_image.jpg&categoryId=12&comments=some+comments"

The above command will send by POSTing the image named “some_image.jpg” (the @ symbol is specific to curl and means the actual file) which is of type 12 (some parametric document category) and will add as comments the text “some comments”. Take care of the parameters; they must be url encoded because they are added as request parameters.

The api on success will respond with the Location header set to the link of the new document and a JSON entity like:

{
  "id": 247236,
  "link": "https://gateway.europisti.gr/dev/mtr-api/resources/applications/123456/documents/247236"
}

This link will retrieve the document’s metadata, and if the request parameter withfile=1 is appended to that link, the document encoded as BASE64 will be retrieved together with the metadata.

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request for a file without metadata passing
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
-H 'Content-type: application/pdf' \
-X POST "https://gateway.europisti.gr/dev/mtr-api/resources/applications/123456789/documents" \
--data-binary '@/some/path/data.pdf'
Example Request for a file passing metadata as parameters
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
-H 'Content-type: application/pdf' \
-X POST "https://gateway.europisti.gr/dev/mtr-api/resources/applications/123456789/documents?fileName=data.pdf&categoryId=8&comments=comments+%CF%83%CF%87%CF%8C%CE%BB%CE%B9%CE%B1" \
--data-binary '@/some/path/data.pdf'
Example Response
{
  "id":2472170,
  "link":"https://gateway.europisti.gr/dev/mtr-api/resources/applications/123456789/documents/2472170"
}
Example Error Response
{
 "status": "ERROR",
 "error": "-1",
 "message": "ΔΕΝ ΕΧΕΤΕ ΠΡΟΣΒΑΣΗ ΣΤΗΝ ΑΙΤΗΣΗ"
}

4.20. Update document

With PUT to the resource it is possible to update some of the metadata of a document (probably retrieved by GETing the same and altered by the user). Metadata that can be updated are the file name, the category id (which is mandatory) and lastly the comments.

The actual image data cannot be updated and it is suggested to delete and insert the new document.
Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
-H 'Content-type: application/json' \
-X PUT "https://gateway.europisti.gr/dev/mtr-api/resources/applications/123456789/documents/2345678" \
-d '{ "fileName": "data.pdf", "categoryId": 12, "comments": "Κάποια σχόλια" }'

On success the system will reply with 204 No Content

Example Error Response
{
 "status": "ERROR",
 "error": "-1",
 "message": "ΔΕΝ ΕΧΕΤΕ ΠΡΟΣΒΑΣΗ ΣΤΗΝ ΑΙΤΗΣΗ"
}

4.21. Delete a document

Usually in order to delete an image a DELETE is enough, if the image is inserted the same day and supports deleting. System generated documents cannot be deleted. Contact the issue department in order to remove an incorrect documents that the user cannot delete.

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
-X DELETE "https://gateway.europisti.gr/dev/mtr-api/resources/applications/123456789/documents/2345678"

On success the system will reply with 204 No Content

Example Error Response
{
 "status": "ERROR",
 "error": "-1",
 "message": "ΔΕΝ ΕΧΕΤΕ ΠΡΟΣΒΑΣΗ ΣΤΗΝ ΑΙΤΗΣΗ"
}

5. Policies

Overview

The following API endpoints can be used to programmatically search and retrieve policies

Available actions are:

Search for

Returns a list of policies for the search criteria. Can be paged if start and limit request parameters is used.

Retrieve one

Retrieve a policy.

Issue renewal application by charging user

Issue an application if it is possible for the user to charge his/her account.

Payment Notification

Create a payment notification document from a renewal application in PREPAY status.

List documents

Returns a list of documents for the specific policy.

Retrieve a document

Retrieve a document by id.

Retrieve as file

Retrieve as binary image a specific document.

List greencards

Returns a list of greencards for a policy

Greencard template

Greencard request template

Create greencard

Create a new greencard

Retrieve a greencard

Retrieve a greencard document

Status of a policy and possible next actions:

02

cancelled policy

06

policy in force (if policyEndDate is in future)

10

policy in ammendment mode

46

renewal application in prepay, next steps are getNotification or issueCharge or cancel

5.1. Search for

In order to search for user’s policies, a GET request must be submitted to the resource. The response is a JSON array of search result rows.

