The following is a production API call example. The key and the pdf attachment data in the last question have been redacted and must be supplied by the caller. Similarly, the email address must be changed. Further down an example of how to generate a base64 data encoding for the API is shown. The password field and the four payment and shipping fields are currently optional.
API based patient intake is subject to our compliance review process. Here is a checklist we use to ensure compliance. For the intake form questions, please check out the most updated forms here and create/replace corresponding data fields inside the API call accordingly.
curl -m 70 -X POST https://us-central1-care360-next.cloudfunctions.net/handleDynamicCustomerForm \ -H "Content-Type: application/json" \ -d '{ "key": "<redacted - obtain from CareValidate>", "firstName": "John", "lastName": "Test this must include the word Test until after both implementation and compliance review are complete", "email": "[email protected]", "password": "<optional>", "phoneNumber" : "+10123456789", "dob" : "1990-01-01", "gender" : "FEMALE", "paymentDescription": "Description of what the patient purchased", "paymentAmount": 0.5, "stripeSetupId": "<redacted - see below>", "shippingAddress": { "addressLine1": "1600 Pennsylvania Avenue NW", "addressLine2": "", "city": "Washington", "state": "DC", "country": "US", "postalCode": "20500" }, "formTitle": "GLP Weight Loss Intake Form Or Other Name", "formDescription": "Some form description", "promoCodes": {"Promo": "Lose10"}, "productBundleId": "<optional - obtain from CareValidate>", "questions": [ {"question": "What was your gender at birth?", "answer": "Female", "options": ["Male", "Female", "Other"], "type": "SINGLESELECT"}, {"question": "What is your date of birth?", "answer": "2000-01-31", "required": true, "type": "DATE"}, {"question": "How much do you weigh?", "answer": "180 lbs", "phi": true, "type": "TEXT"}, {"question": "Do you have any of the following symptoms?", "type": "MULTISELECT", "answer": ["High Blood Pressure (Hypertension)", "Pre-diabetes"], "options": ["High Cholesterol or Triglycerides / Dyslipidemia", "Non-Alcoholic Fatty Liver Disease", "High Blood Pressure (Hypertension)", "Pre-diabetes / Type 2 Diabetes / Hbac1 above 5.7", "PCOS", "Metabolic Syndrome", "Cardiovascular Disease", "Osteoarthritis", "Obstructive Sleep Apnea", "None of the above"]}, {"question": "Do you have any of the following symptoms?", "answer": ["None of the above"], "options": ["Medullary Thyroid Cancer (MTC) or family history of MTC", "Multiple Endocrine Neoplasia Syndrome Type 2 (MEN 2)", "Serious Allergic reaction to Semaglutide or Tirzepitide", "Active Cancer", "Active Drug or Alcohol Misuse", "Eating disorders", "Bipolar Disorder", "Schizophrenia", "Pancreatitis", "Pregnant or planning to become pregnant in the next 2 months", "None of the above"], "type":"SINGLESELECT"}, {"question": "What is your weight loss goal?", "answer": "Lose over 50 lbs for good", "options": ["Lose 1-20lbs for good", "Lose 21-50lbs for good", "Lose over 50 lbs for good", "Maintain my health weight", "None of the above", "Other"], "type":"SINGLESELECT"}, {"question": "What weight-loss initiatives have you tried in the past?", "answer": ["Exercise", "Dieting"], "options": ["Exercise", "Dieting", "Weight-loss Supplements", "Intermittent fasting", "Other GLP1s", "Other"],"type":"MULTISELECT"}, {"question": "Please attach a copy of your photo id.", "type": "FILE", "answer": [{"name": "test.pdf", "contentType": "application/pdf", "data":"<trimmed>"}]} ] }'
Parameter notes:
phoneNumber - optional, must be in international format, only numbers starting with '+'
dob - optional, date in format YYYY-MM-DD
gender - optional, supported values: MALE / FEMALE
Example of how to generate answers for file type questions, which should work on Mac and Linux:
base64 -i test.pdf | tr -d '\n' > test.txt
After this, the content of test.txt could be pasted into the area of the command above that says <trimmed>.
Payment and Shipping Information
Github sample code showing how to use this section of the knowledge base with WordPress, its Elementor forms extension, and the WPGetAPI extension may be found in this repo. This may also be useful for Shopify or other integrations.
In order to use CareValidate's Stripe account for payment, it is suggested to use Stripe Elements with our publishable key. It also has versions available for major frameworks, such as React. The example shows how to get the shippingAddress and stripeSetupId. The email field shown below should match what is passed to the main endpoint above.
const stripe = await loadStripe( "pk_live_51HqSIiKAXrtjbq2dtXcGLkFqhqPquraau6jRB8nDCrDVIGj7me2ZEAiQxZNwuG9A7Y1Gzn6vg8xslQuCpoTByMKd00cmPemstt" ); //see the below curl example for payment secret const elements = stripe.elements({ clientSecret: paymentSecret }); //capture shipping information with the same settings used by CareValidate let shippingAddress; const addressElement = elements.create('address', { mode: 'shipping', allowedCountries: ['US'] }); addressElement.on('change', e => { const addr = e.value.address; if (e.complete && addr) { shippingAddress = { addressLine1: addr.line1, addressLine2: addr.line2, city: addr.city, state: addr.state, country: addr.country, postalCode: addr.postal_code } } }); //skipping mounting and styling the elements const pay = elements.create('payment'); //validate payment data after entry with the same settings used by CareValidate const result = await stripe.confirmSetup({ elements: elements!, redirect: 'if_required', confirmParams: { payment_method_data: { billing_details: { email } } } }) const stripeSetupId = result.setupIntent.id
To obtain the payment secret for Stripe Elements, you may call our API with your CareValidate API key and the US Dollar amount of the transaction. The amount passed here should match what you pass for paymentAmount to the main endpoint. The example here sets up a transaction for 50 cents.
curl -m 70 -X POST https://us-central1-care360-next.cloudfunctions.net/initiatePayment \ -H "Content-Type: application/json" \ -d '{ "key": "<redacted>" }'
The response JSON will be of the following form, although the ... parts will be filled in with alphanumeric strings.
{ "success":true, "paymentSecret": "seti_..._secret_..." }
Troubleshooting
CORS
If a Cross-Origin Resource Sharing (CORS) error message is received, especially one like the following
Access to fetch at 'https://us-central1-care360-next.cloudfunctions.net/initiatePayment' from origin 'https://example.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
then it likely means the request has been sent from the patient's web browser to one of our endpoints. However, sending a request to an endpoint from a browser inherently means that the API key has been exposed to the patient, meaning anyone could create cases as if they were the storefront owner. For this reason, there must be a server to relay the request and inject the key to keep it safe.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article