# CertifyOS API


## Servers

Production
```
https://ng-api-production.certifyos.com
```

Staging (Test Data)
```
https://ng-api-stg.certifyos.com/
```

## Security

### BearerAuth

Type: http
Scheme: bearer
Bearer Format: JWT

## Download OpenAPI description

[CertifyOS API](https://docs.certifyos.com/_bundle/reference/application/api.yaml)

## auth-tokens

### Obtain an access token with a 24-hour expiry.

Contact our support team to request the client_id and client_secret.

 - [POST /auth-tokens/v2/api](https://docs.certifyos.com/reference/application/api/auth-tokens/authtokenscontroller_createapitoken.md): Provides an access token to query the APIs

## credentialing-workflows

### CredentialingWorkflowsController_revertStatus

 - [PATCH /credentialing-workflows/{id}/revert-status](https://docs.certifyos.com/reference/application/api/credentialing-workflows/credentialingworkflowscontroller_revertstatus.md)

### Create Credentialing Note

 - [POST /credentialing-workflows/{id}/notes](https://docs.certifyos.com/reference/application/api/credentialing-workflows/credentialingworkflowscontroller_createcredentialingnote.md): Creates a new note associated with the specified credentialing workflow.

      ### Functionality
      - Adds a user-generated note to a credentialing workflow.
      - Useful for internal communication, tracking decisions, or annotating the process.
      - The note will be associated with the given workflow ID.

### Update Credentialing Note

 - [PATCH /credentialing-workflows/{id}/notes/{noteId}](https://docs.certifyos.com/reference/application/api/credentialing-workflows/credentialingworkflowscontroller_updatecredentialingnote.md): Updates an existing note associated with a credentialing workflow.

### Populate template fields for credentialing workflow

 - [GET /credentialing-workflows/{id}/populate-template-fields](https://docs.certifyos.com/reference/application/api/credentialing-workflows/credentialingworkflowscontroller_populatetemplatefields.md): Retrieves and populates template fields for the specified credentialing workflow. Useful for generating documents, emails, or other communications that require workflow-specific data to be inserted into templates.

## v2/credentialing-workflows

### Approve Provider Credentialing Workflow

 - [PUT /v2/credentialing-workflows/{id}/steps/move-to-cred-approved](https://docs.certifyos.com/reference/application/api/v2credentialing-workflows/credentialingworkflowsv2controller_movetocredapproved.md): Move a provider credentialing workflow to approved status.
     Approval Criteria
      - The workflow must exist and be accessible to the current organization and user.
      - The workflow can only be approved by Medical Director or Provisional Approver.
      - The workflow must be in state (PSV ready, Tabled, Hold for Cred Comm) that allows the 
        requested transition.
      - Once the workflow is in the approved state, it cannot be reverted by any user besides Supervisor.

### Deny Provider Credentialing Workflow

 - [PUT /v2/credentialing-workflows/{id}/steps/move-to-cred-denied](https://docs.certifyos.com/reference/application/api/v2credentialing-workflows/credentialingworkflowsv2controller_movetocreddenied.md): Move a provider credentialing workflow to denied status.
      Denial Criteria
      - The workflow must exist and be accessible to the current organization and user.
      - The workflow can only be denied by Medical Director or Provisional Approver.
      - The workflow must be in state (PSV ready, Tabled, Hold for Cred Comm) that allows the 
        requested transition.
      - Once the workflow is in the denied state, it cannot be reverted by any user besides Supervisor.

### Table Provider Credentialing Workflow

 - [PUT /v2/credentialing-workflows/{id}/steps/move-to-tabled](https://docs.certifyos.com/reference/application/api/v2credentialing-workflows/credentialingworkflowsv2controller_movetotabled.md): Move a provider credentialing workflow to tabled status.
      Tabled Criteria
      - The workflow must exist and be accessible to the current organization and user.
      - The workflow can only be tabled by Medical Director or Provisional Approver.
      - The workflow must be in state (PSV ready, Hold for Cred Comm) that allows the requested transition.

### Cancel Provider Credentialing Workflow

 - [PUT /v2/credentialing-workflows/{id}/steps/move-to-cancel](https://docs.certifyos.com/reference/application/api/v2credentialing-workflows/credentialingworkflowsv2controller_movetocredcancel.md): Move a provider credentialing workflow to cancel status.
      Cancellation Criteria
      - The workflow must exist and be accessible to the current organization and user.
      - The workflow can only be approved by Credentialing User, Supervisor, Medical Director or Provisional Approver.
      - Once the workflow is in the cancelled state, it cannot be reverted by any user besides Supervisor.

