Overview

The Vaccination Data Intake API gives immunization providers and authorized users a simple way to add data to the Vaccination Record Service and issue certified vaccination credentials.

The Vaccination Data Intake API is a companion to the Vaccination Credential Sharing API and Vaccination Credential Verification API for secure sharing and verification of the vaccination record.

How to try an API

Refer to the Getting Started section on how to use an API.

Each submission is a FHIR R4 bundle with patient, immunization, location, and optional organization resources, see data payload requirements.

How to use this API

There are three steps to successfully call the Intake API:

  1. Register to use the Dev Portal by obtaining an APIGEE client_id and client_secret for your evaluation purposes.
    If you need assistance with the registration process please reach out to [email protected].
  2. Get an APIGEE token using the APIGEE API.
  3. Submit an ingestion payload using the Vaccine Record API.

Getting an APIGEE token using the APIGEE API

This API is secured by an APIGEE Bearer token, which you need to supply as an Authorization header when you call the Ingestion API. To following Curl shows how to obtain an APIGEE token from the APIGEE API.

curl  -X POST  \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -d "client_id=<CLIENT_ID>&client_secret=<CLIENT_SECRET>&grant_type=client_credentials" \
https://sandbox.apigw.changehealthcare.com/apip/auth/v2/token
ParameterDescriptionExample
CLIENT_IDThe APIGEE client_id you will receive when you register with Change HealthCare. This value should be protected like any other credential.3K8YenXcRPou5SpAITuwTr2pQZxAHMVW
CLIENT_SECRETThe APIGEE client_secret you will receive when you register with Change HealthCare. This value should be protected like any other credential.mus0exPejuDExRX

Upon a successful invocation (status=200), the JSON returned by this call will look similar to this:

{
  "access_token": "eyJraWQiOiIxIiwidHlwIjoiSldUIiwiYWxnIjoiUlMyNTYifQ.eyJhY2Nlc3NfdG9rZW4iOiJOWkJUNEVOSzF0dHRMUnRkTm5lU3hPYTlvdmlCIiwiYXVkIjoiYXBpUGxhdGZvcm0iLCJhcGlfcHJvZHVjdF9saXN0IjpbIkRTX1ZQYXNzX1Byb2R1Y3RfdjEiXSwiYXBwbGljYXRpb25fbmFtZSI6IlZhY2NpbmVQYXNzcHJ0VjEiLCJuYmYiOjE2MjEwOTc5ODQsImRldmVsb3Blcl9lbWFpbCI6ImxhcnJ5LnNjaG9lbmZlbGRAY2hhbmdlaGVhbHRoY2FyZS5jb20iLCJpc3MiOiJodHRwczpcL1wvc2FuZGJveC5hcGlzLmNoYW5nZWhlYWx0aGNhcmUuY29tIiwic2NvcGVzIjoiIiwiZXhwIjoxNjIxMTAxNTg0LCJpYXQiOjE2MjEwOTc5ODQsImp0aSI6ImFkNDdlNmIxLTk5MjgtNGM3NS1hMTkyLTYxZDhiNTMwM2QzZSJ9.J1Uf5sEhFFNlCP_Z0bbhtzflWlviyTEbpbufVr3_uZeGheZJ_7QiFchnmEnVONHnnRo-gYuN_UjGApsoMIXi1WB9jSmvze-ED4vow9iKKADUHtBxnELyJbzxL1JCzz2VqnraBOjm6YFTiZAN1XC5CFpG9AwVNOuDtb_bOcsbiMMpQf5ZAnVMUtNuL3_AW_Q3jU3l1cX-y6ro8m7cm0yqEkTV1WFrgF7n6qnmunYAePa03kl82Q3Oy_JZR50DWF1Plw2N6qG1QO3P4GK2iFr0WGqiRZMkIzDJbVnTAOjivfuXMIFTl-rwUE3V37kpQqXefg9iaTI9CZqaOZm3mJJkQA",
  "token_type": "bearer",
  "expires_in": 3600
}

📘

BEARER TOKEN LIFESPAN

The lifespan of a Bearer token is one hour (3600 seconds) for both sandbox and production environments.

  • The token has a 60-minute (one hour) time to live (TTL). You can reuse the same token in subsequent calls to the Vaccine Record API until it expires.
  • Read how to pass the token to the Vaccine Record API by reviewing the next API.
  • You will need to parse the access_token property from this JSON response before using it in the Vaccine Record API.

Submitting an ingestion payload using the Vaccine Record API

The following Curl shows how to submit the ingestion payload to the Vaccine Record API.

curl  -H "Authorization: Bearer $token" \
-X POST \
 -d @<PAYLOAD_FILE>  \ 
 https://sandbox.apigw.changehealthcare.com/dataservices/vpassport/v1/patientData
ParameterDescriptionExample
PAYLOAD_FILERelative or absolute path to the ingestion payload JSON.See specification or the 'Example Payload' below.

