Lucror Analytics — Reference

External API User Manual

For detailed API documentation and to test the endpoints interactively, visit the Swagger UI: https://data.sqn.lucroranalytics.com/swagger/index.html

01

Authentication using Postman & Swagger

AuthenticateClient Endpoint Documentation

This guide will walk you through the steps to use the AuthenticateClient endpoint using Postman.

Prerequisites

  • Postman installed on your machine. You can download it from here.
  • API base URL. For this guide, we'll assume the base URL is https://data.sqn.lucroranalytics.com

Step-by-Step Guide

Step 1: Open Postman

Open the Postman application on your machine.

Step 2: Create a New Request

  1. Click on the New button in the top left corner.
  2. Select Request from the dropdown menu.

Step 3: Set Up the Request

  1. Set the HTTP method to POST.
  2. Enter the URL for the AuthenticateClient endpoint: 
    POST https://data.sqn.lucroranalytics.com/data/authenticate/client

Step 4: Set Up the Headers

  1. Click on the Headers tab.
  2. Add a new header with the following details: 
    Key: Content-Type
Value: application/json

Step 5: Set Up the Body

  1. Click on the Body tab.
  2. Select the raw radio button.
  3. Ensure the format is set to JSON.
  4. Enter the following JSON payload: 
    {
  "Username": "email@mail.com",
  "Password": "pass****"
}

Step 6: Send the Request

Click on the Send button to send the request.

Step 7: View the Response

After sending the request, you should see a response from the server. If the authentication is successful (HTTP 200), you will receive a JSON response containing the authentication token. Example response:

{
  "Username": "email@mail.com",
  "Token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}

If the supplied credentials are incorrect, the endpoint returns HTTP 401 Unauthorized with the body Invalid username or password.. A genuine server-side problem returns HTTP 500 Internal Server Error with the body Unable to authenticate client..

Step 8: Use the Token for Subsequent Requests

Copy the token from the response and use it in the Authorization header for subsequent requests to authenticate your API calls.

  1. Navigate to the Authorization tab in Postman.
  2. Change the type dropdown to Bearer Token.
  3. Paste the token into the Token field.
Key: Authorization
Value: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
02

Data Retrieval Endpoints

Once authenticated, you can use the following GET endpoints to retrieve data. Ensure that the token is included in the Authorization header. Each endpoint has a limit of 10 requests per second.

C-Score Endpoints

Score access: access to C-Score data is controlled per account. These endpoints require your account to be enabled for C-Score data; if it is not, the request is rejected with 403 Forbidden.

Get the latest C-Score

Endpoint: GET /data/issuer/cscore/latest?issuer={issuerName}&correlationId={correlationId}

Parameters:

  • issuer optional: The name of the issuer (format :text). Omit to return all eligible issuers.
  • correlationId optional: A unique identifier to track requests for troubleshooting.
    eg. {IDENTIFIER_NAME}-{UID} REQ-b5eb8bdf19cd489d89ebf185497b13a9

Description: Returns C-Score data on the most recent snapshot date that has data — one row per issuer. Omit issuer for all issuers, or supply it to filter to a single issuer.

Get C-Score over a date range (time series)

Endpoint: GET /data/issuer/cscore/timeseries?issuer={issuerName}&start={startDate}&end={endDate}&correlationId={correlationId}

Parameters:

  • issuer optional: The name of the issuer (format :text). Omit to return all eligible issuers.
  • start: Range start date (format :date yyyy-MM-dd).
  • end: Range end date (format :date yyyy-MM-dd). Must be on or after start, and the range must not exceed your account's configured limit (1–365 days; 365 by default).
  • correlationId optional: A unique identifier to track requests for troubleshooting.
    eg. {IDENTIFIER_NAME}-{UID} REQ-b5eb8bdf19cd489d89ebf185497b13a9

Description: Returns one row per (issuer, snapshot date) in the supplied range.

Throttle and quota: the global per-IP rate limit of 10 requests/second applies. On the time-series endpoint, the date range may not exceed your account's configured limit (1–365 days; 365 by default). Unlike the issue endpoints, the C-Score endpoints have no per-user distinct-issuer quota and no cap on the number of issuers per request.

V-Score Endpoints

Score access: access to V-Score data is controlled per account. These endpoints require your account to be enabled for V-Score data; if it is not, the request is rejected with 403 Forbidden.

Get the latest V-Score

Endpoint: GET /data/issuer/vscore/latest?issuer={issuerName}&correlationId={correlationId}

Parameters:

  • issuer optional: The name of the issuer (format :text). Omit to return all eligible issuers.
  • correlationId optional: A unique identifier to track requests for troubleshooting.
    eg. {IDENTIFIER_NAME}-{UID} REQ-b5eb8bdf19cd489d89ebf185497b13a9

Description: Returns V-Score data on the most recent snapshot date that has data — one row per issue (ISIN). Omit issuer for all issuers, or supply it to filter to a single issuer.