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Parameters
Name Required Description Default Size Example

start

optional

starting row number, used for paging

1

1

limit

optional

result page size, max rows, used for paging

20

5000

20

clientName

optional

starting letters of client’s last name, usually greek capital letters, url encoded if not ascii chars

20

ABC

clientAfm

optional

client’s tax number

9

012345678

plateNo

optional

plate number, greek capital letters and numbers, url encoded

15

%CE%91%CE%92%CE%961234

statusCode

optional

policy’s status

2

46

policyNo

optional

policy’s number

10

123456789

applicationNo

optional

application’s number

10

1234567890

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
"https://gateway.europisti.gr/dev/mtr-api/resources/policies?start=1&size=100&statusCode=46"
Example Response
[
 {
  "agentCode": "string",
  "agentTitle": "string",
  "applicationDate": "string",
  "applicationNo": "string",
  "branchCode": "string",
  "branchTitle": "string",
  "clientAfm": "string",
  "clientCode": "string",
  "clientName": "string",
  "id": number,
  "payFrequencyInMonths": number,
  "plateNo": "string",
  "policyEndDate": "string",
  "policyNo": "string",
  "policyStartDate": "string",
  "rowNo": number,
  "statusCode": "string",
  "statusTitle": "string"
 }
]

5.2. Retrieve one

In order to return a policy when policy id is known, a GET request must be submitted to the resource followed by the policy id. In case the policy exists and the user has the rights to display, a success 200 Success response status with entity details or a 400 Bad request response status with an error entity describing the error condition will be returned.

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
-X GET "https://gateway.europisti.gr/dev/mtr-api/resources/policies/123456789"
Example Error Response

A typical error entity is:

{
 "status": "ERROR",
 "error": "-1",
 "message": "ΔΕΝ ΕΧΕΤΕ ΠΡΟΣΒΑΣΗ ΣΤΗΝ ΑΙΤΗΣΗ"
}
Example Success Response
{
 "agentCode": "0000",
 "agentTitle": "ΧΧΧΧΧΧΧΧΧΧΧΧ",
 "amendmentIssueDate": "2019-05-30",
 "amendmentNo": 234567,
 "applicationDate": "2018-09-27",
 "applicationMessages": [
  {
   "id": "1",
   "description": "Προστέθηκε η έκπτωση οικογενειακού αυτοκινήτου."
  },
  {
   "id": "2",
   "description": "Απαιτείται πιστοποίηση έδρας του ασφαλισμένου. Πρέπει να επισυνάψετε Άδεια Κυκλοφορίας ή Λογ/σμο Κινητής Τηλ/νιας ή Εκκαθ.Εφορίας."
  }
 ],
 "applicationNo": "000000000",
 "bonusMalus": -2,
 "branchCode": "10",
 "branchTitle": "ΑΥΤΟΚΙΝΗΤΩΝ",
 "bundleCode": "216",
 "bundleTitle": "BASIC 200",
 "client": {
  "addressCity": "ΧΧΧΧΧΧΧΧΧ",
  "addressPostcode": "00000",
  "addressStreet": "ΧΧΧΧΧΧΧΧΧΧΧΧΧ",
  "afm": "000000000",
  "birthdate": "1982-06-13",
  "doyCode": "0000",
  "doyTitle": "ΧΧΧΧΧΧΧΧΧΧΧ",
  "fathersName": "ΧΧΧΧΧΧΧΧΧΧΧ",
  "firstName": "ΧΧΧΧΧΧΧΧΧ",
  "genderCode": "1",
  "genderTitle": "ΑΝΔΡΑΣ",
  "jobCode": "000",
  "jobTitle": "ΧΧΧΧΧΧΧΧΧΧΧΧΧΧΧΧ",
  "lastName": "ΧΧΧΧΧΧΧΧΧΧΧΧ",
  "mobile": "6980000000",
  "personTypeCode": "01",
  "personTypeTitle": "ΦΥΣΙΚΟ ΠΡΟΣΩΠΟ",
  "phone": "1234567890"
 },
 "covers": [
  {
   "coverCode": "001",
   "coverTitle": "Σωματικές Βλάβες Τρίτων και Επιβαινόντων (ανά θύμα)",
   "insuredValue": 1220000,
   "deductible": 0,
   "netPremium": 0000,
   "grossPremium": 00000
  },
  {
   "coverCode": "002",
   "coverTitle": "Αστική Ευθύνη εντός Φυλασσομένων χώρων, Ferry, Εξωτερικό",
   "insuredValue": 0,
   "deductible": 0,
   "netPremium": 0000,
   "grossPremium": 0000
  },
  {
   "coverCode": "011",
   "coverTitle": "Υλικές Ζημιές Τρίτων (ανά ατύχημα)",
   "insuredValue": 1220000,
   "deductible": 0,
   "netPremium": 0000,
   "grossPremium": 0000
  },
  {
   "coverCode": "060",
   "coverTitle": "Φροντίδα Ατυχήματος Inter Partner Assistance",
   "insuredValue": 0,
   "deductible": 0,
   "netPremium": 0000,
   "grossPremium": 0000
  },
  {
   "coverCode": "065",
   "coverTitle": "Προστασία B/M και κάλυψη Υ. Ζ. από Ανασφ. όχημα έως 30.000 ευρώ",
   "insuredValue": 0,
   "deductible": 0,
   "netPremium": 0000,
   "grossPremium": 0000
  },
  {
   "coverCode": "070",
   "coverTitle": "Ρυμούλκηση από Ατύχημα Inter Partner Assistance",
   "insuredValue": 0,
   "deductible": 0,
   "netPremium": 0000,
   "grossPremium": 0000
  }
 ],
 "discounts": [
  {
   "id": 131,
   "title": "Έκπτωση οικογενειακού οχήματος",
   "discount": 5
  }
 ],
 "driverBirthYear": 1982,
 "driverLicenceDate": "2002-08-08",
 "driverLicenceTitle": "ΕΡΑΣΙΤΕΧΝΙΚΟ",
 "driverLicenceType": "2",
 "engineCc": 1286,
 "extraCovers": "070",
 "factoryName": "HYUNDAI",
 "frameNumber": "00000000000",
 "grossWeight": 3500,
 "id": 123456789,
 "insured": {
  "addressCity": "ΧΧΧΧΧΧΧΧΧ",
  "addressPostcode": "00000",
  "addressStreet": "ΧΧΧΧΧΧΧΧΧΧΧΧΧ",
  "afm": "000000000",
  "birthdate": "1982-06-13",
  "doyCode": "0000",
  "doyTitle": "ΧΧΧΧΧΧΧΧΧΧΧ",
  "fathersName": "ΧΧΧΧΧΧΧΧΧΧΧ",
  "firstName": "ΧΧΧΧΧΧΧΧΧ",
  "genderCode": "1",
  "genderTitle": "ΑΝΔΡΑΣ",
  "jobCode": "000",
  "jobTitle": "ΧΧΧΧΧΧΧΧΧΧΧΧΧΧΧΧ",
  "lastName": "ΧΧΧΧΧΧΧΧΧΧΧΧ",
  "mobile": "6980000000",
  "personTypeCode": "01",
  "personTypeTitle": "ΦΥΣΙΚΟ ΠΡΟΣΩΠΟ",
  "phone": "1234567890"
 },
 "insuredValue": 2000,
 "makeCode": "022",
 "makeTitle": "HYUNDAI",
 "manufactureYear": 1998,
 "modelCode": "001",
 "payFrequencyInMonths": 12,
 "pendingMessages": [],
 "plateNo": "ΧΧΧ1234",
 "policyAnniversaryDate": "2019-09-30T23:59:00",
 "policyEndDate": "2019-09-30T23:59:00",
 "policyNo": "000000000",
 "policyStartDate": "2018-09-30T00:00:00",
 "rateCode": "000",
 "rateTitle": "(000) ΧΧΧΧΧΧΧΧΧΧΧΧ",
 "receiptIssueDate": "2018-09-30",
 "receiptNo": 123456,
 "regionCode": "01",
 "regionName": "Αττικής",
 "statusCode": "25",
 "statusTitle": "ΧΡΗΖΕΙ ΑΠΟΣΤΟΛΗΣ ΓΙΑ ΕΓΚΡΙΣΗ",
 "taxableHp": 9,
 "usageCode": "00",
 "usageSubcode": "0",
 "usageTitle": "ΕΙΧ. ",
 "vehicleSeats": 5
}

