# API 💻 ## Postman Collection [![](https://run.pstmn.io/button.svg)](https://www.postman.com/cardscan/workspace/cardscan-workspace/collection/17501274-09778b26-c4e7-47af-bec2-a338f8b38f57?action=share\&creator=17501274) ## OpenAPI Specification The complete OpenAPI 3.0 specification for the CardScan API is available at: Use this specification to: * Generate API clients in any language * Import into API testing tools * View detailed schema definitions * Integrate with development tools ## Testing vs Production After creating an account you can access the test API endpoints on our sandbox server: {% embed url="" %} This endpoint is identical to our production endpoint but **does not allow PHI** and only returns dummy card results. Once you have signed our **Business Associate Agreement (BAA)** you will be able to access the production server: {% embed url="" %} ## Admin Endpoints The admin endpoints are designed for managing access tokens within our system. These endpoints can only be called using a valid API key. They provide a secure way to generate and manage tokens, ensuring that only authorized users can access sensitive data and functionalities. ### Get Access Token `GET` `https://sandbox.cardscan.ai/v1/access-token` This endpoint generates the JSON Web Token (JWT) for a web or mobile user #### Query Parameters | Name | Type | Description | | -------- | ------ | ------------------------------ | | user\_id | String | Unique identifier for the user | {% tabs %} {% tab title="200" %} ```json { "IdentityId": "us-east-1:0236cb77-ac53-460d-ba39-60b186af2897", "Token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c" } ``` {% endtab %} {% tab title="401" %} ```json { "message": "Unknown authorization error - please check your token format and try again", "type": "Unauthorized", "code":401 } ``` {% endtab %} {% tab title="403" %} ```json { "message": "API Key is not registered", "type": "Unauthorized", "code": 401 } ``` {% endtab %} {% endtabs %} This endpoint generates a short-lived session token that the web/mobile user will use to directly authenticate with CardScan's servers. See the [Authentication](https://docs.cardscan.ai/authentication#end-user) page for more details. {% hint style="danger" %} This function takes an optional `user_id` which **must be unique** between your users. {% endhint %} See [Authentication](https://docs.cardscan.ai/authentication#end-user) for code examples. *** ## Insurance Card Scanning Endpoints ### Create Card `POST` `https://sandbox.cardscan.ai/v1/cards` Creates a card object to initiate the scanning process and will be used for generating upload endpoints. #### Request Body | Name | Type | Description | | ---------------------- | ------- | ---------------------------------------------------------------------------------------------------------------------------------------------------- | | enable\_backside\_scan | boolean |

Enabled scanning of both sides of the insurance cards. Important for eligibility checks and prior auth.

Default: False

| | enable\_livescan | boolean |

Allows the card to process multiple updates per side. Required for live scanning.

Default: False

| {% tabs %} {% tab title="201: Created Successful Operation" %} ```json { "card_id": "171d11c4-9154-4f2f-b4ca-0fb610abe05e", "state": "pending", "created_at": "2024-02-05 15:50:14.856792" } ``` {% endtab %} {% tab title="400: Bad Request Bad Request" %} ```json { "message": "enable_backside_scan must be a boolean", "type": "Bad Request", "code": 400 } ``` {% endtab %} {% endtabs %} {% tabs %} {% tab title="Curl" %} ```bash curl --location 'https://sandbox.cardscan.ai/v1/cards' \ --header 'Content-Type: application/json' \ --header 'Authorization: Bearer endusertokenXXX' \ --data '{ "enable_backside_scan": true }' ``` {% endtab %} {% endtabs %} ### Generate Upload Url `POST` `https://sandbox.cardscan.ai/v1/cards/:card_id/generate-upload-url` Generates a URL and signed payload to enable direct image upload to AWS S3. #### Path Parameters | Name | Type | Description | | ------------------------------------------ | ---- | -------------------------------------------- | | card\_id\* | UUID | For the card entity to link the upload with. | #### Request Body | Name | Type | Description | | --------------------------------------------- | ---- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | orientation\* | Enum |

'front' - the front face of the insurance card, often containing the name, member\_id, etc.

