Technical Documentation

Emerald Bay provides three methods to deliver data to us. These include SFTP, API and a web console. Each of these methods requires an initial setup, and our technical staff can assist with whatever methods are best for your organization.

SFTP

You must provide an SSH public key to enable SFTP. Below is a sample SSH key:

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC157w3YMsbY0Lteur4KItG0lvdJeSSJoFrBTZHR8t6Gm/LY7UqhDgBOHNFfgS0U+Jq4BoW62QAHnnqdJYOyuBHMRS5+vnHc9pDdb2le50Aj7Nk4MB/qxBFSPEyB/rsKpWbhKuNmeROVjOipOnlYW3sBAmb4Nd8dFqHv/1bwfesuCRjwgAaYcZ4KztAmXfYdbYrcheQXx2QHG7q4HsrQLs+S6l8dK8dwYfVytrgOtEuHEJRrF8ydqsogCp/BhwBjLuUSQUdT9DR84tf6QnnRwyIqC9I+KHOYj49k/hUUigwF3Bp/SIknYXBZamiWoUc5kTywCFO0OKUOQfdo75R0hoEkhbbdN2QTErDA0u+l6eAjYA1EkzbI0ZPpYaZoqsY16QdKpwEawmIlstNzHzC4kcKyOyvon7MWhv19n9d1+RKHapuqH02gkaTEBb7OKJmjEhoV6oPOi9FXDFYQuE/O9InnqT8ay5OSUz3a0RHKlsIkyRwe/saqRNuHEYcCUEaDtHGD717zGlki24xptnlumylLa8hf0VtsuKv2ExfQoFyXdVAQjPkmaWvMhOm9Qjk8WppuJM3OywD7ZT/J2XmmKD9Gr6AoaXtyH/4KsRtjHBzp9lQwyCCLWvR76D68SdtmavzZMLlxhrcFHXy5wE3A3CaDDrCB2IFWZVINVSS26WlIQ== your_email@example.com

You can generate a key pair from a terminal in Mac or Linux, or Powershell in Windows 10/11, by issuing the following command:

ssh-keygen -t rsa -b 4096 -C "your_email@example.com"

Once the public key has been provided (make sure to only send the public key), you will be provided a username with which to use to connect and the names of specific folders to upload data into depending on the file contents.

Web Console

The portal is at https://partner-portal.emeraldbayrisk.com and requires pre-registration to be done by EBRS technical personnel. Upon logging in, there will be two tabs. The main tab requires you to choose the data type (the options will be pre-configured, such as policy or claims), month and year of the data using the provided inputs. The Other tab is simply to upload other types of files to us securely. Files can be overwritten but not downloaded or deleted.

API

1. Send a POST to https://partner-api-auth.emeraldbayrisk.com/oauth2/token with a Content-Type of application/x-www-form-urlencoded and a body that contains the following three fields url-encoded:

"grant_type" -> "client_credentials"
"client_id" -> Your provided client ID from EBRS
"client_secret" -> Your provided client secret from EBRS

The response will be formatted like this:

{
                  "access_token": "eyJraWQiOiJFV1......",
                   "expires_in": 3600,
                  "token_type": "Bearer"
}

Access tokens last an hour. To receive a new token, simply re-run the POST operation above. Using refresh tokens is not necessary.

2. To send records, send a POST request to
https://api.emeraldbayrisk.com/partner/v1/programs/send-records with a Content-Type of application/json, and an Authorization header including
"Bearer #access-token-from-previous-step#" and a body that looks similar this:

{
   "destination": "sandbox",
    "datatype": "policy_bdx",
    "records": [
                                    {"Program": "H03", "PolicyNumber": 12345...},
                                    {"Program": "H03", "PolicyNumber": 23456...}
                  ]
}

Field definitions:
destination: Either "production" or "sandbox". Accounts will initially be provided sandbox access to verify the incoming data, then production will be enabled. Simply changing this field is all that is necessary when transitioning to production.
data_type: Something like "claims_bdx", "policy_bdx" or “policy_daily”. This will be provided by EBRS.
records: A list of objects, each representing a record being uploaded.

 Records must be json data, and every record is expected to have the same fields. Expected fields will be agreed upon during on-boarding. The max POST size is 10MB. All data for a BDX or daily feed must fit inside a single POST. If you have data that exceeds this size, please contact us before proceeding. Do not send a single data set in more than one POST.

These are all the responses from the api:

  • Status Code 200: { "status": "SUCCESS", "message": "Records received." }

  • Status Code 400: {'status':'ERROR','message': 'Invalid Content-Type. Only application/json is allowed.'}

  • Status Code 400: {'status':'ERROR','message': 'Error in records.'}

  • Status Code 401: {'status':'ERROR','message': 'Profile not found.'}

  • Status Code 401: {'status':'ERROR','message': 'Error in profile.'}

  • Status Code 401: {'status':'ERROR','message': 'Error in data types.'}

  • Status Code 401: {'status':'ERROR','message': 'Error authorizing data type.'}

  • Status Code 401: {'status':'ERROR','message': 'Error in access.'}

  • Status Code 401: {'status':'ERROR','message': 'Error authorizing destination.'}

  • Status Code 500: {'status':'ERROR','message': 'Error saving records.'}