Glossary

Public ring

Public ring — a term used across the Credicorp public-API documentation. The definition below is written for engineers integrating the /public/v1 ring.

2 min read

/public/v1Path prefix
no authKeyless

What it is

The public ring is the outermost trust tier of the Credicorp API, served under /public/v1. Any caller can reach it with no API key and no OAuth token. It exposes public information — products, the loyalty ladder, published pages — and a small set of safe, validated submissions such as enquiries and cookie consent.

How it stays safe

Without a credential, the ring relies on rate limiting (60 requests per 60 seconds per IP), strict input validation, and server-fixed response shapes. A hard rule underpins it: no per-customer PII ever crosses the public ring. Account data, offers, payments and credit decisions sit behind authentication on the internal ring instead. See the ring explained.

Frequently asked questions

Is the public ring the whole API?

No. It is the unauthenticated outer tier. Authenticated, per-customer operations live on the internal ring and the partner API.

Funding for UK limited companies

Credicorp lends to your company, not to you personally — short-term working capital with no personal guarantee. See what your business could access.