5.3. Issue renewal by charging user

In order to issue the renewal application immediately and if the user wants and can proceed by charging his account, a PUT with an empty resource is needed on entity URL. On success the api will respond with a 205 Reset status and with Link header for the renewal’s policy document retrieval.

A link is used to express a typed relationship with another resource, where the relation type is defined by RFC 5988
Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
-H 'Content-type: application/json' \
-X PUT "https://gateway.europisti.gr/dev/mtr-api/resources/policies/123456789/issueCharge"
Example Success Response Headers
...
link: <https://gateway.europisti.gr/dev/mtr-api/resources/policies/123456789/documents/-987654/image>; rel="document"; title="Policy"; type="application/pdf"
...
Example Error Response
{
    "status": "ERROR",
    "error": "-501",
    "message": "ΑΝΕΝΕΡΓΗ ΔΥΝΑΤΟΤΗΤΑ ΕΙΣΠΡΑΞΗΣ"
}

5.4. Payment Notification

A payment notification document will be created for a renewal application/policy that is in the specific status of prepay. It means that only entites in this status will be able to produce a notification document. If the entity is already issued then only other type of documents can be returned.

This notification document can be produced as many times as the user wants and it is always created with the last entity status and data.

Resource Information

Response formats

binary

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
-X GET "https://gateway.europisti.gr/dev/mtr-api/resources/policies/123456789/notification"
Example Error Response
{
 "status": "ERROR",
 "error": "-1",
 "message": "ΔΕΝ ΕΧΕΤΕ ΠΡΟΣΒΑΣΗ ΣΤΗΝ ΑΙΤΗΣΗ"
}

5.5. List documents

When a GET request is issued on resource, the api will return an array of documents that exist under that policy. The field named id contains the document id that can be used for subsequent operations on that document. Each document metadata consists of the id, the filename of the document the document category and user comments. Maximum file length of an image must be less than 3MB.

