API 💻

Postman Collection

Testing vs Production

After creating an account you can access the test API endpoints on our sandbox server:

This endpoint is identical to our production endpoint but does not allow PHI and only returns dummy card results.

Once you have signed our Business Associate Agreement (BAA) you will be able to access the production server:

Admin Endpoints

The admin endpoints are designed for managing access tokens within our system. These endpoints can only be called using a valid API key. They provide a secure way to generate and manage tokens, ensuring that only authorized users can access sensitive data and functionalities.

Get Access Token

GET https://sandbox.cardscan.ai/v1/access-token

This endpoint generates the JSON Web Token (JWT) for a web or mobile user

Query Parameters

NameTypeDescription

user_id

String

Unique identifier for the user

{
  "IdentityId": "us-east-1:0236cb77-ac53-460d-ba39-60b186af2897",
  "Token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"
}

This endpoint generates a short-lived session token that the web/mobile user will use to directly authenticate with CardScan's servers. See the Authentication page for more details.

This function takes an optional user_id which must be unique between your users.

See Authentication for code examples.


Insurance Card Scanning Endpoints

Create Card

POST https://sandbox.cardscan.ai/v1/cards

Creates a card object to initiate the scanning process and will be used for generating upload endpoints.

Request Body

NameTypeDescription

enable_backside_scan

boolean

Enabled scanning of both sides of the insurance cards. Important for eligibility checks and prior auth.

Default: False

enable_livescan

boolean

Allows the card to process multiple updates per side. Required for live scanning.

Default: False

{
    "card_id": "171d11c4-9154-4f2f-b4ca-0fb610abe05e",
    "state": "pending",
    "created_at": "2024-02-05 15:50:14.856792"
}
curl --location 'https://sandbox.cardscan.ai/v1/cards' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer endusertokenXXX' \
--data '{
    "enable_backside_scan": true
}'

Generate Upload Url

POST https://sandbox.cardscan.ai/v1/cards/:card_id/generate-upload-url

Generates a URL and signed payload to enable direct image upload to AWS S3.

Path Parameters

NameTypeDescription

card_id*

UUID

For the card entity to link the upload with.

Request Body

NameTypeDescription

orientation*

Enum

'front' - the front face of the insurance card, often containing the name, member_id, etc.

'back' - the back side of the card, often containing the claims address, and various phone number.

{
  "card_id": "4c901279-622f-485f-85cc-aad1f12c2d8e",
  "upload_url": "https://cardscan-sandbox.s3.amazonaws.com/",
  "upload_parameters": {
    "key": "4c901279-622f-485f-85cc-aad1f12c2d8e",
    "x-amz-algorithm": "AWS4-HMAC-SHA256",
    "x-amz-security-token": "BADCAFEb3JpZ2sddsfdsfrIAiACLcnulBVymY22qkf3M8XDvlhXweRzDe8V95X73BextSqDAgiU//////////8BEAAaDDUzNTc5NTY3OTQ2NiIM1ZoFizA0PWXBXfiWKtcBVOcw4ss3VbqdPFO7OTJmxuPLUnPKNbsMaRF5sNEsqecP74+mucNgjAwigvQM3K0Bb/WqTsmGIkGXT7p+St1XpyB9nY+nVE1cVgtkggwU4UDXhBpnZLhQIE5fLjEBU+X0Gwd7WVXJdwXFa5iD+EwsQU2aJihBc1tdxYXmIZIkMQ1UXdFPbRc1vX4wcDgzrfbvT5749d1rOh5u9mKxTNc7z/1G4aYswrODlh5N/hSamcKGlaC/wwxrv8gwY64QEp/nQkUuTdrKPSrQRUb7Z5Fj7m8erRixTtYI2rOfAl5Cl",
    "x-amz-credential": "FAKEKEYSDONOTUSEXZYABC/20210413/us-east-1/s3/aws4_request",
    "x-amz-date": "20210413T210019Z",
    "policy": "eyJleHBpcmF0aW9uIjogIjIwMjEtMDQtMTNUMjI6MDA6MTlaIiwgImNvbmRpdGlvbnMiOiBbeyJidWNrZXQiOiAiY2FyZHNjYW4tc2FuZGJveCJ9LCB7ImtleSI6ICI0YzkwMTI3OS02MjJmLTQ4NWYtODVjYy1hYWQxZjEyYzJkOGUifSwgeyJ4LWFtei1hbGdvcml0aG0iOiAiQVdTNC1ITUFDLVNIQTI1NiJ9LCB7IngtYW16LWNyZWRlbnRpYWwiOiAiQUtJSEFMUk9CSVZGTkZYWllBQkMvMjAyMTA0MTMvdXMtZWFzdC0xL3MzL2F3czRfcmVxdWVzdCJ9LCB7IngtYW16LWRhdGUiOiAiMjAyMTA0MTNUMjEwMDE5WiJ9XX0=",
    "x-amz-signature": "40da5a6814f646d9ded38539e37d6badcafe808494b04c76d37ccc89a3e5d34d"
  }
}

The S3 URL only supports HTTP POSTs, not PUTs.

