RCM API CONSOLE

Sentinel Signal API Portal

Interactive docs, API key + billing controls, and live request runner for workflow-based scoring primitives.

Home View Pricing Open Swagger

Spec URL API Base URL Bearer Token Filter

Tips

Instant trial flow: POST /v1/keys/trial (no auth) -> POST /v1/score -> GET /v1/limits/GET /v1/usage.

Same-key upgrade flow: POST /v1/billing/checkout-session with Authorization: Bearer ss_trial_... -> Stripe webhook upgrades the existing account/key in place.

Admin issuance remains available: POST /v1/apikeys/issue with X-Admin-Token; admin Checkout path remains POST /v1/billing/checkout/session.

Support visibility: GET /v1/billing/accounts/{email}/status returns plan, subscription state, renewal date, last payment result, and API key status.

Legacy JWT issuance remains available at POST /v1/tokens/issue for local/internal workflows.

Use POST /v1/score as the primary scoring endpoint; workflow-specific endpoints remain for backward compatibility.

Legacy scoring endpoints remain billable and are normalized into the same workflow usage meter as unified scoring.

Unified response details are workflow-scoped under details.denial, details.prior_auth, or details.reimbursement.

API auth is enabled by default; all protected /v1 endpoints require a bearer token.

Use GET /v1/limits and GET /v1/usage to inspect current envelopes and billable usage.

Use POST /v1/feedback to submit real-world outcomes linked to prior scoring calls via x-request-id.

Feedback request validation is DB-backed, so request-id checks remain consistent across multiple API instances.

Feedback calls are telemetry-only and are not counted as billable scoring usage.

Trial quota exhaustion returns structured 402 Payment Required with an upgrade_url; throttling still returns 429.

Token helper script requires TOKEN_SERVICE_ADMIN_TOKEN and verifies TLS by default.

Set Bearer Token once and all protected endpoints reuse it.

Use GET /readyz for readiness checks; it returns 503 if database connectivity fails.

Use GET /metrics for Prometheus scraping (text/plain; version=0.0.4; charset=utf-8) and GET /metrics.json for a compact operator snapshot (metrics_schema_version=1, requires metrics:read).

V1 HTTP telemetry uses stable route IDs (for example denial_score, prior_auth_predict, reimbursement_estimate, unified_score) to avoid high-cardinality path labels.

Local Compose DB bind defaults to loopback; set DB_BIND_ADDRESS only for intentional external access.

Use denial risk_tier to route claims: high (top 10%), medium (next 10%), low (remaining 80%).

Use denial operating_point to interpret threshold policy: high_recall, balanced, high_precision.

options.distribution_profile supports denial regime routing: synthetic_v1, cms_v1, commercial_beta.

Routing precedence for denial is explicit options.distribution_profile -> payload.data_source hint -> auto-detect.

Denial responses expose details.denial.distribution_profile and details.denial.routing_source so clients can audit regime selection.

Set options.allow_fallback=false to enforce strict model pinning and receive 409 when version is unavailable.

Denial and prior-auth responses expose calibration_method and calibration_version for runtime debugging.

Use prior-auth payer_support.support_level to route review intensity: high, moderate, low.

Evaluation governance is model-scoped: denial tracks absolute top-20 precision while prior-auth tracks top-20 lift (>= 3x).

Reimbursement business gate is primary-metric driven: mean MAPE <= 0.15 and mean monthly_within_10pct >= 0.90; mean R2 >= 0.85 is secondary diagnostic.

Low payer support means the score is valid but confidence is lower; keep manual payer policy verification in the loop.

Structured scoring logs now include regime routing metadata plus support level + drift flags + model/calibration versions for each decision.

Watch for prior_auth_drift_downgrade_rate_alert to detect payer policy shifts before denial outcomes degrade.

Runtime lock enforcement validates model hashes, calibration artifacts, and threshold snapshots before API startup.

Simulation runs enforce frozen evaluation config so benchmark drift fails fast.

Current prior-auth runtime model: 0.2.3-prior-auth-on-file.

Latest local full 5-seed validation (2026-02-16): prior-auth AUC 0.9708, top-20 capture 0.9480, denial AUC 0.7972, overall p95 latency 66.87 ms.

Latest Fly dual-machine rerun (2026-02-17): API p95 latency 529.02 ms on two API machines (shared 4 vCPU / 4096 MB each); cross-model checks 6/7 with latency gate narrowly missing < 500 ms.