Id’s of documents may exist as negative or positive numbers. It is a design feature.
Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
-X GET "https://gateway.europisti.gr/dev/mtr-api/resources/policies/123456789/documents"
Example Response
[
  {
    "fileName": "data.pdf",
    "categoryId": 12,
    "category": "Αντίγραφο Συμβολαίου άλλης Εταιρίας"
  },
  ...
]
Example Error Response
{
 "status": "ERROR",
 "error": "-1",
 "message": "ΔΕΝ ΕΧΕΤΕ ΠΡΟΣΒΑΣΗ ΣΤΗΝ ΑΙΤΗΣΗ"
}

5.6. Retrieve a document

Accessing with GET the resource will return the metadata of the document with an id which is related with the policy. If the reqouest parameter withfile=1 is passed, then the response will also contain the image encoded as BASE64.

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Parameters
Name Required Description Default Max Example

withfile

optional

include file in json response as BASE64 encoded image

0

1

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
-X GET "https://gateway.europisti.gr/dev/mtr-api/resources/policies/123456789/documents/1234"
Example Response
{
  "fileName": "data.pdf",
  "categoryId": 12,
  "category": "Αντίγραφο Συμβολαίου άλλης Εταιρίας"
}
Example Request with added parameter
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
-X GET "https://gateway.europisti.gr/dev/mtr-api/resources/policies/123456789/documents/1234?withfile=1"
Example Response with file
{
  "fileName": "data.pdf",
  "categoryId": 12,
  "category": "Αντίγραφο Συμβολαίου άλλης Εταιρίας",
  "image": "_9j_4AwUC__EFhcYGR..."
}
Example Error Response
{
 "status": "ERROR",
 "error": "-1",
 "message": "ΔΕΝ ΕΧΕΤΕ ΠΡΟΣΒΑΣΗ ΣΤΗΝ ΑΙΤΗΣΗ"
}

5.7. Retrieve as file

Accessing with GET the resource will return the file image of the document which is related with the policy.

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
-X GET "https://gateway.europisti.gr/dev/mtr-api/resources/policies/123456789/documents/2345678"
Example Response
Binary image of the file
Example Error Response
{
 "status": "ERROR",
 "error": "-1",
 "message": "ΔΕΝ ΕΧΕΤΕ ΠΡΟΣΒΑΣΗ ΣΤΗΝ ΑΙΤΗΣΗ"
}

5.8. List greencards

When a GET request is issued on resource, the api will return an empty array or an array of greencards that exist under that policy. On each greencard object of the array, the field named greencardNo contains the greencard number that can be used for subsequent operations on that greencard.

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
-X GET "https://gateway.europisti.gr/dev/mtr-api/resources/policies/123456789/greencards"
Example Response
[
    {
        "comments": "Some comments",
        "driverAddress": "PAPANIKOLAOU 6 15121 PEUKI",
        "driverName": "STERGIADIS VASILEIOS",
        "endDate": "2019-10-21",
        "greencardNo": "9998877",
        "issueDate": "2019-04-11",
        "plateNo": "AAA1204",
        "policyNo": "102345678",
        "startDate": "2019-04-11",
        "statusCode": "1",
        "statusTitle": "OK",
        "vehicleCategory": "A",
        "vehicleType": "DAEWOO"
    },
  ...
]
Example Error Response
{
 "status": "ERROR",
 "error": "-1",
 "message": "Ο ΧΡΗΣΤΗΣ ΔΕΝ ΕΧΕΙ ΠΡΟΣΒΑΣΗ ΣΤΟ ΣΥΜΒΟΛΑΙΟ ME ID 123456789"
}

5.9. Greencard request template

Accessing with GET the resource will return a template for requesting a greencard document. Use this returned object as it is or by manipulating it further, as data payload to create a new greencard by POSTing the resource.

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
-X GET "https://gateway.europisti.gr/dev/mtr-api/resources/policies/123456789/greencards/template"
Example Response
{
    "driverAddress": "PAPANIKOLAOU 6 15121 PEUKI",
    "driverName": "STERGIADIS VASILEIOS",
    "endDate": "2019-10-21",
    "plateNo": "AAA1204",
    "policyNo": "102345678",
    "startDate": "2019-04-11",
    "vehicleCategory": "A",
    "vehicleType": "DAEWOO"
}
Example Error Response
{
 "status": "ERROR",
 "error": "-1",
 "message": "Ο ΧΡΗΣΤΗΣ ΔΕΝ ΕΧΕΙ ΠΡΟΣΒΑΣΗ ΣΤΟ ΣΥΜΒΟΛΑΙΟ ME ID 123456789"
}

5.10. Create a new greencard

POSTing the resource, will initiate the process that creates a new greencard document with MIB Hellas. On succes, the api will reply with a 201 Accepted and the greencard resource in Location header and an entity with the greencard number. Accessing subsequently the returned location, will retrieve the actual document.

Usually a procedure to issue a new greencard is to GET first a template, change (or not) some fields and then POST it as data payload. Fields that can change are driverName, driverAddress, the dates and the comments field for adding more drivers.