'back' - the back side of the card, often containing the claims address, and various phone number.

| {% tabs %} {% tab title="200 Successful Operation" %} ```javascript { "card_id": "4c901279-622f-485f-85cc-aad1f12c2d8e", "upload_url": "https://cardscan-sandbox.s3.amazonaws.com/", "upload_parameters": { "key": "4c901279-622f-485f-85cc-aad1f12c2d8e", "x-amz-algorithm": "AWS4-HMAC-SHA256", "x-amz-security-token": "BADCAFEb3JpZ2sddsfdsfrIAiACLcnulBVymY22qkf3M8XDvlhXweRzDe8V95X73BextSqDAgiU//////////8BEAAaDDUzNTc5NTY3OTQ2NiIM1ZoFizA0PWXBXfiWKtcBVOcw4ss3VbqdPFO7OTJmxuPLUnPKNbsMaRF5sNEsqecP74+mucNgjAwigvQM3K0Bb/WqTsmGIkGXT7p+St1XpyB9nY+nVE1cVgtkggwU4UDXhBpnZLhQIE5fLjEBU+X0Gwd7WVXJdwXFa5iD+EwsQU2aJihBc1tdxYXmIZIkMQ1UXdFPbRc1vX4wcDgzrfbvT5749d1rOh5u9mKxTNc7z/1G4aYswrODlh5N/hSamcKGlaC/wwxrv8gwY64QEp/nQkUuTdrKPSrQRUb7Z5Fj7m8erRixTtYI2rOfAl5Cl", "x-amz-credential": "FAKEKEYSDONOTUSEXZYABC/20210413/us-east-1/s3/aws4_request", "x-amz-date": "20210413T210019Z", "policy": "eyJleHBpcmF0aW9uIjogIjIwMjEtMDQtMTNUMjI6MDA6MTlaIiwgImNvbmRpdGlvbnMiOiBbeyJidWNrZXQiOiAiY2FyZHNjYW4tc2FuZGJveCJ9LCB7ImtleSI6ICI0YzkwMTI3OS02MjJmLTQ4NWYtODVjYy1hYWQxZjEyYzJkOGUifSwgeyJ4LWFtei1hbGdvcml0aG0iOiAiQVdTNC1ITUFDLVNIQTI1NiJ9LCB7IngtYW16LWNyZWRlbnRpYWwiOiAiQUtJSEFMUk9CSVZGTkZYWllBQkMvMjAyMTA0MTMvdXMtZWFzdC0xL3MzL2F3czRfcmVxdWVzdCJ9LCB7IngtYW16LWRhdGUiOiAiMjAyMTA0MTNUMjEwMDE5WiJ9XX0=", "x-amz-signature": "40da5a6814f646d9ded38539e37d6badcafe808494b04c76d37ccc89a3e5d34d" } } ``` {% endtab %} {% tab title="400 Invalid parameters" %} ```javascript { "message": "expiration must be between 100 and 3600", "type": "Bad Request", "code": 400 } ``` {% endtab %} {% tab title="401 Missing token or other error" %} ```javascript { "message": "Unknown authorization error - please check your token format and try again", "type": "Unauthorized", "code": 401 } ``` {% endtab %} {% tab title="403 Bad or expired token" %} ```javascript { "message": "Token is expired", "type": "Authentication Timeout", "code": 419 } ``` {% endtab %} {% endtabs %} {% hint style="info" %} The S3 URL only supports HTTP **POSTs**, not PUTs. {% endhint %} The `upload_parameters` may change at any time, please make sure to not hardcode the list in any POST command. {% tabs %} {% tab title="Curl" %} ```bash curl --location 'https://sandbox.cardscan.ai/v1/cards/9d709b16-3807-4fc9-b176-4409241beab5/generate-upload-url' \ --header 'Content-Type: application/json' \ --header 'Authorization: Bearer endusertokenXXX \ --data '{ "orientation": "back" }' ``` {% endtab %} {% tab title="Javascript" %} ```javascript // The JS client wraps generate-upload-url in with the file upload functionality. const client = new CardScanApi({ sessionToken:token, live: false }); client.uploadCardImage(file) .then((cardId) => { //update UI. }) .catch((error) => { //retry or update UI }); ``` {% endtab %} {% tab title="Swift" %} ```swift // The swift client wraps generate-upload-url with the file upload functionality. let apiClient = CardScanAPIClient(userToken: userToken, live: false) apiClient.uploadCardImage(image: image) { result in switch result { case .failure(let error): //check error, retry, update UI. print("uploadCardImage error \(error)") case .success(let cardId): //update UI for success! } } ``` {% endtab %} {% endtabs %} {% hint style="warning" %} Image uploads have a **maximum** size of 50MB and a **minimum** of 5KB. {% endhint %} ### List Scanned Cards `GET` `https://sandbox.cardscan.ai/v1/cards` #### Query Parameters | Name | Type | Description | | ------ | ------- | --------------------------------------------------------------------------------------------------- | | cursor | string | Used to paginate through results when count is greater that limit. | | limit | integer |