Get V-Score over a date range (time series)

Endpoint: GET /data/issuer/vscore/timeseries?issuer={issuerName}&start={startDate}&end={endDate}&correlationId={correlationId}

Parameters:

  • issuer optional: The name of the issuer (format :text). Omit to return all eligible issuers.
  • start: Range start date (format :date yyyy-MM-dd).
  • end: Range end date (format :date yyyy-MM-dd). Must be on or after start, and the range must not exceed your account's configured limit (1–365 days; 365 by default).
  • correlationId optional: A unique identifier to track requests for troubleshooting.
    eg. {IDENTIFIER_NAME}-{UID} REQ-b5eb8bdf19cd489d89ebf185497b13a9

Description: Returns one row per (issue, snapshot date) in the supplied range.

Throttle and quota: the global per-IP rate limit of 10 requests/second applies. On the time-series endpoint, the date range may not exceed your account's configured limit (1–365 days; 365 by default). Unlike the issue endpoints, the V-Score endpoints have no per-user distinct-issuer quota and no cap on the number of issuers per request.

Issue Score Endpoints (by ISIN)

These endpoints take one or more ISINs and return each issue's issuer C-Score and issue V-Scores in a single response. Multiple ISINs may be supplied as a comma-separated list (up to 50 per request). Each response row contains date, isin, issuerName, issuerCScore, inferredCScore (Y/N), issueVScore, and issueVScoreI.

Score access: access to C-Score and V-Score data is controlled per account. The C-Score fields (issuerCScore, inferredCScore) are returned only if your account is enabled for C-Score data, and the V-Score fields (issueVScore, issueVScoreI) only if your account is enabled for V-Score data. If your account is enabled for only one, the fields you are not entitled to are returned as null. If your account is enabled for neither, the request is rejected with 403 Forbidden.

Get Issue Scores over a date range (time series)

Endpoint: GET /data/issue/scores/timeseries?isin={isin}&start={startDate}&end={endDate}&correlationId={correlationId}

Parameters:

  • isin: One or more 12-character ISO 6166 ISINs, comma-separated, up to 50 per request (format :text). e.g. US1234567890,US0987654321.
  • start: Range start date (format :date yyyy-MM-dd).
  • end: Range end date (format :date yyyy-MM-dd). Must be on or after start, and the range must not exceed your account's configured limit (1–365 days; 365 by default).
  • correlationId optional: A unique identifier to track requests for troubleshooting.
    eg. {IDENTIFIER_NAME}-{UID} REQ-b5eb8bdf19cd489d89ebf185497b13a9

Description: Returns one row per (ISIN, snapshot date) in the supplied range, each containing the issuer C-Score and issue V-Scores.

Get the latest Issue Scores

Endpoint: GET /data/issue/scores/latest?isin={isin}&correlationId={correlationId}

Parameters:

  • isin: One or more 12-character ISO 6166 ISINs, comma-separated, up to 50 per request (format :text). e.g. US1234567890,US0987654321.
  • correlationId optional: A unique identifier to track requests for troubleshooting.
    eg. {IDENTIFIER_NAME}-{UID} REQ-b5eb8bdf19cd489d89ebf185497b13a9

Description: Returns the issue scores on the most recent snapshot date that has data across the requested ISINs — one row per ISIN that has data on that date. ISINs with no data on the latest snapshot date are omitted, and an empty array is returned if none of the requested ISINs have data.

Throttle and quota: in addition to the global per-IP rate limit (10 requests/second), the issue endpoints enforce a per-user cap of 2,000 distinct ISINs queried within a rolling 1-year window. Re-querying an ISIN already counted in that window does not consume additional quota; each new ISIN in a request counts once. A maximum of 50 ISINs may be supplied per request, and the time-series date range may not exceed your account's configured limit (1–365 days; 365 by default).

03

Additional Information

Correlation IDs

These are essential for tracking individual requests through the system for debugging and tracing purposes. Always provide a correlationId if available, as it makes it easier to find and track logs if issues arise.

Date Format

For all endpoints that require date parameters, use the yyyy-MM-dd format.

Authentication

Ensure you have the correct JWT token in your cookies for authorization. If the token is missing or invalid, the system will return an error.

Error Handling

If something goes wrong, the API will return appropriate HTTP status codes:

  • 400 Bad Request: A problem with the request parameters (e.g. invalid ISIN format, more than 50 ISINs supplied, end date before start date, or a date range exceeding your account's configured limit on the issue endpoints).
  • 401 Unauthorized: On /data/authenticate/client, the supplied username or password is incorrect. On data endpoints, the bearer token is missing or invalid.
  • 403 Forbidden: Your account is not enabled for the data API; or, on the C-Score endpoints, your account is not enabled for C-Score data; or, on the V-Score endpoints, your account is not enabled for V-Score data; or, on the issue endpoints, your account is enabled for neither C-Score nor V-Score data. (On the issue endpoints, if enabled for only one, the request returns 200 with the score fields you lack set to null.)
  • 404 Not Found: On the C-Score / V-Score endpoints, no issuer matched the supplied issuer value.
  • 429 Too Many Requests: The caller exceeded the per-IP rate limit (10 req/sec) or, on the issue endpoints, the per-user distinct-ISIN quota (2,000 distinct ISINs per rolling 1-year window).
  • 500 Internal Server Error: A general server-side error (including upstream auth-service failures on /data/authenticate/client). This will be logged with details if it occurs.

Logging and Monitoring

The system logs all requests and responses along with any issues encountered. This helps with debugging if anything unexpected happens.