Beware that because this is a multi remote systems process, errors and delays might happen.
Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
-H 'Content-Type: application/json' \
-X POST "https://gateway.europisti.gr/dev/mtr-api/resources/policies/123456789/greencards" \
-d '{
    "driverAddress": "PAPANIKOLAOU 6 15121 PEUKI",
    "driverName": "STERGIADIS VASILEIOS",
    "endDate": "2019-10-21",
    "startDate": "2019-04-11",
    "comments": "DRIVER: PAPAS MICHALIS"
    }'
Example Response
{
    "greencard": "9999999"
}
Example Error Response
{
    "status": "ERROR",
    "error": "-99",
    "message": "H Ημερομηνία Εναρξης Πρ.Κάρτας πρέπει να είναι μεταξύ των 17/04/2019-21/10/2019"
}

5.11. Retrieve a greencard document

Accessing with GET the resource will return the greencard document.

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
-X GET "https://gateway.europisti.gr/dev/mtr-api/resources/policies/123456789/greencards/123456"
Example Response
Binary image of the file
Example Error Response
{
 "status": "ERROR",
 "error": "-1",
 "message": "ΔΕΝ ΕΧΕΤΕ ΠΡΟΣΒΑΣΗ ΣΤΗΝ ΑΙΤΗΣΗ"
}

6. Quotes, Bonus\Malus, Pricing

Overview

The following API endpoints can be used to retrieve a valid prediction of Bonus\Malus and access the pricing subsystem that calculates the precise final insurance policy cost with given parameters.

Available actions are:

Retrieve Bonus\Malus

Retrieve Bonus\Malus prediction for a vehicle and client.

Calculate bundle pricing

Calculate final pricing for one or all available bundle codes.

Calculate proposed bundles pricing

Calculate final pricing for all proposed bundles. It is a curated list of proposed bundles.

6.1. Retrieve Bonus\Malus

With a GET to this resource the api will calculate the minimum bonus/malus that a vehicle can request. This call accepts request parameters.

Upon successful return, a valid BM code is returned which can be used in pricing calculations and application creation.

Some time due to availability of systems external to the api, it may return an error or a retry status.
Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Parameters
Name Required Description Default Max Example

plateNo

required

vehicle’s plate number, greek capital letters, url encoded

0000

%CE%91%CE%92%CE%961234

clientAfm

optional

result page size, max rows, used for paging

012345678

manufactureYear

optional

vehicle’s manufacture year or first registration year in Greece whichever is bigger

2000

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
-H 'Content-type: application/json' \
"https://gateway.europisti.gr/dev/mtr-api/resources/quotes/bonusMalus?plateNo=%CE%91%CE%92%CE%961234"
Example Response
{
  "bm": "-2"
}

6.2. Calculate bundle pricing

With a POST to this resource the api will calculate all the available bundles with details for covers and discounts used in calculation on each bundle using the supplied parameters. Any extra covers must be supplied in the form of space or comma delimited string in the field named extraCovers. An extra cover may be used as a swappable (replacement) cover if the bundle supports it, look at bundle as parameter definition. The coversSwappable map mandatory covers with possible swappables covers defined at bundle layer. Any swappable covers must be supplied in the form of space or comma delimited string in the field named swappableCovers. Any extra discounts must be supplied in the form of space or comma delimited string in the field named discountCodes. IMPORTANT: If bundleCode is supplied then only that bundle will be calculated.

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request for a specific bundleCode
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
-H 'Content-type: application/json' \
-X POST "https://gateway.europisti.gr/dev/mtr-api/resources/quotes/prices" \
-d '{
  "plateNo": "ΑΑΑ1234",
  "clientAfm": "0123456789",
  "firstRegistrationDate": "2021-01-22",
  "regionPostcode": "15121",
  "bundleCode": "213",
  "insuredValue": 10000,
  "bonusMalus" : -2,
  "taxableHp": 10,
  "usageCode": "00",
  "usageSubcode": "0",
  "driverBirthYear": 1967,
  "driverLicenceDate": "1990-01-01",
  "driverLicenceType": "2",
  "payFrequencyInMonths": 12,
  "extraCovers": "070 051",
  "swappableCovers": "161",
  "discountCodes": "07654321",
  "contactwayCode": "0"
}'
Example Request for all bundles
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
-H 'Content-type: application/json' \
-X POST "https://gateway.europisti.gr/dev/mtr-api/resources/quotes/prices" \
-d '{
  "plateNo": "ΑΑΑ1234",
  "clientAfm": "0123456789",
  "firstRegistrationDate": "2021-01-22",
  "regionPostcode": "15121",
  "bundleCode": null,
  "insuredValue": 10000,
  "bonusMalus" : -2,
  "taxableHp": 10,
  "usageCode": "00",
  "usageSubcode": "0",
  "driverBirthYear": 1967,
  "driverLicenceDate": "1990-01-01",
  "driverLicenceType": "2",
  "payFrequencyInMonths": 12,
  "extraCovers": "070 051",
  "swappableCovers": "161",
  "discountCodes": "07654321",
  "contactwayCode": "0"
}'
Example Response
[
  {
    "bundleCode": "213",
    "bundleTitle": "BASIC 200",
    "grossPremium": 250.06,
    "coversIncluded": [
      {
        "coverCode": "001",
        "coverTitle": "ΣΩΜΑΤΙΚΕΣ ΒΛΑΒΕΣ ΤΡΙΤΩΝ ΚΑΙ ΕΠΙΒΑΙΝΟΝΤΩΝ(Ν.489/76)(ΑΝΑ ΘΥΜΑ)",
        "insuredValue": 1220000,
        "deductible": 0,
        "netPremium": 48.26,
        "grossPremium": 72.44
      },
      ...
    ],
  "discounts": [
          {
              "id": 160,
              "title": "Έκπτωση λόγω Ηλεκτρονικής Αποστολής Εγγράφων"
          },
          ...
      ]
  }
]

