Lucror Analytics — Reference

External API User Manual

For detailed API documentation and to test the endpoints interactively, visit the Swagger UI: https://data.sqn.lucroranalytics.com/swagger/index.html

01

Authentication using Postman & Swagger

AuthenticateClient Endpoint Documentation

This guide will walk you through the steps to use the AuthenticateClient endpoint using Postman.

Prerequisites

  • Postman installed on your machine. You can download it from here.
  • API base URL. For this guide, we'll assume the base URL is https://data.sqn.lucroranalytics.com

Step-by-Step Guide

Step 1: Open Postman

Open the Postman application on your machine.

Step 2: Create a New Request

  1. Click on the New button in the top left corner.
  2. Select Request from the dropdown menu.

Step 3: Set Up the Request

  1. Set the HTTP method to POST.
  2. Enter the URL for the AuthenticateClient endpoint: 
    https://data.sqn.lucroranalytics.com/data/authenticate/client

Step 4: Set Up the Headers

  1. Click on the Headers tab.
  2. Add a new header with the following details: 
    Key: Content-Type
Value: application/json

Step 5: Set Up the Body

  1. Click on the Body tab.
  2. Select the raw radio button.
  3. Ensure the format is set to JSON.
  4. Enter the following JSON payload: 
    {
  "Username": "[email protected]",
  "Password": "pass****"
}

Step 6: Send the Request

Click on the Send button to send the request.

Step 7: View the Response

After sending the request, you should see a response from the server. If the authentication is successful (HTTP 200), you will receive a JSON response containing the authentication token. Example response:

{
  "Username": "[email protected]",
  "Token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}

If the supplied credentials are incorrect, the endpoint returns HTTP 401 Unauthorized with the body Invalid username or password.. A genuine server-side problem returns HTTP 500 Internal Server Error with the body Unable to authenticate client..

Step 8: Use the Token for Subsequent Requests

Copy the token from the response and use it in the Authorization header for subsequent requests to authenticate your API calls.

  1. Navigate to the Authorization tab in Postman.
  2. Change the type dropdown to Bearer Token.
  3. Paste the token into the Token field.
Key: Authorization
Value: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
02

Data Retrieval Endpoints

Once authenticated, you can use the following GET endpoints to retrieve data. Ensure that the token is included in the Authorization header. Each endpoint has a limit of 10 requests per second.

C-Score Endpoints

Get C-Score for all Issuers for a given date

Endpoint: GET /data/cscore/issuers/start/{startDate}?correlationId={correlationId}

Parameters:

  • startDate: The date for which you want data (format :date yyyy-MM-dd).
  • correlationId (optional): A unique identifier to track requests for troubleshooting.
    eg. {IDENTIFIER_NAME}-{UID} REQ-b5eb8bdf19cd489d89ebf185497b13a9

Description: This endpoint retrieves C-Score data for all issuers for the given date. If you don't provide a correlationId, one will be generated for you in the logs, but it is helpful to include one for tracking.

Response: If the request is successful, a JSON object containing the C-Score data will be returned. In case of an error, appropriate status codes such as 400 Bad Request or 500 Internal Server Error will be returned.

Get C-Score for an Issuer for a given date

Endpoint: GET /data/cscore/issuer/{issuerName}/start/{startDate}?correlationId={correlationId}

Parameters:

  • issuerName: The name of the issuer. (format :text)
  • startDate: The date for which you want data (format :date yyyy-MM-dd).
  • correlationId (optional): A unique identifier to track requests for troubleshooting.
    eg. {IDENTIFIER_NAME}-{UID} REQ-b5eb8bdf19cd489d89ebf185497b13a9

Description: This endpoint retrieves C-Score data for a specific issuer over a given date.

V-Score Endpoints

Get V-Score for all Issuers for a given date

Endpoint: GET /data/vscore/issuers/start/{startDate}?correlationId={correlationId}

Parameters:

  • startDate: The date for which you want data (format :date yyyy-MM-dd).
  • correlationId (optional): A unique identifier to track requests for troubleshooting.
    eg. {IDENTIFIER_NAME}-{UID} REQ-b5eb8bdf19cd489d89ebf185497b13a9

Description: This endpoint retrieves V-Score data for all issuers for the given date.

