{"activeVersionTag":"latest","latestAvailableVersionTag":"latest","collection":{"info":{"_postman_id":"3fc21756-a047-4c84-ba52-581faa39d6b3","name":"CarePredict Integration API","description":"<img src=\"https://content.pstmn.io/97208f60-e2be-4332-aec8-8eec614fa195/Q2FyZVByZWRpY3RfSG9yaXpvbnRhbCBMb2dvLnBuZw==\">\n\n---\n\n## Overview\n\nCarePredict started as an idea from our founder Satish Movva who wanted to provide better care for his aging parents while ensuring peace of mind. Since 2013, CarePredict has evolved into a movement to transform the senior care industry, enabling proactive health interventions based on behavioral patterns.\n\nOur technology leverages AI-driven insights to predict health declines in seniors, empowering caregivers across assisted living, memory care, independent living communities, and home care settings.\n\n---\n\n## About the CarePredict Integration API\n\nThe **CarePredict Integration API** is a RESTful API designed for seamless integration with third-party applications and external partners. It enables partners to:\n\n- Retrieve facility, resident, and staff data\n    \n- Access AI-driven risk analytics and social interaction metrics\n    \n- Submit device events from wireless nurse call systems and IoT hardware\n    \n- Authenticate securely using a two-legged server-to-server flow\n    \n\nAll API responses are **JSON-encoded** and follow standard HTTP response codes.\n\n> Once granted credentials, all API users will have access to a **sandbox environment** to interact with realistic data before going live. \n  \n\n---\n\n## Collection Structure\n\n| Folder | Description |\n| --- | --- |\n| **Device Ingest → External-Device-Integration** | Submit hardware-triggered events (falls, bed exits, pull cords) from partner devices |\n| **Partner APIs → Authentication** | Obtain and manage bearer tokens for API access |\n| **Partner APIs → Facility** | Retrieve facility details |\n| **Partner APIs → Staff** | Retrieve staff members associated with a facility |\n| **Partner APIs → Resident** | Retrieve individual or all resident details within a facility |\n| **Partner APIs → Risk & Analytics** | Access ADL-based risk flags and social interaction analytics |\n\n---\n\n## Base URL & Environments\n\nAll requests use the `{{api_gateway_url}}` variable as the base URL. Set this variable in your active environment.\n\n| Environment | Purpose |\n| --- | --- |\n| **Production** | Live production data |\n| **Sandbox** | Pre-production validation |\n\n**Example base URL:**\n\n```\nhttps://api-gateway.carepredict.com\n\n ```\n\n---\n\n## Authentication\n\nCarePredict uses a **two-legged authentication** approach for server-to-server integration.\n\n### Step 1 — Obtain a Bearer Token\n\nSend a `POST` request to the authenticate endpoint with your credentials and `CP-Client-Secret-Key` header:\n\n``` http\nPOST {{api_gateway_url}}/auth/user/authenticate\nCP-Client-Secret-Key: {{vault:CP-Client-Secret-Key}}\nContent-Type: application/json\n{\n  \"username\": \"your_username\",\n  \"password\": \"your_password\"\n}\n\n ```\n\nA successful response returns a JWT bearer token:\n\n``` json\n{\n  \"status\": \"OK\",\n  \"message\": \"Token generated successfully\",\n  \"data\": {\n    \"token\": \"eyJhbGciOiJIUzUxMiJ9...\",\n    \"expiresInSec\": 1800\n  },\n  \"code\": 200,\n  \"timestamp\": \"2026-02-25T18:25:16.145Z\"\n}\n\n ```\n\n> Tokens expire after **1800 seconds (30 minutes)**. Re-authenticate before expiry to maintain uninterrupted access. \n  \n\n### Step 2 — Use the Token in Subsequent Requests\n\nAll Partner API requests use the bearer token via the `Authorization` header. This collection is pre-configured to use `{{vault:auth_token}}` at the collection level — store your token there.