6.3. Calculate proposed bundles pricing

With a POST to this resource the api will calculate a curated list of proposed bundles with details for covers and discounts used in calculation on each bundle using the supplied parameters. The response will be a list of company’s picked bundles ready with the correct extraCovers and discountCodes needed to minimize invalid inputs and be consistent with company’s portal pricing. Extra information in each package bundle includes the showing order number, preferred bundle, extra covers and discounts used as fields in order to make it easier for application inserting.

Other returning fields include a short bundle site title and bundle site description, display order number and preferred flag.

Proposed bundles currently work only for usage code 00 (I.X.E.)
Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request for a specific bundleCode
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
-H 'Content-type: application/json' \
-X POST "https://gateway.europisti.gr/dev/mtr-api/resources/quotes/prices/proposed" \
-d '{
  "plateNo": "ΑΑΑ1234",
  "clientAfm": "0123456789",
  "firstRegistrationDate": "2021-01-22",
  "regionPostcode": "15121",
  "insuredValue": 10000,
  "bonusMalus" : -2,
  "taxableHp": 10,
  "usageCode": "00",
  "usageSubcode": "0",
  "driverBirthYear": 1967,
  "driverLicenceDate": "1990-01-01",
  "driverLicenceType": "2",
  "payFrequencyInMonths": 12,
  "extraCovers": "070 051",
  "swappableCovers": "161",
  "discountCodes": "07654321",
  "contactwayCode": "0"
}'
Example Response
[
  ...,
    {
        "bundleCode": "213",
        "bundleTitle": "BASIC 200",
        "bundleSiteTitle": "Classic",
        "bundleSiteDescription": "Το πρόγραμμα Basic Plus συν Οδική Βοήθεια",
        "grossPremium": 206.52,
        "coversIncluded": [
            {
                "coverCode": "001",
                "coverTitle": "Σωματικές Βλάβες Τρίτων και Επιβαινόντων (ανά θύμα)",
                "insuredValue": 1220000,
                "deductible": 0,
                "netPremium": 30.52,
                "grossPremium": 45.81
            },
            ...
            {
                "coverCode": "070",
                "coverTitle": "Ρυμούλκηση από Ατύχημα",
                "insuredValue": 0,
                "deductible": 0,
                "netPremium": 0.77,
                "grossPremium": 1.14
            }
        ],
        "discounts": [
            {
                "id": 158,
                "title": "Έκπτωση 5% λόγω ύπαρξης Ασφαλιστικού Γονέα"
            },
            {
                "id": 160,
                "title": "Έκπτωση λόγω Ηλεκτρονικής Αποστολής Εγγράφων"
            }
        ],
        "extraCovers": "070 056 048 050",
        "dicountCodes": "101158",
        "displayOrderNum": 3,
        "isPreferred": 1
    },
    ...
    ]

7. Parameters

The following API endpoints can be used to programmatically retrieve parameters

Overview

All of entity properties that are supposed to be used as input fields, have a method in parameters resource that returns the acceptable values usually with descriptions. All of the methods support a GET request. Available calls are:

Methods
Method Description

…​/parameters/doyCode

Tax offices

…​/parameters/jobCode

Basic jobs for persons

…​/parameters/usageCode

Vehicle usage code

…​/parameters/usageSubcode

Vehicle towing codes as subusage

…​/parameters/personTypeCode

Person legal entity category

…​/parameters/licenceType

Driver’s license type

…​/parameters/makeModelCode

Vehicle’s make and model

…​/parameters/makeCode

Vehicle’s make depenging on usageCode

…​/parameters/modelCode

Vehicle’s model depending on makeCode

…​/parameters/nationality

Person’s nationality

…​/parameters/bundleCode

Available product bundles with covers

…​/parameters/documentCategory

A document’s category

…​/parameters/discountCode

Application/Policy discounts

Guides

Calls that return almost static data are: doyCode, jobCode, usageCode, UsageSubcode, personTypeCode, licenceType and documentCategory

The makeModelCode call should be preferred from individual makeCode and modelCode because it returns in one call all of the data for a specific usageCode.

