Frequently Asked Questions


How do I get my own API key?

  1. Login or register
  2. Go to My Apps
  3. Select Add a new App
  4. Complete App Name field (mandatory)
  5. Select the product (API) you want to use
  6. Select Create App
  7. Your App to be automatically approved for compliance. You'll receive a notification via email that your App has been approved
  8. Select your App
  9. You'll see your API key under the consumer key field

Can I send a request without registering?

Yes you can. As all API requests need an API key, we've made available a "test" API key in certain APIs. It can be used without having to register an account or an application.

The 'test' API key for HCSS is 6HoTt9GsONTE6eli2LGZVa0vVYfJa1VN. You can also find it next to the API key field in Our APIs/specific API/endpoint description.

We'll issue your own compliance API key once you register an app for a one of our APIs.

You must apply for access to production with the ACC Digital Operations team. Use the Contact page to apply. Select "Request production access" in the 'What are you contacting us about'- field. The Digital Operations team will contact you to discuss the process of submitting data to production using your app.

The API you're using determines what this process will involve. We look at: 

  • do you need specific authorisation to an API in production?
  • do we need to talk to another team in ACC to streamline the onboarding process for your customers?
  • Has all the required testing been completed to an acceptable level?
  • How are you communicating the new app benefits to your customers?
  • When will the new app be available to your customers?

No, you can't upload attachments when transferring data.

The requesting Business Unit must identify the target destination of the data and provide the IDE product team with the location of the repository e.g. (I:) Drive

The PETA (PTA) is used at a high level to:

  1. Identify the potential effects that a project or proposal may have upon the privacy of personal information
  2. Identify the potential effects that a project or proposal might have upon the wellbeing of the people involved
  3. Examine how any ethical concerns or detrimental effects on privacy might be mitigated.

The Data Sharing Agreement is a formal agreement between the parties planning to exchange data. It covers what data is being exchanged, the format of the data, using the data exchange as a channel, the reason for exchanging data, the period of the agreement, etc. It provides evidence of consideration by the data sharing parties that they are permitted to share the data cited.

  1. Data Sharing Agreement:
    Data Sharing Agreement must be in place between the parties intending to share data.
  2. Privacy:
    A Privacy Threshold Analysis (PTA) must be undertaken. There are scenarios where one PTA document can cover a group of different scenarios.
  3. Security:
    An addendum to the Security Risk Assessment (SRA) must be approved. The addendum covers the same information as the PTA but it is required for security purposes.
  4. Service Provider:
    The 3rd party must create a connection (Agent) on their platform to transmit data to EightWire’s data exchange platform.

The SIA’s role is to support the social sector to improve decision making. SIA will therefore only get involved if a third party organisation is part of the social sector or is sharing data to improve the wellbeing of New Zealanders.

Each connection has to be configured and setup. This configuration is done by Datacom at a charge of approximately $1000.

Provided the information in the application form is complete, the process to on-board takes approximately seven working days.

The Social Investment Agency (SIA) has undertaken a privacy impact assessment of EightWire’s Data Exchange (DX) which underpins the IDE. The DX has been certified and accredited for the transfer of information classified under the New Zealand Government Security Classification System as SENSITIVE.

If the format of data changes regularly and there is no need for real-time transfers, then IDE would be the most suitable and cost-effective solution. For systems that need real-time, transactional type data transfers, where the format of the data never changes, using Application Programme Interfaces (API’s) instead of the IDE would be more beneficial. To ensure the correct transmission mechanism is selected as per your need, we suggest that you consult with a Solutions Architect..

IDE has been developed to receive data up to sensitive level from any 3rd party.