XML module
Introduction
ANVA's insurance platform is the technical heart of our customers' business operations. Leading connectivity between ANVA and the entire application and IT landscape is vital to ensure their business continuity. The XML module is our leading API technology to establish integration based on XML messaging between ANVA and other systems in real time.
The XML module consists of a collection of XML interfaces in the form of APIs to control messaging to and from specific components in ANVA. For example, to view, modify and/or archive or delete data outside ANVA. Reusing data in external applications and returning responses and outcomes can also be arranged with the interfaces of the XML module. The XML module has been available and in use by ANVA customers since 2021. Available user documentation of our XML interfaces can be viewed at the bottom of the page in the 'Attachments' section.
Guidelines for use
You use the XML interfaces to retrieve or write data to ANVA on pre-selected records at a set time. This way you can adequately use that data at another place in your process. For example, showing an overview per relationship, contract, file or claim. The module is not built for performing bulk actions, such as unstructured retrieval of extensive overviews and of multiple groups of records simultaneously. For bulk data retrieval, ANVA offers other solutions, namely through Extract and our Data Platform.
Using the APIs for bulk queries will result in delays to other ongoing processes on the ANVA server and timeouts in handling the XML messages. The handling of an XML message by the ANVA server must be able to take place within 60 seconds or a timeout will occur. The occurrence of a timeout is often an indication that the interfaces are being used improperly or incorrectly. Modifying an XML statement is sometimes the simple solution. In other cases, an approach other than XML messaging via our APIs should be taken.
A rate limiting rule is active in the Web application firewall as of Nov. 28, 2024. The rule means that it is no longer allowed to send more than 3600 requests per minute from the same IP address. If more than 3600 requests per minute are sent anyway, each request will be answered with a 429 Too Many Requests status code and thus the message will no longer be processed. If after an evaluation period of 5 minutes less than 3600 requests per minute are sent, the messages will be processed again.
AWACS module
As of March 1, 2024, the AWACS module will reach end-of-life and its use will no longer be permitted.
To make the transition from the AWACS module to the XML API as easy as possible, we have kept the number of necessary modifications as small as possible. The following modifications will need to be performed before the switch:
- Retrieving an access token based on the OpenID Client
- For authentication purposes, the access token should be included in the header of the XML request
- The AWACS element and the KEY element no longer need to be included in the XML request
Permissions
The XML interface has limited data access control capabilities. When working with a concern environment containing multiple offices, it is the responsibility of the client application to include an office code in the XML message, if necessary. As a result, the query will only process data from the office in question and not from the entire concern.
Attachments
Additional information is available in the PDF documents below.