The bundleCode call is a special call that returns all product bundles with all included covers in the bundle as well as all other covers that can be added additionally. It is designed like this so that it is easy for the front end developer to display covers in a natural way.

7.1. doyCode

Tax offices

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
"https://gateway.europisti.gr/dev/mtr-api/resources/parameters/doyCode"
Example Response
[
  {
   "id": "1101",
   "description": "ΑΘΗΝΩΝ Α"
  },
  ...
]

7.2. jobCode

Basic list of jobs for persons

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
"https://gateway.europisti.gr/dev/mtr-api/resources/parameters/jobCode"
Example Response
[
 {
  "id": "666",
  "description": "ΙΔΙΩΤ.ΥΠΑΛΛ.Γενικά"
 },
 ...
]

7.3. usageCode

Vehicle usage code

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
"https://gateway.europisti.gr/dev/mtr-api/resources/parameters/usageCode"
Example Response
[
  {
   "id": "00",
   "description": "00 ΕΠΙΒΑΤΙΚΑ ΙΔ. ΧΡΗΣΕΩΣ"
  },
  ...
]

7.4. usageSubcode

Vehicle towing codes as subusage

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
"https://gateway.europisti.gr/dev/mtr-api/resources/parameters/usageSubcode"
Example Response
[
  {
   "id": "0",
   "description": "0 ΚΑΜΜΙΑ ΕΠΕΚΤΑΣΗ"
  },
  ...
]

7.5. personTypeCode

Person legal entity category

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
"https://gateway.europisti.gr/dev/mtr-api/resources/parameters/personTypeCode"
Example Response
[
 {
  "id": "01",
  "description": "ΦΥΣΙΚΟ ΠΡΟΣΩΠΟ"
 },
 ...
]

7.6. licenceType

Driver’s license type

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
"https://gateway.europisti.gr/dev/mtr-api/resources/parameters/licenceType"
Example Response
[
  {
    "id": "1",
    "description": "Επαγγελματικό"
  },
  {
    "id": "2",
    "description": "Ερασιτεχνικό"
  }
]

7.7. makeModelCode

Vehicle’s make and model

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Parameters
Name Required Description Default Max Example

usageCode

optional

Vehicle usage code

00

00

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
"https://gateway.europisti.gr/dev/mtr-api/resources/parameters/makeModelCode?usageCode=00"
Example Response
[
 {
    "id": "001",
    "description": "ALFA ROMEO",
    "models": [
            {
               "id": "003",
               "description": "145"
            },
            ...
            ],
    ...
 }
]

7.8. makeCode

Vehicle’s make depending on usageCode.

In order to search for user’s applications, a GET request must be submitted to the resource. The response is a JSON array of search result rows.

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Parameters
Name Required Description Default Max Example

usageCode

optional

Vehicle usage code

00

00

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
"https://gateway.europisti.gr/dev/mtr-api/resources/parameters/makeCode?usageCode=00"
Example Response
[
  {
    "id": "167",
    "description": "ABARTH"
  },
  ...
]

7.9. modelCode

Vehicle’s model depending on makeCode

In order to search for user’s applications, a GET request must be submitted to the resource. The response is a JSON array of search result rows.

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Parameters
Name Required Description Default Max Example

usageCode

optional

Vehicle usage code

00

00

makeCode

optional

Vehicle make code

000

000

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
"https://gateway.europisti.gr/dev/mtr-api/resources/parameters/modelCode?usageCode=00&makeCode=000"
Example Response
[
  {
    "id": "001",
    "description": "ΑΛΛΟ"
  }
]

7.10. nationality

Person’s nationality

In order to search for a user’s applications, a GET request must be submitted to the resource. The response is a JSON array of search result rows.

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
"https://gateway.europisti.gr/dev/mtr-api/resources/parameters/nationality"
Example Response
[
  {
    "id": "AO",
    "description": "ΑΓΓΟΛΑΣ"
  },
  ...
]

7.11. bundleCode

Available product bundles with covers, extra covers to add or swap for included covers in bundles

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Parameters
Name Required Description Default Max Example

postCode

optional

Area post code where vehicle will be stationed

15121

69100

usageCode

optional

Vehicle usage code

00

00

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
"https://gateway.europisti.gr/dev/mtr-api/resources/parameters/bundleCode?postCode=15121&usageCode=00"
Example Response
[
 {
        "bundleCode": "859",
        "bundleTitle": "BASIC 100.",
        "coversIncluded": [
            {
                "id": "001",
                "description": "Σωματικές Βλάβες Τρίτων και Επιβαινόντων (ανά θύμα)"
            },
            {
                "id": "036",
                "description": "Ιδίες Ζημιές απαλ. 300 Ευρώ (και αυτογνώμων αφαίρεση) έως",
            },
            ...
        ],
        "coversToAdd": [
            {
                "id": "044",
                "description": "Car Accident"
            },
            {
                "id": "161",
                "description": "Ίδιες Ζημιές απαλ. 500 Ευρώ έως"
            },
            {
                "id": "162",
                "description": "Ίδιες Ζημιές απαλ. 750 Ευρώ έως"
            },
            ...
        ],
        "coversSwappable": [
            {
                "includedCoverId": "036",
                "includedCoverDescription": "Ιδίες Ζημιές απαλ. 300 Ευρώ (και αυτογνώμων αφαίρεση) έως",
                "swappableCoverId": "161",
                "swappableCoverDescription": "Ίδιες Ζημιές απαλ. 500 Ευρώ έως"
            },
            {
                "includedCoverId": "036",
                "includedCoverDescription": "Ιδίες Ζημιές απαλ. 300 Ευρώ (και αυτογνώμων αφαίρεση) έως",
                "swappableCoverId": "162",
                "swappableCoverDescription": "Ίδιες Ζημιές απαλ. 750 Ευρώ έως"
            }
            ...
        ]
    },
    ...
]