\n\n``` http\nAuthorization: Bearer {{vault:auth_token}}\n\n ```\n\n### Device Ingest Authentication (Different Flow)\n\nThe **Device Ingest** endpoints use a different authentication mechanism — a `CP-Client-Secret-Key` header instead of a bearer token:\n\n``` http\nCP-Client-Secret-Key: {{vault:CP-Client-Secret-Key}}\n\n ```\n\n---\n\n## Variable Reference Guide\n\n### Environment Variables\n\n| Variable | Description | Example |\n| --- | --- | --- |\n| `api_gateway_url` | Base URL of the CarePredict API Gateway | `https://api.carepredict.com` |\n| `facilityId` | Unique identifier for the target facility | `1292` |\n| `resident_id` | Unique identifier for a specific resident | `64186` |\n| `username` | Username for authentication | `cp_developer` |\n| `token` | Active bearer token (set after authentication) | `eyJhbGci...` |\n\n### Vault Variables (Secrets — stored securely in Postman Vault)\n\n| Variable | Description | Used In |\n| --- | --- | --- |\n| `vault:auth_token` | Bearer token for Partner API authentication | All Partner API requests |\n| `vault:CP-Client-Secret-Key` | Partner secret key for Device Ingest authentication | Device Ingest requests, AuthenticateUser |\n| `vault:integration-partner-name` | Integration partner identifier used in Device Ingest URL path | DeviceEvents |\n| `vault:facilityId` | Facility ID stored securely for sensitive endpoints | Risk Flags, Device Ingest |\n| `vault:residentId` | Resident ID stored securely for sensitive endpoints | Social Interaction by Resident |\n\n> **Security Note:** Vault variables are encrypted and never exposed in plain text. Never store secrets in environment variables — always use Postman Vault for sensitive values. \n  \n\n---\n\n## Rate Limiting\n\nThe CarePredict API enforces rate limiting on all endpoints. Rate limit details are returned in response headers:\n\n| Header | Description |\n| --- | --- |\n| `X-RateLimit-Remaining` | Number of requests remaining in the current window |\n| `X-RateLimit-Burst-Capacity` | Maximum burst capacity (default: `20`) |\n| `X-RateLimit-Replenish-Rate` | Rate at which tokens replenish per second (default: `10`) |\n| `X-RateLimit-Requested-Tokens` | Tokens consumed by the current request |\n\n**Best Practice:** Monitor `X-RateLimit-Remaining` in your integration. If it approaches `0`, implement exponential backoff before retrying.\n\n---\n\n## Standard Response Envelope\n\nAll API responses follow a consistent envelope structure:\n\n``` json\n{\n  \"code\": 200,\n  \"status\": \"OK\",\n  \"timestamp\": \"2026-02-25T18:25:16.145Z\",\n  \"data\": { ... },\n  \"message\": \"Human-readable result message\"\n}\n\n ```\n\n| Field | Type | Description |\n| --- | --- | --- |\n| `code` | `integer` | HTTP status code mirrored in the body |\n| `status` | `string` | HTTP status text (e.g., `\"OK\"`, `\"Bad Request\"`) |\n| `timestamp` | `string` | ISO 8601 UTC timestamp of the response |\n| `data` | `object/array` | The response payload |\n| `message` | `string` | Human-readable description of the result |\n\n---\n\n## Error Codes & Handling\n\n| HTTP Code | Meaning | Common Cause |\n| --- | --- | --- |\n| `400 Bad Request` | Invalid request payload | Missing required fields, malformed JSON |\n| `401 Unauthorized` | Authentication failed | Missing, expired, or invalid token/secret key |\n| `403 Forbidden` | Access