Provider Access API
The Provider Access API enables secure, standards-based access for EHR Systems (consumers) to retrieve relevant member, claims, and prior authorization data from payer systems (producers). The API aligns with CMS-recommended implementation guides, including the CARIN Common Payer Consumer Dataset (CPCDS), HL7® Da Vinci Payer Data Exchange (PDex), and FHIR® Bulk Data. It also leverages data exchange standards such as HL7® FHIR® and SMART Backend Services Authorization.
Capability Statement
Developers can access the Acentra Health FHIR server capabilities for Provider Access API using the CapabilityStatement endpoint:
The capability statement describes the set of capabilities (behaviors) implemented by the FHIR Server to enable the Provider Access API. For example, it describes the enabled profiles, interactions, search parameters and provides information about the authorization and token endpoints.
API Access Setup
FHIR SMART Configuration
Clients can retrieve SMART configuration details by invoking the SMART configuration endpoint at /.well-known/smart-configuration, appended to the FHIR Base URL.
The FHIR Base URL will be provided upon successful App Registration approval.
Getting Access Token
| Section | Key | Value |
|---|---|---|
| HTTP Method | POST | https://sb.fhir.mhbapp.com/sof/oauth2/token |
| HTTP Headers | content-type | application/json |
| accept | application/json | |
| authorization | Basic base 64({client_id}:{client_secret}) | |
| HTTP Body | code | {oauth code} |
| grant_type | authorization_code | |
| redirect_uri | {your_redirect_uri} |
Operations
Acentra Health Interoperability Solution’s Provider Access API supports the following operations
| Operation | Endpoint |
|---|---|
| $attribution-status | https://sb.fhir.mhbapp.com/pra/api/v1/Group/[id]/$attribution-status |
| $davinci-data-export | https://sb.fhir.mhbapp.com/pra/api/v1/Group/[id]/$davinci-data-export |
Profiles
Acentra Health Interoperability Solution’s Provider Access API supports the following profiles
| Profile |
|---|
| Provider Group |
| Prior Authorization |
| Patient |
| Coverage |
| Practitioner |
| Organization |
| Related Person |
| EOB Inpatient Institutional Basis |
| EOB Outpatient Institutional Basis |
| EOB Professional NonClinician Basis |
| EOB Oral Basis |
| EOB Pharmacy Basis |
| Provenance |
Request Headers
All requests for Provider Access API profiles require the following headers
| Header | Value |
|---|---|
| content-type | application/json |
| accept | application/json |
| authorization | Bearer |
Sample Queries and Data
Acentra Health Interoperability Solution’s Sandbox environment provides synthetic but reliable dataset to facilitate testing Provider Access API. The sandbox dataset is representative of real data and ensures consistency across the dataset.
Important Information for EHR Systems
| Topic | Reference |
|---|---|
| CARIN Alliance Code of Conduct | https://www.carinalliance.com/our-work/trust-frameworkand-code-of-conduct/ |
| Privacy, Security and HIPAA | https://www.healthit.gov/topic/privacy-security-and-hipaa |
| ONC Model Privacy Notice | https://www.healthit.gov/topic/privacy-security-and-hipaa/model-privacy-notice-mpn |