## providers

### Export Provider Directory

 - [GET /providers/export/provider-directory](https://docs.certifyos.com/reference/application/api/providers/providerscontroller_providerdirectoryexport.md): Triggers an export workflow for the provider directory. The export will include provider details based on the provided filters. The result is typically a CSV or similar file, and the export is processed asynchronously.

### Export HSD Report

 - [GET /providers/export/hsd-report](https://docs.certifyos.com/reference/application/api/providers/providerscontroller_providerhsdreportexport.md): Triggers an export workflow for the HSD (Health Service Delivery) report. The export will include provider details based on the provided filters. The result is typically a CSV or similar file, and the export is processed asynchronously.

### Upload Supporting Document

 - [POST /providers/{id}/supporting-documents](https://docs.certifyos.com/reference/application/api/providers/supportingdocumentscontroller_upload.md): Uploads a supporting document for a provider by ID. This endpoint accepts a multipart/form-data request with a file and metadata.

    - The uploaded document is associated with the provider and saved in the system.
    - Only valid files and supported document metadata will be processed.
    - Returns a confirmation once the document is uploaded successfully.

    Authorization:
    - Requires an Bearer access token.

    Possible Errors:
    - 400 Bad Request: If the file or metadata is invalid.
    - 404 Not Found: If the provider with the given ID does not exist.

### Get all credentialing workflow timelines for a provider

 - [GET /providers/{providerId}/credentialing-workflow-timelines](https://docs.certifyos.com/reference/application/api/providers/credentialingworkflowtimelinecontroller_findall.md): Returns a list of credentialing workflow timeline records for the specified provider within 
    the organization. Each record contains credentialing status, cycle, dates, and related metadata.

## v2/provider

### Create Provider

 - [POST /v2/provider](https://docs.certifyos.com/reference/application/api/v2provider/providerv2controller_create.md): Add a provider to the organization

### Retrieve all available information for a provider.

 - [GET /v2/provider](https://docs.certifyos.com/reference/application/api/v2provider/providerv2controller_findone.md): Fetches comprehensive details about a provider, 
      including optional related data such as credentialing workflows, 
      all sections data (state-licenses, board certifications, dea, etc.), 
      signed URLs for supporting documents/ attachments, verifier info, group info, and 
      sanction items based on the provided query parameters.

### Save attested provider data

 - [POST /v2/provider/{providerId}/attested-data](https://docs.certifyos.com/reference/application/api/v2provider/providerv2controller_createattestedproviderdata.md)

### Fetch attested provider data

 - [GET /v2/provider/{providerId}/attested-data](https://docs.certifyos.com/reference/application/api/v2provider/providerv2controller_getttestedproviderdata.md)

### Upload Provider Attested Data Document

 - [POST /v2/provider/{providerId}/attested-data/documents](https://docs.certifyos.com/reference/application/api/v2provider/providerv2controller_uploadproviderdocuments.md)

### Retrieve signed url of a given supporting-document id.

 - [GET /v2/provider/{providerId}/supporting-documents/{supportingDocumentId}/signed-url](https://docs.certifyos.com/reference/application/api/v2provider/providerv2controller_getdocumentsignedurl.md): Retrieves a signed URL for the specified supporting document ID associated with the provider. 
      The signed URL provides secure, temporary access to the document and remains valid for 10 minutes.

### Lists all provider survey responses in an organization

 - [GET /v2/provider/{providerId}/survey-responses](https://docs.certifyos.com/reference/application/api/v2provider/providerv2controller_findallsurveyresponses.md)

### Lists all provider email outreaches in an organization

 - [GET /v2/provider/{providerId}/outreaches](https://docs.certifyos.com/reference/application/api/v2provider/providerv2controller_findalloutreaches.md)

### Retrieve CAQH data for a provider

 - [GET /v2/provider/{providerId}/caqh-data](https://docs.certifyos.com/reference/application/api/v2provider/providerv2controller_findprovidercaqhdata.md): Returns the CAQH (Council for Affordable Quality Healthcare) data for the specified provider. This data includes provider credentialing and demographic information as stored in CAQH.

