APIFor developers

One API for the entire revenue cycle.

Eligibility, prior authorization, claims, denials, appeals, and remittance — one REST API, signed webhooks, and a work queue for the exceptions. Build revenue-cycle features into your product without hiring a billing department or writing X12 by hand. An embedded UI is available too.

For RCM firms, scribe platforms, EHRs, and health-tech vendors that want to capture more revenue and serve the clients they know best end-to-end.

150+ endpointsHMAC-signed webhooksFirst request in minutesSandbox on request
foresight · apiX-Environment: sandbox
{
"status": "active",
"networkStatus": "in_network",
"coordinationOfBenefits": [
{ "rank": "primary", "payer": "uhc" },
{ "rank": "secondary", "payer": "medicaid_tx" }
],
"carveOut": { "detected": true, "entity": "behavioral_health" },
"patientResponsibility": { "low": 145.00, "high": 205.00, "confidence": 2 }
}
synthetic data · HMAC-signed · at-least-once delivery
The API at work

From eligibility to paid, in four calls.

Multi-source eligibility. One call checks more than one clearinghouse, catches carve-outs, runs coordination of benefit checks, fixes missing / incorrect data, checks co-pay brackets, and returns a confidence-scored answer.
Prior auth from the chart. The packet assembles itself, medical necessity is scored against the payer’s own policy, and the letter is drafted — a clinician signs off before anything goes out.
Scrubbing with citations. Every warning names the payer rule it came from — source, effective month, and the fix, auto-applied when it’s safe.
Webhooks close the loop. Lifecycle events land in your system signed and retried, so you never poll for a status.
01Who it’s for

Built to sit behind your product.

RCM firms, scribe platforms, EHRs, and point solutions run on the same API — under their own brand, inside their own workflow.

RCM & billing firms

Scale delivery without scaling headcount.

Keep the client relationships and the systems your clients already run. Foresight adds the decisioning layer — eligibility, payer-policy checks, prior auth, claim status, and scrubbing through one API. Anything uncertain routes back to your queue, your bots, or the client’s system, so your team works exceptions instead of keying data.

Eligibility & VOBPrior authClaim statusScrubbing
Scribes & documentation platforms

You own the encounter. Finish the job.

Your product already produces the note and the codes. Foresight turns them into revenue: claims scrubbed against payer policy, submitted, tracked, and posted — under your brand. Clinics stop stitching together point solutions, and you stop handing the billable step to someone else.

Note → codes → claimMedical necessityWhite-label
EHRs & practice platforms

Strong charting deserves strong billing.

Practices leave good EHRs over weak billing. Embed eligibility, claims, denials, statements, and payment posting behind your own UI. Foresight watches encounter events, runs the billing work, and writes results back — your app stays the system of record.

Event-drivenGuarded write-backYour UI
Point-solution vendors

One workflow today. The whole cycle tomorrow.

You automate one step well — prior auth, coding, intake — and customers keep asking for the step after it. Add eligibility before the auth, the claim behind it, the appeal if it denies. Same API, no second vendor.

Prior auth +Eligibility +Claims +
02Integration models

Your surface or ours.

Three ways teams wire Foresight in. Most start with one workflow and grow from there.

Behind your UI

Call the API and render results in your own product, or drop in our prebuilt UI components and restyle them to match. Either way your brand stays on every screen and your users never see Foresight.

Alongside the EHR

Foresight subscribes to EHR events — a locked note, a new charge — does the billing work, and writes back with guardrails and a full audit trail.

With your team in the loop

Exceptions become work items your people can pull, assign, or auto-assign by API — in our queue, or written back into the system they already work in.

03Surface area

The whole cycle, addressable.

Every capability is a resource with endpoints, scoped keys, and webhook events — not a feature behind a sales call.

Eligibility & benefits

Real-time 270/271 with normalized benefits, multi-source checks, carve-out detection, and coverage-change events.

POST /v1/claims/{id}/check-eligibilityemits eligibility.checked

Prior authorization

Packets assembled from the chart, payer questions answered with cited evidence, clinician sign-off, status tracked to decision.

POST /v1/prior-authorizationsemits prior_auth.approved

Claims

Validate, scrub against NCCI and payer rules, apply fixes, submit, and track to payment across clearinghouses.

POST /v1/claims/{id}/scrubemits claim.paid

Denials & appeals

Denials classified by CARC/RARC with a recommended next action. Appeal letters generated and sent by fax, portal, or payer API.