The upload_parameters may change at any time, please make sure to not hardcode the list in any POST command.

curl --location 'https://sandbox.cardscan.ai/v1/cards/9d709b16-3807-4fc9-b176-4409241beab5/generate-upload-url' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer endusertokenXXX \
--data '{   
    "orientation": "back"
}'

List Scanned Cards

GET https://sandbox.cardscan.ai/v1/cards

Query Parameters

NameTypeDescription

cursor

string

Used to paginate through results when count is greater that limit.

limit

integer

Count of cards to return.

Default: 50

Max: 500

{
    "cards": [
        {
            "card_id": "1bab2f3c-cfbe-4f22-b480-b389ece57f7e",
            "state": "pending",
            "created_at": "2021-07-30 19:56:40.638894+00:00",
        },
        {
            "card_id": "98405a1e-b367-4b3a-876a-e7886b7e1b69",
            "state": "processing",
            "created_at": "2021-07-30 20:26:40.838094+00:00",
        },
        {
            "card_id": "4c901279-622f-485f-85cc-aad1f12c2d8e",
            "state": "error",
            "created_at": "2021-07-30 20:58:50.334343+00:00",
            "error_message": "Failure during OCR process - [E507]"
        },
        {
            "card_id": "a1d743ee-3bb9-468d-a2c5-4e33fa0e1c6e",
            "state": "completed",
            "created_at": "2021-07-31 18:36:33.567313+00:00",
            "details": {
                "group_number": {
                    "value": "98755",
                    "scores": [
                        "0.9994",
                        "0.9828"
                    ]
                },
                "member_number": {
                    "value": "128845682",
                    "scores": [
                        "0.9984",
                        "0.9618"
                    ]
                },
                "member_name": {
                    "value": "emily dickinson",
                    "scores": [
                        "0.9974",
                        "0.8879"
                    ]
                },
                "plan_name": {
                    "value": "unitedhealthcare choice plus",
                    "scores": [
                        "0.9953",
                        "0.9835"
                    ]
                },
                "plan_id": {
                    "value": "(80840) 911-80708-01",
                    "scores": [
                        "0.9942",
                        "0.9939"
                    ]
                }
            }
        }
    ],
    "response_metadata": {
        "limit": 4,
        "next_cursor": "IieuzkckWq0"
    }
}

The next_cursor field is only present in the response_metadata when there are additional results to request.

The completed card in this example is truncated, for a full card and supported states, please see Get Card Details below.

curl --location --request GET 'https://sandbox.cardscan.ai/v1/cards' \
--header 'Authorization: Bearer endusertokenXXX' 

Get Card

GET https://sandbox.cardscan.ai/v1/cards/:cardId

Path Parameters

NameTypeDescription

cardId*

string

UUID of card

{
    "card_id": "a1d743ee-3bb9-468d-a2c5-4e33fa0e1c6e",
    "state": "completed",
    "created_at": "2021-07-31 18:36:33.567313+00:00",
    "details": {
        "group_number": {
            "value": "98755",
            "scores": [
                "0.9994",
                "0.9828"
            ]
        },
        "member_number": {
            "value": "128845682",
            "scores": [
                "0.9984",
                "0.9618"
            ]
        },
        "rx_bin": {
            "value": "610279",
            "scores": [
                "0.9979",
                "0.9842"
            ]
        },
        "rx_pcn": {
            "value": "9987",
            "scores": [
                "0.9991",
                "0.9147"
            ]
        },
        "member_name": {
            "value": "emily dickinson",
            "scores": [
                "0.9974",
                "0.8879"
            ]
        },
        "plan_name": {
            "value": "unitedhealthcare choice plus",
            "scores": [
                "0.9953",
                "0.9835"
            ]
        },
        "plan_id": {
            "value": "(80840) 911-80708-01",
            "scores": [
                "0.9942",
                "0.9939"
            ]
        },
        "card_specific_id": {
            "value": "87726",
            "scores": [
                "0.997",
                "0.9592"
            ]
        }
    }
}

Cards returned by this endpoint and the /v1/cards endpoint have a state field:

ValueDescription

pending

This card ID has been reserved but a corresponding file has not yet been uploaded

processing

The card is being processed by our ML pipeline.

completed

Card processing is completed and the card details are available.

error

An error has occurred, see error_message for more details.

unknown

An unknown issue has occurred, please contact support for help.

After being processed by the ML pipeline, each element is labeled and when the probability is above our minimum threshold the results are returned.

