Readme Prior Auth
We offer you these Prior Auth developer-focused resources: Guides and API Reference sections.
Sandbox API testing instruction for ORBIT HEALTHCARE
Sandbox testing
You can try our APIs without signing a contract and without any financial obligations by requesting for a sandbox testing environment before using them in your production environment.
- If you have a development platform/console, you can try or test our APIs by downloading our OpenAPI spec.
- To download our OpenAPI spec, go to API Reference>> Prior Authorization V1 Overview >> Download OpenAPI Spec.
- Use a set of secure credentials (these credentials are specific and unique to an API environment and to your company) that we provide you and access our APIs.
- If you do not have a development platform to try or test our APIs, you can create a sandbox, use a set of secure credentials that we provide you, and try our APIs in our interactive Try It interface.
For testing the APIs, you can edit the request body by using our predefined values and send it to view a variety of responses, see examples in Inquiry Sandbox Test Responses and Submission Sandbox Test Responses.
Security and Authorization
Optum uses OAuth2 specification to create a secure connection with our API users, which requires a bearer authorization token to obtain access.
https://sandbox-apigw.optum.com/apip/auth/v2/token
Legend:
sandbox-apigw.optum.com: Base URL/apip/auth/v2/token: Endpoint
The /apip/auth/v2/token/ endpoint allows you to obtain a short-lived Bearer token that must be transmitted with the API requests.
Generate a Prior Auth Bearer token
- Go to Optum developer portal >> API Reference >> Prior Authorization V1 >> click Get Token.
- Enter the following set of secure credentials provided.
client_id: 7HqUgxxrO8TtNLNQDNhQ8llB4e5sQHGeclient_secret: 3qoe2GXibrnTwWvJgrant_type: client_credentials
- Click Try It!.
- Your Bearer token shows in the RESPONSE box below the Try It! box.
- Copy the Bearer token into a notepad for reusing within the Bearer token lifespan.
NOTE
Optum strongly recommends that you carefully guard your API access credentials. Avoid sharing them with others.
BEARER TOKEN LIFESPAN
The lifespan of a Bearer token is one hour (3600 seconds) for both sandbox and production environments.
We recommend automating transactions to use the tokens generated over the token lifespan. Obtaining tokens for each transaction is less efficient and does not improve the security criteria for any transactions.
API components
| API Components | Value |
|---|---|
| Bearer Authorization Token Endpoint | /apip/auth/v2/token |
| Request Method | POST |
| Content-Type Header | Always defaults to application/json |
| Authorization Header | Bearer token to authorization header |
grant_type Field | Always client_credentials |
API testing
To test our APIs in the sandbox or production environment, use the following predefined values .
You can edit the payerId and the Subscriber’s memberId in the request body to view a variety of canned response examples .
Predefined values for API testing
The responses for INQDEMO payerId are based on the memberId sent in the request. The Member ID needs to be one of these values: TST1, TST2, TST3, TST4, TST5, TST6, TST7, TST8, TST9, TST10, or TST11. These work in sandbox and production environments.
Include payerId and umClearingHouseId, and memberId based on the required response. See example.
Canned responses
Please find more canned response examples here: Inquiry Sandbox Test Responses and Submission Sandbox Test Responses.
API health check
Our API has a /healthcheck endpoint to verify that the operating status of the requested API is optimal. It is a ping for the API entry points to ensure that the entry points are accessible; this is the first thing you can do if the API request is not working.
278x215 Prior Authorization Inquiry
- Click 278x215 Prior Authorization Inquiry endpoint.
- Paste the Bearer token that you generated in the generate a Bearer token section, in the Credentials box highlighted in red in the following figure.
- Paste your x12 body in the x12 box highlighted in green in the following figure.