POST /v1/appeals/{id}/generate-letteremits appeal.won

Credentialing

NPI validation, exclusion checks, license tracking, and enrollment state per payer and transaction.

POST /v1/credentialing/verifyemits credentialing.verified

Work & routing

Exceptions as work items: pull, assign, or auto-assign by skill, dollar value, and SLA.

POST /v1/work/auto-assignemits work.assigned

Webhooks

Subscribe once; every event these resources emit arrives HMAC-signed, with replay protection and automatic retries.

POST /v1/webhooks/subscriptionssigned · retried

Patients & encounters

Demographics, encounters, code derivation with provenance, and batch claim creation.

POST /v1/encounters/{id}/derive-codesemits encounter.coded
04Build against it

Boring where it should be.

The parts you’ve built against a hundred times behave the way you expect — and the docs are ready when you are.

Auth
Org-scoped API keys (fsk_…) with granular scopes, passed in a header.
Environments
Production, staging, and sandbox — same API, one header to switch. Sandbox data is synthetic, never live.
Idempotency
Idempotency-Key on writes. Retries are safe by design.
Pagination
Offset pagination with a hasMore flag. No cursors to babysit.
Versioning
Version lives in the path (/v1). Breaking changes get a new major version and at least 12 months of overlap.
Rate limits
1,000 requests per hour per key by default, configurable per key.
Errors
A flat JSON envelope with machine-readable codes and field-level details.
Webhook delivery
HMAC-SHA256 signatures, replay protection, automatic retries, at-least-once semantics.

Docs and sandbox, on request

Full request and response schemas for every endpoint, end-to-end workflow walkthroughs, and compliance documentation. We share it on request, and sandbox access is provisioned per engagement under a BAA — so your engineers evaluate against the real thing, not a PDF.

Request access
Guardrails

Nothing is guessed.

Every automated decision carries a confidence score and a review disposition. Thresholds are yours to set — per client, per payer, aggressive or conservative. Low confidence never means a silent guess; it means a routed work item that says exactly what’s missing.

Confidence-scored

Every automated answer is scored and gated. You set where auto-submit ends and review begins.

Cited

Payer-policy findings carry a citation: the source policy and its effective month.

Audited

An append-only audit log, enforced at the database, with a 7-year retention floor.

HIPAA

A BAA is signed before any PHI moves. PHI lives in AWS us-east-1 and nowhere else.

Encrypted

KMS-managed keys at rest (FIPS 140-2 validated), TLS 1.2+ in transit. SOC 2 Type II in progress.

Access-controlled

Scoped keys on the API. MFA and passkeys on the dashboard.

Boundaries, stated up front: payer-policy coverage varies by payer — gaps route to review, never to a guess. Automation rate is an observed result, not a number we promise before we’ve seen your workflow.

Partner questions.

Short, honest answers. Bring the rest to a technical session — we’ll go as deep as your engineers want.

01Can we white-label it?
Yes. The API is headless — your UI, your brand, your customer relationship. Teams that also want an operational surface for their staff get the queue and dashboards as part of the engagement.
02Who owns the client relationship?
You do. Foresight is the machinery behind your product or your service. We don’t market to, bill, or contact your clients, and we’re never patient-facing.
03How do exceptions reach our team?
However your team already works. Pull from the work API, let auto-assignment route by skill and dollar value, or have items written back into the client’s system. Every item arrives with what’s missing and the proposed fix — not a mystery to re-investigate.
04Do you replace our staff?
No. Automation clears the rote volume — keying, checking, status-chasing — and your people work the exceptions that need judgment. Partners stop staffing against volume spikes, not against their org chart.
05How long does an integration take?
A first authenticated request takes minutes. A scoped pilot — one workflow, one client, one payer cohort, measured on precision and touchless share — typically stands up in weeks. Most partners start there and expand.
06What does it cost?
Usage-based, by workflow and volume, with partner pricing built for resale and bundling. Bring your volumes and we’ll put numbers on the first call.
Start with one workflow

Bring one workflow.
We’ll wire the pilot.

Pick the step that hurts — benefit verification, prior auth, claim status. We run an agreed sample and report the numbers, so you decide on evidence instead of a deck.

What a pilot reports

Coverage / fieldspayers resolved
Precisionfield-level correctness
Touchless shareno human touch
Human minutesper exception item
Integration effortmeasured, not guessed