What information needs to be in the request header?

NOTE: Change Healthcare is deprecating the Claims Responses and Reports v1 API. If you use the v1 API, you should begin using the v2 release at your earliest opportunity.

You can also check the Release Notes and the API Documentation.

We use two standard HTTP headers in our API requests: Authorization and Content-Type.

The request uses the following headers as follows:

Content-Type: application/json
Authorization: Bearer <Your-Access-Token>

The authorization token is a requirement for making a Claims Responses and Reports API request. You pass the Bearer authorization token in the Authorization header. Get the token by making an API call to:

curl -X POST \
  '**https://apigw.changehealthcare.com/apip/auth/v2/token/**' \
  -H 'Content-Type: application/json' \
  -d '{
  "client_id": "<Your-ClientId>",
  "client_secret": "<Your-ClientSecret>",
  "grant_type": "client_credentials"

The Content-Type header always defaults to application/json.

NOTE: In production, the lifespan of a Bearer token is two hours (7200 seconds). For Sandbox use, a token lifespan is one hour.

Find out more about our security protocols and their implementation.