{
"x12": "ISA*00* *00* *ZZ*943207296 *ZZ*INQDEMO *230810*1021*^*00501*916040697*0*P*:~GS*HI*943207296*INQDEMO*20230810*102137*3294199*X*005010X215~ST*278*0001*005010X215~BHT*0007*28*1402448037*20230810*102137~HL*1**20*1~NM1*PR*2*INQDEMO*****PI*INQDEMO~HL*2*1*21*1~NM1*1P*2*Demo Hospital*****XX*1234567890~REF*EI*123456789~N4*Nashville*TN*12345~PER*IC**TE*1112223333*FX*2223334444~HL*3*2*22*1~NM1*IL*1*DOE*JOE****MI*TST2~REF*6P*00000000~DMG*D8*19010101~HL*4*3*EV*0~UM*HS*I*1*11:B~DTP*AAH*D8*20230802~HI*ABK:C34.32~NM1*SJ*2*Demo Hospital*****XX*1234567890~NM1*DN*2*Demo Hospital*****XX*1234567890~REF*ZH*123456789~SE*21*0001~GE*1*3294199~IEA*1*916040697~@@@user^pass"
}
- Enter the
tenantId: 4bb94c18-7283-4a80-919c-a7c64a9c1dcd in the x-optum-tenant-id box highlighted in blue in the following figure. - Click Try It! (highlighted in pink in the following figure).
Prior Auth X12 Endpoint Example
The response for this endpoint shows within the RESPONSE box highlighted in yellow in the preceding figure.
Here is a canned response example for Member ID TST2.
{
"authorizationId": "d536ef2c-be9b-44bc-b9d8-4875dbfe3498",
"inquiry": {
"x12": "ISA*00* *00* *ZZ*INQDEMO *ZZ*943207296 *230810*1021*^*00501*916040697*0*P*:~GS*HI*INQDEMO*943207296*20230810*102137*3294199*X*005010X215~ST*278*0001*005010X215~BHT*0007*49*1402448037*20230810*102137*RD~HL*1**20*1~NM1*PR*2*INQDEMO*****PI*INQDEMO~PER*IC**UR*none~HL*2*1*21*1~NM1*1P*2*DEMO HOSPITAL*****XX*1234567890~REF*EI*123456789~HL*3*2*22*1~NM1*IL*1*DOE*JOE****MI*TST2~REF*6P*00000000~DMG*D8*19010101~HL*4*3*EV*0~UM*HS*I**21:B~HCR*A1*A062951774~REF*BB*A062951774~DTP*102*D8*20230802~DTP*036*D8*20230831~DTP*007*D8*20230801~NM1*DK*2*DEMO HOSPITAL*****XX*1234567890~NM1*71*2*DEMO HOSPITAL*****XX*1234567890~SE*22*0001~GE*1*3294199~IEA*1*916040697~",
"json": {
"submitterTransactionIdentifier": "1402448037",
"payerId": "INQDEMO",
"payerName": "INQDEMO",
"umClearingHouseId": "943207296",
"contactUrl": "none",
"umRequestValidation": null,
"requester": {
"requesterType": "1P",
"organizationName": "DEMO HOSPITAL",
"requesterIdentification": {
"employerIdentificationNumber": "123456789"
},
"npi": "1234567890"
},
"subscriber": {
"lastName": "DOE",
"firstName": "JOE",
"memberId": "TST2",
"dateOfBirth": "19010101",
"supplementalIdentification": {
"groupNumber": "00000000"
}
},
"dependent": {
"supplementalIdentification": {}
},
"patientEventDetail": {
"requestCategoryCode": "HS",
"certificationTypeCode": "I",
"facilityTypeCode": "21",
"facilityCodeQualifier": "B",
"certificationActionCode": "A1",
"reviewIdentificationNumber": "A062951774",
"previousReviewAuthorizationNumber": "A062951774",
"certificationIssueDate": "20230802",
"certificationExpirationDate": "20230831",
"certificationEffectiveDateBegin": "20230801",
"patientEventProviderName": [
{
"entityIdentifierCode": "DK",
"organizationName": "DEMO HOSPITAL",
"identificationCodeQualifier": "XX",
"identifier": "1234567890",
"providerSupplementalInformation": {}
},
{
"entityIdentifierCode": "71",
"organizationName": "DEMO HOSPITAL",
"identificationCodeQualifier": "XX",
"identifier": "1234567890",
"providerSupplementalInformation": {}
}
]
}
}
}
}
For more canned response examples, see Inquiry Test Response.
Alternatively, to view the example response for a 200 Success, click 200 under the Responses section highlighted in black in the above figure.
IMPORTANT
The Prior Auth APIs are accessible in both the Production and Sandbox environments until our team removes the customer’s ID at the end of the contract period.
NEED HELP?
If you have a specific question and need a separate call:
- reach out to sales @ Prior Autorization team
or
- send us a message Here
or
- for other modes of communication, review our )support and escalation guide
or
- visit our interactive developer community and sign up to access several learning resources
Updated 1 day ago