NameDescriptionExample

group_number

The group number identifies the specific benefits associated with the plan. This is missing with some payers and exchange plans.

98755

member_number

A unique identifier for each member and dependent. This is used to verify coverage and arrange payment for services.

128845682

payer_name

The name of the health insurance payer or 3rd party administrator.

unitedhealthcare

payer_id

The payer ID or EDI for the insurance company. This is as written on the card and not matched to a clearing house.

87726

rx_bin

rx_pcn

rx_group rx_id

These are used to identify how a prescription drug will be reimbursed and where a pharmacy can send a reimbursement claim to

610279

9987

UHC 12458765

member_name

Most often the policyholder, but on some cards this is the dependent the card was issues to.

Emily Dickinson

dependent_names

This is a list of all dependents found on the card.

Richard Dickinson

plan_name

Our best attempt to determine the name of the plan for this card. This is missing on many cards.

unitedhealthcare choice plus

plan_id

An identifier representing the plan associated with this card.

(80840) 911-80708-01

client_name

The name of the employer who is contracted with the 3rd party administrator.

Apple, Inc.

plan_details

When available a list of: deductibles, co-pays, co-insurance, PCP name.

Office: $25

ER: $300

start_date

The date when coverage starts.

04/01/2021

card_specific_id

A non-specific but prominent identifier found on the card.

54243

phone_numbers

A list of all phone numbers found of the front and back of the card.

800-400-5251

addresses

A list of all addresses found on the card.

UnitedHealthcare

P.O. Box 740800

Atlanta, GA 30374-0800

Note: If an element is missing it means it is either not available on this type of card, or we did not have a high enough confidence to return it.

curl --request GET 'https://sandbox.cardscan.ai/v1/cards/a1d743ee-3bb9-468d-a2c5-4e33fa0e1c6e' \
--header 'Authorization: Bearer endusertokenXXX'

Delete Card

DELETE https://sandbox.cardscan.ai/v1/cards/:cardId

This will trigger a soft delete of the specified card.

Path Parameters

NameTypeDescription

cardId*

String

UUID of the card

Note: All of the images, ML results, eligibility results, and PHI will be removed, but the card record and performance statistics will remain.

curl --request DELETE 'https://sandbox.cardscan.ai/v1/cards/a1d743ee-3bb9-468d-a2c5-4e33fa0e1c6e' \
--header 'Authorization: Bearer endusertokenXXX'

Flag Card

POST https://sandbox.cardscan.ai/v1/cards/:cardId/flag

This endpoint allows you to flag a specific card with a particular type of flag. Flags are used to mark cards for special attention or action.

Path Parameters

NameTypeDescription

cardId*

String

UUID of the card

Request Body

NameTypeAllowed valuesDescription

flag_type*

String

  • missing_elements

  • incorrect_elements

  • bad_payer_match

  • unreadable_text

  • eligibility_issue

  • other

The flag type used to mark the card

message

String

An optional message to add additional information

{
    "message": "Card flagged successfully"
}

GET /generate-magic-link

Generates a magic link for the currently authenticated user. The generated token expires in one hour. This endpoint is called by the React Widget when using the Web To Mobile Handoff feature.

{
    "magic_link": "https://sandbox.cardscan.ai/v1/validate-magic-link?token=<token>",
    "token": "<token>",
    "expires_at": "2024-06-27T03:48:01.049866"
}

curl --request GET 'https://sandbox.cardscan.ai/v1/generate-magic-link \
--header 'Authorization: Bearer endusertokenXXX'

GET /validate-magic-link?token=<magic-token>

Validates that the provided magic link token is valid and if so, returns an Access Token with limited capabilities. You need to use this endpoint if you want to self-host the Web To Mobile Handoff feature.

{
  "IdentityId": "us-east-1:0236cb77-ac53-460d-ba39-60b186af2897",
  "Token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"
}
curl --request GET 'https://sandbox.cardscan.ai/v1/validate-magic-link?token=<token> \
--header 'Authorization: Bearer endusertokenXXX'

Eligibility Verification

Our Eligibility Verification Endpoints offer a seamless way to check the insurance eligibility of patients. They provide real-time verification of coverage details, ensuring accurate and efficient processing of healthcare services.

Please see the Eligibility Verification page for full details on the product offering.

Our Eligibility Verification Endpoints operate similarly to our Insurance Card Scanning Endpoints. Users can create a new eligibility request, which is processed asynchronously. The system updates the record as the state changes, providing real-time insights into insurance coverage and benefits.

Note: Currently a completed insurance card scan is required to start the eligibility verification process.

To create an eligibility request, users must provide subscriber and dependent demographics along with provider details, including a National Provider Identifier (NPI). This information is essential for accurately verifying insurance eligibility.

You can locate a providers NPI on the NPPES NPI Registry search page.

Last updated