Get V-Score for an Issuer for a given date

Endpoint: GET /data/vscore/{issuerName}/start/{startDate}?correlationId={correlationId}

Parameters:

  • issuerName: The name of the issuer. (format :text)
  • startDate: The date for which you want data (format :date yyyy-MM-dd).
  • correlationId (optional): A unique identifier to track requests for troubleshooting.
    eg. {IDENTIFIER_NAME}-{UID} REQ-b5eb8bdf19cd489d89ebf185497b13a9

Description: This endpoint retrieves V-Score data for a specific issuer on the provided date.

Bond Score Endpoints (by ISIN)

These endpoints take an ISIN and return the bond's issuer C-Score and the bond V-Scores in a single response. Each response row contains date, isin, issuerName, issuerCScore, inferredCScore (Y/N), bondVScore, and bondVScoreI.

Get Bond Scores for a given ISIN on a single date

Endpoint: GET /data/bond/{isin}/start/{startDate}?correlationId={correlationId}

Parameters:

  • isin: 12-character ISO 6166 ISIN identifying the bond (format :text).
  • startDate: The snapshot date for which you want data (format :date yyyy-MM-dd).
  • correlationId (optional): A unique identifier to track requests for troubleshooting.
    eg. {IDENTIFIER_NAME}-{UID} REQ-b5eb8bdf19cd489d89ebf185497b13a9

Description: Returns the issuer C-Score and bond V-Scores for the supplied ISIN on the supplied snapshot date.

Get Bond Scores for a given ISIN over a date range

Endpoint: GET /data/bond/{isin}/start/{startDate}/end/{endDate}?correlationId={correlationId}

Parameters:

  • isin: 12-character ISO 6166 ISIN identifying the bond (format :text).
  • startDate: Range start date (format :date yyyy-MM-dd).
  • endDate: Range end date (format :date yyyy-MM-dd). Must be on or after startDate, and the range must not exceed 365 days.
  • correlationId (optional): A unique identifier to track requests for troubleshooting.
    eg. {IDENTIFIER_NAME}-{UID} REQ-b5eb8bdf19cd489d89ebf185497b13a9

Description: Returns one row per snapshot date in the supplied range, each containing the issuer C-Score and bond V-Scores for the supplied ISIN.

Throttle and quota: in addition to the global per-IP rate limit (10 requests/second), the bond endpoint enforces a per-user cap of 2,000 distinct ISINs queried within a rolling 1-year window. Re-querying an ISIN already counted in that window does not consume additional quota. Per-request date range may not exceed 365 days.

03

Additional Information

Correlation IDs

These are essential for tracking individual requests through the system for debugging and tracing purposes. Always provide a correlationId if available, as it makes it easier to find and track logs if issues arise.

Date Format

For all endpoints that require date parameters, use the yyyy-MM-dd format.

Authentication

Ensure you have the correct JWT token in your cookies for authorization. If the token is missing or invalid, the system will return an error.

Error Handling

If something goes wrong, the API will return appropriate HTTP status codes:

  • 400 Bad Request: A problem with the request parameters (e.g. invalid ISIN format, end date before start date, or a date range exceeding 365 days on the bond endpoints).
  • 401 Unauthorized: On /data/authenticate/client, the supplied username or password is incorrect. On data endpoints, the bearer token is missing or invalid.
  • 403 Forbidden: The bearer token is missing the HasExternalDataAccess claim.
  • 404 Not Found: On the issuer-name endpoints, no issuer matched the supplied identifier.
  • 429 Too Many Requests: The caller exceeded the per-IP rate limit (10 req/sec) or, on the bond endpoints, the per-user distinct-ISIN quota (2,000 distinct ISINs per rolling 1-year window).
  • 500 Internal Server Error: A general server-side error (including upstream auth-service failures on /data/authenticate/client). This will be logged with details if it occurs.

Logging and Monitoring

The system logs all requests and responses along with any issues encountered. This helps with debugging if anything unexpected happens.