7.12. documentCategory

A document’s category

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
"https://gateway.europisti.gr/dev/mtr-api/resources/parameters/documentCategory"
Example Response
[
  {
    "id": "1",
        "description": "Αίτηση"
  },
  ...
]

7.13. discountCode

Application/Policy discounts

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
"https://gateway.europisti.gr/dev/mtr-api/resources/parameters/discountCode"
Example Response
[
  {
    "id": "213456",
    "description": "Bonus ετήσιου τρόπου πληρωμής"
  },
  ...
]

7.14. contactWayCode

Application/Policy contact ways

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
"https://gateway.europisti.gr/dev/mtr-api/resources/parameters/contactWayCode"
Example Response
[
    {
        "id": "0",
        "description": "Στην Ηλεκτρονική Διεύθυνση (email) που έχω δηλώσει στην παρούσα Αίτηση Ασφάλισης (Προς Επιβεβαίωση)."
    },
    {
        "id": "2",
        "description": "Στην Ταχυδρομική Διεύθυνση που έχω δηλώσει στην παρούσα Αίτηση Ασφάλισης."
    }
]

7.15. indirectAgentCode

Application/Policy indirect agent of agent (original agent that contacts client according to IDD). Returns the list of active agent codes declared working for the current agent.

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Example Request
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
"https://gateway.europisti.gr/dev/mtr-api/resources/parameters/indirectAgentCode"
Example Response
[
    {
        "id": "0123456",
        "description": "Παπαδόπουλος Κωνσταντίνος"
    },
    {
        "id": "0123457",
        "description": "Καρατάσος Γεώργιος"
    }
]

8. Cards

Overview

The following API endpoints can be used to fill an application for an "Asfalistikos Goneas – Lifecard" card.

Available actions are:

Insert a new application

Insert a new application for an "Asfalistikos Goneas – Lifecard" card.

8.1. Insert a new application

With a POST to this resource the api will insert a new application for an "Asfalistikos Goneas – Lifecard" card. The new card will be issued by internal procedures and mailed to the owner.

Resource Information

Response formats

JSON

Requires authentication?

Yes (user context)

Rate limited?

Yes

Fields
Name Description Default Max Example

lastName

Last name

firstName

First name

fathersName

Father’s name

address

Post address, street and possibly number

city

Post city

postCode

Post code

45890

afm

VAT number

012345678

doyCode

Tax office code (parameters)

1120

phone

Phone number

2101234567

mobilePhone

Mobile phone number

6984567890

birthdate

Birthdate in yyyy-mm-dd format

1992-11-31

sex

Sex (1-Male, 2-Female)

1

citizenship

Country ANSI code

GR

passport

Passport number in case there is no VAT number

RW23456

professionCode

Profession code (parameters)

666

email

Email

abc@def.gr

acceptEmail

If customer accepts contact by email (0-no, 1-yes)

1

acceptKinito

If customer accepts contact by mobile phone (0-no, 1-yes)

1

Example Request for an application
curl -H 'X-Api-Key: your_api_key' \
-H 'Authorization: Bearer user_token' \
-H 'Content-type: application/json' \
-X POST "https://gateway.europisti.gr/dev/mtr-api/resources/cards" \
-d '{
      "lastName": "ΠΑΠΑΔΟΠΟΥΛΟΣ",
     "firstName": "ΑΡΙΣΤΟΣ",
   "fathersName": "ΒΑΣΙΛΕΙΟΣ",
       "address": "ΓΕΜΙΣΤΟΥ 1",
          "city": "ΔΡΑΜΑ",
      "postCode": "45890",
           "afm": "012345678",
       "doyCode": "1120",
         "phone": "2101234567",
   "mobilePhone": "6984567890",
     "birthdate": "1992-12-31",
           "sex": "1",
   "citizenship": "GR",
      "passport": RW23456,
"professionCode": "666",
         "email": abc@def.gr,
   "acceptEmail": "1",
  "acceptKinito": "1"
}'
Example Success Response
[
  {
    "id": "213456"
  }
]
Example Error Response
{
  "status": "ERROR",
  "error": "-20060",
  "message": "Λάθος ΑΦΜ!"
}