Count of cards to return.

Default: 50

Max: 200

| {% tabs %} {% tab title="200 Successful Response" %} ```javascript { "cards": [ { "card_id": "1bab2f3c-cfbe-4f22-b480-b389ece57f7e", "state": "pending", "created_at": "2021-07-30 19:56:40.638894+00:00", }, { "card_id": "98405a1e-b367-4b3a-876a-e7886b7e1b69", "state": "processing", "created_at": "2021-07-30 20:26:40.838094+00:00", }, { "card_id": "4c901279-622f-485f-85cc-aad1f12c2d8e", "state": "error", "created_at": "2021-07-30 20:58:50.334343+00:00", "error_message": "Failure during OCR process - [E507]" }, { "card_id": "a1d743ee-3bb9-468d-a2c5-4e33fa0e1c6e", "state": "completed", "created_at": "2021-07-31 18:36:33.567313+00:00", "details": { "group_number": { "value": "98755", "scores": [ "0.9994", "0.9828" ] }, "member_number": { "value": "128845682", "scores": [ "0.9984", "0.9618" ] }, "member_name": { "value": "emily dickinson", "scores": [ "0.9974", "0.8879" ] }, "plan_name": { "value": "unitedhealthcare choice plus", "scores": [ "0.9953", "0.9835" ] }, "plan_id": { "value": "(80840) 911-80708-01", "scores": [ "0.9942", "0.9939" ] } } } ], "response_metadata": { "limit": 4, "next_cursor": "IieuzkckWq0" } } ``` {% endtab %} {% tab title="400 Invalid parameters" %} ```javascript { "message": "limit must be a positve integer and less than 500", "type": "Bad Request", "code": 400 } ``` {% endtab %} {% tab title="401 Missing or invalid token" %} ```javascript { "message": "Unknown authorization error - please check your token format and try again", "type": "Unauthorized", "code": 401 } ``` {% endtab %} {% tab title="403 Token is expired " %} ```javascript { "message": "Token is expired", "type": "Authentication Timeout", "code": 419 } ``` {% endtab %} {% endtabs %} The `next_cursor` field is only present in the `response_metadata` when there are additional results to request. The `completed` card in this example is truncated, for a full card and supported states, please see [Get Card](#get-card) below. {% tabs %} {% tab title="Curl" %} ```bash curl --location --request GET 'https://sandbox.cardscan.ai/v1/cards' \ --header 'Authorization: Bearer endusertokenXXX' ``` {% endtab %} {% tab title="Javascript" %} ```javascript const client = new CardScanApi({ sessionToken:token, live: false }); client.listCards() .then((cards) => { //update UI. }) .catch((error) => { //retry or update UI }); ``` {% endtab %} {% tab title="Swift" %} ```swift let apiClient = CardScanAPIClient(userToken: userToken, live: false) apiClient.listCards(limit: 10) { result in switch result { case .failure(let error): print("listCards error \(error)") case .success(let cards): //update UI } } ``` {% endtab %} {% endtabs %} ### Search Cards `GET` `https://sandbox.cardscan.ai/v1/cards/search` Search through your card records using text queries to find specific cards by member name, payer, plan details, or other extracted information. #### Query Parameters | Name | Type | Description | | ------ | ------- | --------------------------------------------------------------------------------------------------------- | | query | string | **Required.** Search query to match against card data (member names, payer names, plan information, etc.) | | cursor | string | Used to paginate through results when count is greater than limit. | | limit | integer |