Upon successful invocation (status=200) , the JSON returned by this call will look similar to this:

{"message":"Successfully processed."}

Example Payload File

  • The following example payload is completely contrived and does not reflect what would be expected in a real-world payload
  • This is primarily intended to "jump-start" your integration by supplying a payload that you can quickly submit via the API and verify your credentials and connectivity are working as expected
  • See detailed payload requirements
{
    "resourceType": "Bundle",
    "type": "collection",
    "entry": [
        {
            "fullUrl": "urn:uuid:f6cafe39-3384-491f-885c-f0947e2b1649",
            "resource": {
                "resourceType": "Patient",
                "identifier": [
                    {
                        "system": "http://changehealthcare.com/pharmacy/patient",
                        "value": "9999-10000001"
                    }
                ],
                "name": [
                    {
                        "family": "Doe",
                        "given": [
                            "John"
                        ]
                    }
                ],
                "telecom": [
                    {
                        "system": "phone",
                        "value": "6159323000",
                        "use": "home"
                    }
                ],
                "gender": "male",
                "birthDate": "1960-01-01",
                "address": [
                    {
                        "use": "home",
                        "type": "physical",
                        "text": "3055 Lebanon Pike\nNashville, TN\n37214",
                        "line": [
                            "3055 Lebanon Pike"
                        ],
                        "city": "Nashville",
                        "state": "TN",
                        "postalCode": "37214"
                    }
                ]
            },
            "request": {
                "method": "POST",
                "url": "Patient",
                "ifNoneExist": "identifier=http://changehealthcare.com/pharmacy/patient|9999-10000001"
            }
        },
        {
            "fullUrl": "urn:uuid:d5486e1e-1e52-4fb8-82f8-a6c41eb1514f",
            "resource": {
                "resourceType": "Location",
                "identifier": [
                    {
                        "system": "http://hl7.org/fhir/sid/us-npi",
                        "value": "1000000001"
                    }
                ],
                "status": "active",
                "name": "Change Healthcare Clinic",
                "type": [
                    {
                        "coding": [
                            {
                                "system": "http://terminology.hl7.org/CodeSystem/v3-RoleCode",
                                "code": "PHARM"
                            }
                        ]
                    }
                ],
                "telecom": [
                    {
                        "system": "phone",
                        "value": "6158853700",
                        "use": "work"
                    }
                ],
                "address": {
                    "use": "work",
                    "type": "physical",
                    "text": "100 Airpark Center E\nNashville, TN\n37217",
                    "line": [
                        "100 Airpark Center E"
                    ],
                    "city": "Nashville",
                    "state": "TN",
                    "postalCode": "37217"
                }
            },
            "request": {
                "method": "POST",
                "url": "Location",
                "ifNoneExist": "identifier=http://changehealthcare.com/pharmacy/location|1000000001"
            }
        },
        {
            "resource": {
                "resourceType": "Immunization",
                "identifier": [
                    {
                        "system": "http://changehealthcare.com/pharmacy/tx",
                        "value": "9999-80000031-1100011-1000985"
                    }
                ],
                "status": "completed",
                "vaccineCode": {
                    "coding": [
                        {
                            "system": "https://www.ama-assn.org/practice-management/cpt",
                            "code": "91300"
                        }
                    ]
                },
                "patient": {
                    "reference": "urn:uuid:f6cafe39-3384-491f-885c-f0947e2b1649"
                },
                "occurrenceDateTime": "2021-02-02T18:59:30+00:00",
                "location": {
                    "reference": "urn:uuid:d5486e1e-1e52-4fb8-82f8-a6c41eb1514f"
                },
                "lotNumber": "LOT10001",
                "protocolApplied": [
                    {
                        "doseNumberPositiveInt": 1
                    }
                ]
            },
            "request": {
                "method": "POST",
                "url": "Immunization"
            }
        }
    ]
}

Sample BASH script for testing

  • Script was tested on MAC Catalina
  • Copy script below and payload file to your computer
  • jq must be installed for this script to work
  • Invoke script with 3 parameters:
    • client_id, client_secret, and relative-path-from-this-script-to-payload-file
#!/bin/bash
SCRIPT_DIR=$(cd $(dirname "${BASH_SOURCE[0]}") && pwd)

clientId=$1
clientSecret=$2
PAYLOAD_FILE=$3


TOKEN=$(curl -s -X POST  \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -d "client_id=$clientId&client_secret=$clientSecret&grant_type=client_credentials" \
https://sandbox.apigw.changehealthcare.com/apip/auth/v2/token | jq -r .access_token)

curl  -H "Authorization: Bearer $TOKEN" \
 -X POST \
 -d @$SCRIPT_DIR/$PAYLOAD_FILE  \
 https://sandbox.apigw.changehealthcare.com/dataservices/vpassport/v1/patientData

 echo ""
Release Notes
View our Change Log/Release Notes for more information on the API.