### Creates a credentialing workflow for the provider.

 - [POST /v2/provider/{providerId}/credentialing-workflows](https://docs.certifyos.com/reference/application/api/v2provider/providerv2controller_createcredentialingworkflow.md): Initiates a new credentialing workflow for the specified 
      provider. The workflow will automatically trigger the pipeline to 
      fetch the required provider information needed for credentialing.

### Retrieve signed URL for provider PSV PDF

 - [GET /v2/provider/{providerId}/psv/signed-url](https://docs.certifyos.com/reference/application/api/v2provider/providerv2controller_gepsvpdfsignedurl.md): Returns a signed URL for downloading the PSV (Primary Source Verification) PDF for the specified provider. The signed URL is time-limited and allows secure access to the PSV document.

### Modify groups associated to a provider

 - [PUT /v2/provider/{providerId}/groups](https://docs.certifyos.com/reference/application/api/v2provider/providerv2controller_modifyproviderorgentities.md): Modifies the groups (org-entities) associated with a provider.

### Retrieve groups/ org-entities for a provider.

 - [GET /v2/provider/{providerId}/groups](https://docs.certifyos.com/reference/application/api/v2provider/providerv2controller_getprovidergroups.md): Fetches all the groups (org-entities) associated with a provider.

### Retrieve credentialing workflow timelines for a provider

 - [GET /v2/provider/{providerId}/credentialing-workflow-timelines](https://docs.certifyos.com/reference/application/api/v2provider/credentialingworkflowtimelinev2controller_getcredentialingworkflowtimelines.md): Returns a list of credentialing workflow timeline records for the specified provider within the organization. Each record contains credentialing status, cycle, dates, and related metadata.

### Create Bulk Provider Professional IDs

 - [POST /v2/provider/{providerId}/professional-ids](https://docs.certifyos.com/reference/application/api/v2provider/professionalidsv2controller_createmany.md): Create multiple professional IDs for a provider

### Get list of provider specialties

 - [GET /v2/provider/{providerId}/specialties](https://docs.certifyos.com/reference/application/api/v2provider/specialtiesv2controller_findall.md): Retrieves a list of specialties for the specified provider.

### Create provider specialties

 - [POST /v2/provider/{providerId}/specialties](https://docs.certifyos.com/reference/application/api/v2provider/specialtiesv2controller_create.md): Create a specialty with optional sub-specialties

### Update provider specialty

 - [PATCH /v2/provider/{providerId}/specialties/{specialtyId}](https://docs.certifyos.com/reference/application/api/v2provider/specialtiesv2controller_update.md): Update specialty details with optional sub-specialties

### Delete provider specialty

 - [DELETE /v2/provider/{providerId}/specialties/{specialtyId}](https://docs.certifyos.com/reference/application/api/v2provider/specialtiesv2controller_delete.md): Deletes a specialty for the specified provider.

## v2/providers

### Create Providers

 - [POST /v2/providers](https://docs.certifyos.com/reference/application/api/v2providers/providersv2controller_bulkcreate.md): Create providers (Bulk)

### Lists all providers in an organization

 - [GET /v2/providers](https://docs.certifyos.com/reference/application/api/v2providers/providersv2controller_findall.md): Fetches all the providers in the given organization, this endpoint is used to query for 
      all providers in the organization. The endpoint returns a list of providers with the 
      providerId and basic details. This endpoint supports filters for pagination (offset and limit), 
      file type, flagged status, and created or updated date ranges.
      The practice location data response can be enabled on request, it is not returned by default.

### Terminate providers

 - [PATCH /v2/providers/terminate-providers](https://docs.certifyos.com/reference/application/api/v2providers/providersv2controller_terminate.md): Terminate providers.

### Unterminate providers

 - [PATCH /v2/providers/unterminate-providers](https://docs.certifyos.com/reference/application/api/v2providers/providersv2controller_unterminate.md): Unterminate providers

### Updates provider data

 - [PATCH /v2/providers/{id}](https://docs.certifyos.com/reference/application/api/v2providers/providersv2controller_update.md): Updates the information of a specific provider.