Count of cards to return.

Default: 50

Max: 500

| {% tabs %} {% tab title="200 Successful Response" %} ```javascript { "cards": [ { "card_id": "1bab2f3c-cfbe-4f22-b480-b389ece57f7e", "state": "completed", "created_at": "2021-07-30 19:56:40.638894+00:00", "details": { "member_name": { "value": "john doe", "scores": ["0.9974", "0.8879"] }, "payer_name": { "value": "unitedhealthcare", "scores": ["0.9953", "0.9835"] } } } ], "response_metadata": { "limit": 50, "next_cursor": "IieuzkckWq0" } } ``` {% endtab %} {% tab title="400 Invalid parameters" %} ```javascript { "message": "query parameter is required", "type": "Bad Request", "code": 400 } ``` {% endtab %} {% tab title="401 Missing or invalid token" %} ```javascript { "message": "Unknown authorization error - please check your token format and try again", "type": "Unauthorized", "code": 401 } ``` {% endtab %} {% tab title="403 Token is expired" %} ```javascript { "message": "Token is expired", "type": "Authentication Timeout", "code": 419 } ``` {% endtab %} {% endtabs %} {% tabs %} {% tab title="Curl" %} ```bash curl --location --request GET 'https://sandbox.cardscan.ai/v1/cards/search?query=john%20doe&limit=10' \ --header 'Authorization: Bearer endusertokenXXX' ``` {% endtab %} {% tab title="Javascript" %} ```javascript const client = new CardScanApi({ sessionToken:token, live: false }); client.searchCards("john doe", {limit: 10}) .then((cards) => { //update UI. }) .catch((error) => { //retry or update UI }); ``` {% endtab %} {% tab title="Swift" %} ```swift let apiClient = CardScanAPIClient(userToken: userToken, live: false) apiClient.searchCards(query: "john doe", limit: 10) { result in switch result { case .failure(let error): print("searchCards error \(error)") case .success(let cards): //update UI } } ``` {% endtab %} {% endtabs %} ### Get Card `GET` `https://sandbox.cardscan.ai/v1/cards/:cardId` #### Path Parameters | Name | Type | Description | | ---------------------------------------- | ------ | ------------ | | cardId\* | string | UUID of card | {% tabs %} {% tab title="200 Successful response" %} ```javascript { "card_id": "c1b93738-ddc0-4beb-9936-1f93fe0e4279", "state": "completed", "created_at": "2025-04-24 13:58:30.820353+00:00", "details": { "group_number": { "value": "98755", "scores": ["0.995", "0.999"] }, "member_number": { "value": "128845682", "scores": ["0.995", "0.999"] }, "member_name": { "value": "emily dickinson", "scores": ["0.994", "0.998"] }, "dependent_names": [ { "value": "richard dickinson", "scores": ["0.995", "0.999"] } ], "payer_name": { "value": "unitedhealthcare", "scores": ["0.737", "0.999"] }, "payer_id": { "value": "87726", "scores": ["0.995", "0.999"] }, "plan_name": { "value": "unitedhealthcare choice plus", "scores": ["0.967", "0.992"] }, "rx_bin": { "value": "610279", "scores": ["0.995", "0.999"] }, "rx_pcn": { "value": "9987", "scores": ["0.991", "0.999"] }, "rx_issuer": { "value": "(80840) 911-80708-01", "scores": ["0.994", "0.999"] }, "pharmacy_benefit_manager": { "value": "optumrx", "scores": ["0.601", "0.999"] } }, "payer_match": { "cardscan_payer_id": "pay_8otorlr4", "cardscan_payer_name": "UNITEDHEALTHCARE", "score": "0.952", "matches": [ { "clearinghouse": "Availity", "payer_id": "87726", "transaction_type": "professional", "payer_name": "UNITEDHEALTHCARE", "cardscan_payer_id": "pay_8otorlr4", "score": "0.952", "metadata": { "last_updated": "2025-04-07T01:39:42.292212+00:00", "source": "2025-04-06v1.0" } }, { "clearinghouse": "Availity", "payer_id": "87726", "transaction_type": "professional", "payer_name": "UNITEDHEALTHCARE