Authentication
Securing your requests to the GoWell Insurance Enrollment Web API is crucial. We use API keys to authenticate all API requests.
Obtaining an API Key
To get an API key:
- Sign up for a GoWell developer account at https://developer.gowell-insurance.com
- Once logged in, navigate to the API Keys section
- Click "Generate New API Key"
- Save your API key securely - it won't be displayed again!
Using Your API Key
Include your API key in the Authorization header of all API requests:
Authorization: Bearer YOUR_API_KEY
Example using cURL:
curl -H "Authorization: Bearer YOUR_API_KEY" https://api.gowell-insurance.com/v1/customers
API Key Security
Keep your API key confidential. Never share it or store it in public places, including GitHub repositories. If you believe your API key has been compromised, regenerate it immediately from your developer dashboard.
Environment-Specific Keys
We recommend using different API keys for development and production environments. This practice helps isolate issues and prevents accidental modifications to production data.
Token Expiration
API keys do not expire automatically. However, you can manually revoke and regenerate them at any time from your developer dashboard.
Rate Limiting
Each API key has its own rate limit. Exceeding this limit will result in a 429 Too Many Requests response. See our API Overview for more details on rate limiting.
Permissions
API keys can have different permission levels. When generating a new key, you can choose from:
- Read-only: Can only retrieve data
- Read-write: Can retrieve and modify data
- Admin: Full access, including user management
Ensure you're using an API key with the appropriate permissions for your needs.
Best Practices
- Rotate your API keys regularly
- Use environment variables to store API keys in your applications
- Implement proper error handling for authentication failures
- Monitor API key usage through our developer dashboard
For any issues with authentication, please refer to our FAQ or contact our support team.