### Share multiple providers to Credentialing Committee.

 - [POST /v2/providers/bulk-share-to-cred-committee](https://docs.certifyos.com/reference/application/api/v2providers/providersv2controller_sharebulktocredcommittee.md)

### Share provider to Credentialing Committee.

 - [PATCH /v2/providers/{id}/share-to-cred-committee](https://docs.certifyos.com/reference/application/api/v2providers/providersv2controller_sharetocredcommittee.md)

## v2/flags

### Find Flags For Provider

 - [GET /v2/flags](https://docs.certifyos.com/reference/application/api/v2flags/providerflagscontroller_findflags.md)

### Mark multiple flags as read

 - [PATCH /v2/flags/bulk-mark-read](https://docs.certifyos.com/reference/application/api/v2flags/flagsv2controller_markreadbulk.md): Marks a list of flags as read for the current user. Returns 204 if all succeeded, 207 if some failed.

### Mark a single flag as read

 - [PATCH /v2/flags/{id}/mark-read](https://docs.certifyos.com/reference/application/api/v2flags/flagsv2controller_markread.md): Marks a specific flag as read for the current user.

### Search provider flags

 - [GET /v2/flags/search](https://docs.certifyos.com/reference/application/api/v2flags/flagsv2controller_searchflags.md): Returns a list of provider flags based on advanced filter criteria. Supports filtering by NPI, flag type, name, sub-collection, committee sharing, read status, and date ranges.

## v2/provider-with-groups

### Create Provider With Groups

 - [POST /v2/provider-with-groups](https://docs.certifyos.com/reference/application/api/v2provider-with-groups/providerwithgroupsv2controller_create.md): Add a provider to the organization

## flags

### Get all provider flags

 - [GET /flags](https://docs.certifyos.com/reference/application/api/flags/flagscontroller_findallflags.md): Returns a list of all provider flags for the given organization. Supports filtering by NPI, read status, and shared status.

### Bulk deactivate (clear) flags

 - [PATCH /flags](https://docs.certifyos.com/reference/application/api/flags/flagscontroller_deactivateflagbulk.md): Deactivates (clears) multiple flags in bulk for the current user.

### Deactivate (clear) a flag

 - [PATCH /flags/{id}/deactivate](https://docs.certifyos.com/reference/application/api/flags/flagscontroller_deactivateflag.md): Deactivates (clears) a specific flag by its ID.

### Activate (un-clear) a flag

 - [PATCH /flags/{id}/activate](https://docs.certifyos.com/reference/application/api/flags/flagscontroller_activateflag.md): Activates (un-clears) a specific flag by its ID.

### Mark flag as read via webhook

 - [PATCH /flags/webhook/{id}/mark-read](https://docs.certifyos.com/reference/application/api/flags/flagscontroller_movetooutreachinprogresswebhook.md): Marks a flag as read using a webhook event.

### Bulk mark flags as read

 - [PATCH /flags/bulk-mark-read](https://docs.certifyos.com/reference/application/api/flags/flagscontroller_markreadbulk.md): Marks multiple flags as read for the current user. Returns 204 if all succeeded, 207 if some failed.

### Mark a flag as read

 - [PATCH /flags/{id}/mark-read](https://docs.certifyos.com/reference/application/api/flags/flagscontroller_markread.md): Marks a specific flag as read for the current user.

### Mark a flag as unread

 - [PATCH /flags/{id}/mark-unread](https://docs.certifyos.com/reference/application/api/flags/flagscontroller_markunread.md): Marks a specific flag as unread for the current user.

### Get Provider Flags

 - [GET /flags/search](https://docs.certifyos.com/reference/application/api/flags/flagscontroller_searchflags.md)

### Bulk mark flags as unread

 - [PATCH /flags/bulk-mark-unread](https://docs.certifyos.com/reference/application/api/flags/flagscontroller_markunreadbulk.md): Marks multiple flags as unread for the current user. Returns 204 if all succeeded, 207 if some failed.

### Mark all flags as read for a provider and approve

 - [POST /flags/{id}/mark-all-read-for-provider](https://docs.certifyos.com/reference/application/api/flags/flagscontroller_markproviderreviewedandapproved.md): Marks all flags as read for a specific provider and marks the provider as approved.

## v2/groups

### Associate Facilities with a Group

 - [POST /v2/groups/{id}/associate-facilities](https://docs.certifyos.com/reference/application/api/v2groups/orgentitiesv2controller_associatefacilityaslocation.md)

### Dissociate Facilities From a Group

 - [DELETE /v2/groups/{id}/associate-facilities](https://docs.certifyos.com/reference/application/api/v2groups/orgentitiesv2controller_disassociatefacilityfromlocation.md)

## Webhooks

### Retrieve all registered webhooks

 - [GET /v2/webhooks](https://docs.certifyos.com/reference/application/api/webhooks/webhookscontroller_fetchall.md): Retrieve all webhooks registered for the organization, including basic configuration details. Sensitive information like oauth_configuration will be masked in the response.