DEFINITY HEALTH PLAN", "cardscan_payer_id": "pay_6lsgc6ns", "score": "0.9", "metadata": { "last_updated": "2025-04-07T01:39:42.292312+00:00", "source": "2025-04-06v1.0" } } ], "change_healthcare": [], "custom": [ { "custom_payer_id": "UHC", "custom_payer_name": "United Healthcare", "custom_payer_name_alt": "United Healthcare Legacy", "score": "1.0", "source": "custom_payer_list_20240212" }, { "custom_payer_id": "UHC", "custom_payer_name": "United Healthcare Oxford", "custom_payer_name_alt": "United Healthcare Legacy", "score": "1.0", "source": "custom_payer_list_20240212" } ] }, "metadata": { "insurance_scan_version": "malbec-1.0", "payer_match_version": "hybrid-1.2" }, "images": { "front": { "url": "https://cardscan-sandbox-uploads-us-east-1.s3-accelerate.amazonaws.com/..." } }, "deleted": false } ``` {% endtab %} {% tab title="400 Invalid UUID" %} ```javascript { "message": "Invalid card_id, the ID must be formatted as a UUID.", "type": "Bad Request", "code": 400 } ``` {% endtab %} {% tab title="401 Missing or invalid token" %} ```javascript { "message": "Unknown authorization error - please check your token format and try again", "type": "Unauthorized", "code": 401 } ``` {% endtab %} {% tab title="403 Token is expired" %} ```javascript { "message": "Token is expired", "type": "Authentication Timeout", "code": 419 } ``` {% endtab %} {% tab title="404 Card not found" %} ```javascript { "message": "No resource found for card_id - a1d743ee-3bb9-468d-a2c5-4e33fa0e1c6a", "type": "Not Found", "code": 404 } ``` {% endtab %} {% endtabs %} Cards returned by this endpoint and the `/v1/cards` endpoint have a state field: | Value | Description | | -------------- | --------------------------------------------------------------------------------- | | **pending** | This card ID has been reserved but a corresponding file has not yet been uploaded | | **processing** | The card is being processed by our ML pipeline. | | **completed** | Card processing is completed and the card `details` are available. | | **error** | An error has occurred, see `error_message` for more details. | | **unknown** | An unknown issue has occurred, please contact support for help. | ![](https://423317997-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MYkGp0C8rvjnJYLAI_u%2F-MgCWKAL5a4fxIzFaXR7%2F-MgCf64OkCcHuY6VvkIn%2Fimage.png?alt=media\&token=3a631637-25a3-4cb6-97e9-25dddcd77996) After being processed by the ML pipeline, each element is labeled and when the probability is above our minimum threshold the results are returned. | Name | Description | Example | | -------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------- | | **group\_number** | The group number identifies the specific benefits associated with the plan. This is missing with some payers and exchange plans. | *98755* | | **member\_number** | A unique identifier for each member and dependent. This is used to verify coverage and arrange payment for services. | *128845682* | | **payer\_name** | The name of the health insurance payer or 3rd party administrator. | *unitedhealthcare* | | **payer\_id** | The payer ID or EDI for the insurance company. This is as written on the card and not matched to a clearing house. | *87726* | |

rx\_bin

rx\_pcn

rx\_group
rx\_id

| These are used to identify how a prescription drug will be reimbursed and where a pharmacy can send a reimbursement claim to |