denied | Insufficient permissions for the requested resource |\n| `404 Not Found` | Resource not found | Invalid `facilityId`, `residentId`, or endpoint path |\n| `500 Internal Server Error` | Server-side error | Unexpected error on the CarePredict platform |\n| `503 Service Unavailable` | Temporary overload | Spike in API traffic — retry after \\~5 minutes |\n\n**Error Response Example:**\n\n``` json\n{\n  \"code\": 401,\n  \"status\": \"Unauthorized\",\n  \"timestamp\": \"2025-04-14T22:05:41.873Z\",\n  \"error\": {\n    \"message\": \"Unauthorized: Invalid client secret key or 'CP-Client-Secret-Key' header is missing\"\n  }\n}\n\n ```\n\n---\n\n## HIPAA Compliance\n\nCarePredict takes data privacy and security seriously. All API consumers must adhere to the following:\n\n1. Much of the data accessible via the CarePredict API is considered **Protected Health Information (PHI)** under HIPAA.\n    \n2. All API access is secured via **SSL/TLS**.\n    \n3. Data stored by CarePredict is **Encrypted-At-Rest**.\n    \n4. An account must be created by the CarePredict support team before any user can access the API.\n    \n5. Any organization wishing to access the API must sign a **Business Associate Agreement (BAA)** with CarePredict prior to gaining access.\n    \n6. Access to specific data types is granted on a **client-by-client basis** based on integration requirements.\n    \n\n---\n\n## Getting Started\n\n### Quick Start — Authenticate and Fetch Residents\n\n``` http\n# Step 1: Authenticate\nPOST {{api_gateway_url}}/auth/user/authenticate\nCP-Client-Secret-Key: {{vault:CP-Client-Secret-Key}}\nContent-Type: application/json\n{\"username\": \"{{username}}\", \"password\": \"your_password\"}\n# Step 2: Copy the token from the response and store it in vault:auth_token\n# Step 3: Fetch all residents for a facility\nGET {{api_gateway_url}}/integration/facility/{{facilityId}}/resident/all\nAuthorization: Bearer {{vault:auth_token}}\n\n ```\n\n### Quick Start — Submit a Device Event\n\n``` http\nPOST {{api_gateway_url}}/external-device/v1/integration/{{vault:integration-partner-name}}/facilities/{{vault:facilityId}}/device-events\nCP-Client-Secret-Key: {{vault:CP-Client-Secret-Key}}\nContent-Type: application/json\n{\n  \"uniqueHardwareId\": \"DEVICE-001\",\n  \"hardwareType\": \"pull_cord\",\n  \"hardwareLocation\": \"Room 212\",\n  \"eventType\": \"start\"\n}\n\n ```\n\n---\n\n## Getting Credentials & Support\n\nThe CarePredict APIs are actively maintained by the CarePredict Software Development Team.\n\n📧 Contact us at [support@carepredict.com](https://mailto:support@carepredict.com) to:\n\n- Request API access and credentials\n    \n- Sign the Business Associate Agreement\n    \n- Get sandbox environment access\n    \n- Report issues or request new features","schema":"https://schema.getpostman.com/json/collection/v2.0.0/collection.json","isPublicCollection":false,"owner":"17768501","team":4031031,"collectionId":"3fc21756-a047-4c84-ba52-581faa39d6b3","publishedId":"2sAYX3q3Fd","public":true,"publicUrl":"https://api-docs.carepredict.com","privateUrl":"https://go.postman.co/documentation/17768501-3fc21756-a047-4c84-ba52-581faa39d6b3","customColor":{"top-bar":"FFFFFF","right-sidebar":"303030","highlight":"FF6C37"},"documentationLayout":"classic-double-column","customisation":{"metaTags":[{"name":"description","value":""},{"name":"title","value":""}],"appearance":{"default":"light","themes":[{"name":"dark","logo":null,"colors":{"top-bar":"212121","right-sidebar":"303030","highlight":"FF6C37"}},{"name":"light