Environments & Hosts

Know which hostname owns which truth before you wire an integration.

DutyClaims splits human-readable docs from live machine routes on purpose. Use this page to keep sandbox, production, docs-host, and API-host behavior straight before you build auth, webhooks, or deployment pinning around the wrong surface.

Open Quickstart Webhook Setup Raw OpenAPI

Canonical host ownership

Docs host: docs.dutyclaims.com for quickstart guidance, workflows, auth notes, downloads, changelog, and deprecations.
API host: api.dutyclaims.com for live routes, the raw contract, and the API-hosted reference mirror.
Interactive reference: api.dutyclaims.com/reference stays on the API host so route behavior and contract output remain aligned.
Operational release truth: pin the current docs render to the raw contract, downloads, and changelog generated from the same publish flow.

Current release fingerprint

Generated at: Mar 25, 2026, 7:30 PM
Spec hash: ae140b8f3b926d06
Published routes: 81 operations across 68 paths
Latest tracked release: 574ac28 • bypassed checks

Downloads Changelog Raw Changelog

Environment comparison

Environment	Auth default	Webhook posture	What to assume
Sandbox	Managed credentials or sandbox OAuth client credentials when explicitly enabled.	Use environment-scoped endpoints and synthetic webhook tests before going live.	Treat it as an integration proving ground, not a promise that the same auth or capability model is enabled in production.
Production	Managed credentials are the default production model. `Authorization: Bearer` is the safest default.	Register production endpoints only after your handler can verify signatures and persist request IDs.	Only documented production-ready families should be treated as live. Provider-blocked automation remains blocked here too.

Production

Production-ready surface

Clients, claims, financing, litigation, notifications, revenue, webhooks, and reference data are the truthful v1 production surface today.

Open related surface

Sandbox Only

Sandbox-only auth

OAuth client-credentials token issuance is available for sandbox partner integrations. Production access still centers on managed credentials.

Open related surface

Provider Blocked

Provider-gated automation

Diligence and counterparty automation stay explicitly provider-gated until paid external provider activation is complete. The docs keep that boundary visible.

Open related surface

Deployment pinning rules

Use the spec hash and generated timestamp on the docs host when you cut a partner integration release.
Download the SDK, Postman export, and examples only after they match the deployment you intend to target.
Follow the changelog and deprecations surfaces, not commit messages alone, for external contract behavior.
Do not treat preview-host behavior as canonical production behavior for docs or auth.

Useful host-level endpoints

Docs root: https://docs.dutyclaims.com
API reference: https://api.dutyclaims.com/reference
Raw contract: https://api.dutyclaims.com/v1/docs/openapi
Raw deprecations: https://api.dutyclaims.com/v1/docs/deprecations