610279

9987

UHC
12458765

| | **member\_name** | Most often the policyholder, but on some cards this is the dependent the card was issues to. | *Emily Dickinson* | | **dependent\_names** | This is a list of all dependents found on the card. | *Richard Dickinson* | | **plan\_name** | Our best attempt to determine the name of the plan for this card. This is missing on many cards. | *unitedhealthcare choice plus* | | **plan\_id** | An identifier representing the plan associated with this card. | *(80840) 911-80708-01* | | **rx\_issuer** | An identifier representing the prescription plan associated with this card. | *(80840) 911-80708-01* | | **pharmacy\_benefit\_manager** | The pharmacy benefit manager (PBM) that processes prescription claims for this plan. | *optumrx* | | **card\_specific\_id** | A non-specific but prominent identifier found on the card. | *54243* | | **client\_name** | The name of the employer who is contracted with the 3rd party administrator. | *Apple, Inc.* | | **plan\_details** | When available a list of: deductibles, co-pays, co-insurance, PCP name. |

Office: $25

ER: $300

| | **start\_date** | The date when coverage starts. | *04/01/2021* | | **phone\_numbers** | A list of all phone numbers found of the front and back of the card. | 800-400-5251 | | **addresses** | A list of all addresses found on the card. |

UnitedHealthcare

P.O. Box 740800

Atlanta, GA 30374-0800

| ### Response Fields Outside of Details | Name | Description | Example | | ---------------- | ------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------- | | **payer\_match** | Comprehensive payer matching results including clearinghouse matches, custom matches, and confidence scores. | *See* [*Payer Matching*](https://docs.cardscan.ai/advanced-features/payer-matching) *for details* | | **metadata** | API version information including the insurance scan model version and payer match version used. | *{"insurance\_scan\_version": "malbec-1.0", "payer\_match\_version": "hybrid-1.2"}* | | **images** | Signed URLs for accessing the uploaded card images. URLs are valid for 24 hours. | *{"front": {"url": "https\://..."}}* | | **deleted** | Boolean indicating whether this card has been marked as deleted. | *false* | {% hint style="info" %} **Note:** If an element is missing from the `details` object, it means it is either not available on this type of card, or we did not have a high enough confidence to return it. {% endhint %} {% tabs %} {% tab title="Curl" %} ```bash curl --request GET 'https://sandbox.cardscan.ai/v1/cards/a1d743ee-3bb9-468d-a2c5-4e33fa0e1c6e' \ --header 'Authorization: Bearer endusertokenXXX' ``` {% endtab %} {% tab title="Javascript" %} ```javascript const client = new CardScanApi({ sessionToken:token, live: false }); client.getCard(cardId) .then((card) => { //update UI. }) .catch((error) => { //retry or update UI }); ``` {% endtab %} {% tab title="Swift" %} ```swift let apiClient = CardScanAPIClient(userToken: userToken, live: false) apiClient.getCard(cardUUID: cardId) { result in switch result { case .failure(let error): print("getCard error \(error)") case .success(let card): //update UI } } ``` {% endtab %} {% endtabs %} ### Delete Card `DELETE` `https://sandbox.cardscan.ai/v1/cards/:cardId` This will trigger a soft delete of the specified card. #### Path Parameters | Name | Type | Description | | ---------------------------------------- | ------ | ---------------- | | cardId\* | String | UUID of the card | {% tabs %} {% tab title="204" %} {% endtab %} {% tab title="404" %} {% endtab %} {% tab title="403" %} {% endtab %} {% endtabs %} {% hint style="info" %} **Note**: All of the images, ML results, eligibility results, and PHI will be removed, but the card record and performance statistics will