### Register Webhook (Credentialing Events)

 - [POST /v2/webhooks](https://docs.certifyos.com/reference/application/api/webhooks/webhookscontroller_create.md): Register a webhook for credentialing events of a provider. If headers are included, they will be sent with every request. If oauth_configuration is set, the token_url will be called with client_id and client_secret and a form urlencoded POST request to generate an access token. The response includes the webhook ID and configuration details.

### Remove Registered Webhook

 - [DELETE /v2/webhooks](https://docs.certifyos.com/reference/application/api/webhooks/webhookscontroller_remove.md): Remove a previously registered webhook by providing its configuration.

### Test a registered webhook

 - [POST /v2/webhooks/{webhookId}/test-event](https://docs.certifyos.com/reference/application/api/webhooks/webhookscontroller_testwebhook.md): Send a test event to a registered webhook. This is useful for verifying that the webhook endpoint is reachable and correctly configured.

## forms

### Create a new form submission.

 - [POST /forms/submissions](https://docs.certifyos.com/reference/application/api/forms/formsubmissioncontroller_create.md): Creates a new form submission.

### Get a form submission by ID.

 - [GET /forms/submissions/{id}](https://docs.certifyos.com/reference/application/api/forms/formsubmissioncontroller_findone.md): Retrieves a single form submission by its unique ID.

## v2/facility-credentialing-workflows

### Cancel Facility Credentialing Workflow

 - [PUT /v2/facility-credentialing-workflows/{id}/steps/move-to-cancel](https://docs.certifyos.com/reference/application/api/v2facility-credentialing-workflows/facilitycredentialingworkflowsv2controller_movetocancel.md): Move a facility credentialing workflow to cancel status.

### Approve Facility Credentialing Workflow

 - [PUT /v2/facility-credentialing-workflows/{id}/steps/move-to-cred-approved](https://docs.certifyos.com/reference/application/api/v2facility-credentialing-workflows/facilitycredentialingworkflowsv2controller_movetocredapproved.md): Move a facility credentialing workflow to approved status.

### Deny Facility Credentialing Workflow

 - [PUT /v2/facility-credentialing-workflows/{id}/steps/move-to-cred-denied](https://docs.certifyos.com/reference/application/api/v2facility-credentialing-workflows/facilitycredentialingworkflowsv2controller_movetocreddenied.md): Move a facility credentialing workflow to denied status.

## v2/facilities

### Retrieve all available information for a Facility. Supporting documents are URLs to the file.

 - [GET /v2/facilities/{facilityId}](https://docs.certifyos.com/reference/application/api/v2facilities/facilityv2controller_findone.md)

### Update information for a facility.

 - [PATCH /v2/facilities/{facilityId}](https://docs.certifyos.com/reference/application/api/v2facilities/facilityv2controller_update.md)

### List all Facilities.

 - [GET /v2/facilities](https://docs.certifyos.com/reference/application/api/v2facilities/facilityv2controller_findall.md)

### Add a facility.

 - [POST /v2/facilities](https://docs.certifyos.com/reference/application/api/v2facilities/facilityv2controller_create.md)

### Terminate Facilities (Bulk)

 - [PATCH /v2/facilities/terminate-facility](https://docs.certifyos.com/reference/application/api/v2facilities/facilityv2controller_terminate.md): Terminates the facility.

### Unterminate Facilities (Bulk)

 - [PATCH /v2/facilities/unterminate-facility](https://docs.certifyos.com/reference/application/api/v2facilities/facilityv2controller_unterminate.md): Unterminates the facility

### Retrieve signed PSV url of a given facility.

 - [GET /v2/facilities/{facilityId}/psv/signed-url](https://docs.certifyos.com/reference/application/api/v2facilities/facilityv2controller_getdocumentsignedurl.md)

### Retrieve groups/org-entities for a facility.

 - [GET /v2/facilities/{facilityId}/groups](https://docs.certifyos.com/reference/application/api/v2facilities/facilityv2controller_getfacilitygroups.md)

### Retrieve credentialing workflow timeline for a facility.

 - [GET /v2/facilities/{facilityId}/credentialing-workflow-timelines](https://docs.certifyos.com/reference/application/api/v2facilities/facilityv2controller_getcredentialingworkflowtimeline.md)