remain. {% endhint %} {% tabs %} {% tab title="Curl" %} ```bash curl --request DELETE 'https://sandbox.cardscan.ai/v1/cards/a1d743ee-3bb9-468d-a2c5-4e33fa0e1c6e' \ --header 'Authorization: Bearer endusertokenXXX' ``` {% endtab %} {% endtabs %} ### Flag Card `POST` `https://sandbox.cardscan.ai/v1/cards/:cardId/flag` This endpoint allows you to flag a specific card with a particular type of flag. Flags are used to mark cards for special attention or action. **Path Parameters** | Name | Type | Description | | ---------------------------------------- | ------ | ---------------- | | cardId\* | String | UUID of the card | #### Request Body
NameTypeAllowed valuesDescription
flag_type*String
  • missing_elements
  • incorrect_elements
  • bad_payer_match
  • unreadable_text
  • eligibility_issue
  • other
The flag type used to mark the card
messageStringAn optional message to add additional information
{% tabs %} {% tab title="200 Successful response" %} ```json { "message": "Card flagged successfully" } ``` {% endtab %} {% tab title="400 Flag type required" %} ```json { "message": "flag_type is required", "type": "Bad Request", "code": 400 } ``` {% endtab %} {% tab title="400 Invalid flag type" %} ```json { "message": "Invalid flag_type", "type": "Bad Request", "code": 400 } ``` {% endtab %} {% endtabs %} ## Magic Links ### Generate magic link `GET` `/generate-magic-link` Generates a magic link for the currently authenticated user. The generated token expires in one hour. This endpoint is called by the React Widget when using the [Web To Mobile Handoff](https://docs.cardscan.ai/advanced-features/web-to-mobile-handoff) feature. {% tabs %} {% tab title="200" %} ```json { "magic_link": "https://sandbox.cardscan.ai/v1/validate-magic-link?token=", "token": "", "expires_at": "2024-06-27T03:48:01.049866" } ``` {% endtab %} {% tab title="403" %} ```json { "message": "User is not authorized for this resource", "type": "Access Denied", "code": 403 } ``` {% endtab %} {% endtabs %} {% tabs %} {% tab title="Curl" %} ```bash curl --request GET 'https://sandbox.cardscan.ai/v1/generate-magic-link \ --header 'Authorization: Bearer endusertokenXXX' ``` {% endtab %} {% tab title="Javascript" %} ```javascript const client = new CardScanApi({ sessionToken:token, live: false }); client.generateMagicLink() .then((response) => { // ... }) .catch((error) => { // ... }); ``` {% endtab %} {% endtabs %} ### Validate magic link `GET` `/validate-magic-link?token=` Validates that the provided magic link token is valid and if so, returns an [Access Token](#get-access-token) with limited capabilities. You need to use this endpoint if you want to self-host the [Web To Mobile Handoff](https://docs.cardscan.ai/advanced-features/web-to-mobile-handoff) feature. {% tabs %} {% tab title="200" %} ```json { "IdentityId": "us-east-1:0236cb77-ac53-460d-ba39-60b186af2897", "Token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c" } ``` {% endtab %} {% tab title="400: Invalid token" %} ```json { "message": "Invalid token", "type": "Bad Request", "code": 400 } ``` {% endtab %} {% tab title="410: Expired token" %} ```json { "message": "Token expired - ", "type": "Expired", "code": 410 } ``` {% endtab %} {% tab title="404" %} ```json { "message": "No resource found for token - badtokenbadtok", "type": "Not Found", "code": 404 } ``` {% endtab %} {% endtabs %} {% tabs %} {% tab title="Curl" %} ```bash curl --request GET 'https://sandbox.cardscan.ai/v1/validate-magic-link?token= \ --header 'Authorization: Bearer endusertokenXXX' ``` {% endtab %} {% tab title="Javascript" %} ```javascript const token = "your-magic-token"; fetch(`${baseURL}/validate-magic-link?token=${token}`) .then((res) => res.json()) .then((data) => { setToken(data.Token); // Access token }) .catch((err) => console.log(err)); ``` {% endtab %} {% endtabs %} ## Eligibility Verification Our Eligibility Verification Endpoints offer a seamless way to check the insurance eligibility of patients. They provide real-time verification of coverage details, ensuring accurate and efficient processing of healthcare services. Please see the [#eligibility-verification](#eligibility-verification "mention") page for full details on the product offering. Our Eligibility Verification Endpoints operate similarly to our Insurance Card Scanning Endpoints. Users can create a new eligibility request, which is processed asynchronously. The system updates the record as the state changes, providing real-time insights into insurance coverage and benefits. {% hint style="info" %} **Note:** Currently a completed insurance card scan is required to start the eligibility verification process. {% endhint %} {% openapi src="" path="/eligibility" method="post" %} [cardscan (1).yml](https://423317997-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MYkGp0C8rvjnJYLAI_u%2Fuploads%2F9obKv2uBd5nth7mRMHNH%2Fcardscan%20\(1\).yml?alt=media\&token=95d8f3f6-37cc-496e-a30c-c29b797af735) {% endopenapi %} To create an eligibility request, users must provide subscriber and dependent demographics along with provider details, including a National Provider Identifier (NPI). This information is essential for accurately verifying insurance eligibility. You can locate a providers NPI on the [NPPES NPI Registry](https://npiregistry.cms.hhs.gov/search%23pageStart) search page. {% openapi src="" path="/eligibility/{eligibility\_id}" method="get" %} [cardscan (1).yml](https://423317997-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MYkGp0C8rvjnJYLAI_u%2Fuploads%2F9obKv2uBd5nth7mRMHNH%2Fcardscan%20\(1\).yml?alt=media\&token=95d8f3f6-37cc-496e-a30c-c29b797af735) {% endopenapi %} {% openapi src="" path="/eligibility" method="get" %} [cardscan (1).yml](https://423317997-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MYkGp0C8rvjnJYLAI_u%2Fuploads%2F9obKv2uBd5nth7mRMHNH%2Fcardscan%20\(1\).yml?alt=media\&token=95d8f3f6-37cc-496e-a30c-c29b797af735) {% endopenapi %} ## Health Check Endpoints ### Public Health Check `GET` `https://sandbox.cardscan.ai/v1/ping` A public health check endpoint that returns the service status and feature flags. No authentication required. {% tabs %} {% tab title="200 Successful Response" %} ```json { "timestamp": "2024-02-05T15:50:14.856792Z", "feature_flags": { "enable_advanced_ocr": true, "enable_payer_matching": true } } ``` {% endtab %} {% endtabs %} {% tabs %} {% tab title="Curl" %} ```bash curl --request GET 'https://sandbox.cardscan.ai/v1/ping' ``` {% endtab %} {% endtabs %} ### Authenticated Health Check `GET` `https://sandbox.cardscan.ai/v1/authping` An authenticated health check endpoint that verifies your API key or session token is valid and returns service status. {% tabs %} {% tab title="200 Successful Response" %} ```json { "timestamp": "2024-02-05T15:50:14.856792Z", "authenticated": true, "account_id": "D05BD263-CC9E-437D-9AEE-9846196F18BA" } ``` {% endtab %} {% tab title="401 Missing or invalid token" %} ```json { "message": "Unknown authorization error - please check your token format and try again", "type": "Unauthorized", "code": 401 } ``` {% endtab %} {% tab title="403 Token is expired" %} ```json { "message": "Token is expired", "type": "Authentication Timeout", "code": 419 } ``` {% endtab %} {% endtabs %} {% tabs %} {% tab title="Curl" %} ```bash curl --request GET 'https://sandbox.cardscan.ai/v1/authping' \ --header 'Authorization: Bearer sk_test_cardscan_ai_XXXXXXXXXXXXXXX' ``` {% endtab %} {% endtabs %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.cardscan.ai/api.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.