","logo":null,"colors":{"top-bar":"FFFFFF","right-sidebar":"303030","highlight":"FF6C37"}}]}},"version":"8.10.0","publishDate":"2025-06-18T16:42:08.000Z","activeVersionTag":"latest","documentationTheme":"light","metaTags":{"title":"","description":""},"logos":{"logoLight":null,"logoDark":null}},"statusCode":200},"environments":[],"user":{"authenticated":false,"permissions":{"publish":false}},"run":{"button":{"js":"https://run.pstmn.io/button.js","css":"https://run.pstmn.io/button.css"}},"web":"https://www.getpostman.com/","team":{"logo":"https://res.cloudinary.com/postman/image/upload/t_team_logo_pubdoc/v1/team/dc8ecbb7301b7a9a6ec96771eba0af8606d8ff6503c879d95ea1c1e47e83c82b","favicon":"https://res.cloudinary.com/postman/image/upload/v1694107678/team/jtiuyofbq5gcrpy5dy5h.ico"},"isEnvFetchError":false,"languages":"[{\"key\":\"csharp\",\"label\":\"C#\",\"variant\":\"HttpClient\"},{\"key\":\"csharp\",\"label\":\"C#\",\"variant\":\"RestSharp\"},{\"key\":\"curl\",\"label\":\"cURL\",\"variant\":\"cURL\"},{\"key\":\"dart\",\"label\":\"Dart\",\"variant\":\"http\"},{\"key\":\"go\",\"label\":\"Go\",\"variant\":\"Native\"},{\"key\":\"http\",\"label\":\"HTTP\",\"variant\":\"HTTP\"},{\"key\":\"java\",\"label\":\"Java\",\"variant\":\"OkHttp\"},{\"key\":\"java\",\"label\":\"Java\",\"variant\":\"Unirest\"},{\"key\":\"javascript\",\"label\":\"JavaScript\",\"variant\":\"Fetch\"},{\"key\":\"javascript\",\"label\":\"JavaScript\",\"variant\":\"jQuery\"},{\"key\":\"javascript\",\"label\":\"JavaScript\",\"variant\":\"XHR\"},{\"key\":\"c\",\"label\":\"C\",\"variant\":\"libcurl\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Axios\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Native\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Request\"},{\"key\":\"nodejs\",\"label\":\"NodeJs\",\"variant\":\"Unirest\"},{\"key\":\"objective-c\",\"label\":\"Objective-C\",\"variant\":\"NSURLSession\"},{\"key\":\"ocaml\",\"label\":\"OCaml\",\"variant\":\"Cohttp\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"cURL\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"Guzzle\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"HTTP_Request2\"},{\"key\":\"php\",\"label\":\"PHP\",\"variant\":\"pecl_http\"},{\"key\":\"powershell\",\"label\":\"PowerShell\",\"variant\":\"RestMethod\"},{\"key\":\"python\",\"label\":\"Python\",\"variant\":\"http.client\"},{\"key\":\"python\",\"label\":\"Python\",\"variant\":\"Requests\"},{\"key\":\"r\",\"label\":\"R\",\"variant\":\"httr\"},{\"key\":\"r\",\"label\":\"R\",\"variant\":\"RCurl\"},{\"key\":\"ruby\",\"label\":\"Ruby\",\"variant\":\"Net::HTTP\"},{\"key\":\"shell\",\"label\":\"Shell\",\"variant\":\"Httpie\"},{\"key\":\"shell\",\"label\":\"Shell\",\"variant\":\"wget\"},{\"key\":\"swift\",\"label\":\"Swift\",\"variant\":\"URLSession\"}]","languageSettings":[{"key":"csharp","label":"C#","variant":"HttpClient"},{"key":"csharp","label":"C#","variant":"RestSharp"},{"key":"curl","label":"cURL","variant":"cURL"},{"key":"dart","label":"Dart","variant":"http"},{"key":"go","label":"Go","variant":"Native"},{"key":"http","label":"HTTP","variant":"HTTP"},{"key":"java","label":"Java","variant":"OkHttp"},{"key":"java","label":"Java","variant":"Unirest"},{"key":"javascript","label":"JavaScript","variant":"Fetch"},{"key":"javascript","label":"JavaScript","variant":"jQuery"},{"key":"javascript","label":"JavaScript","variant":"XHR"},{"key":"c","label":"C","variant":"libcurl"},{"key":"nodejs","label":"NodeJs","variant":"Axios"},{"key":"nodejs","label":"NodeJs","variant":"Native"},{"key":"nodejs","label":"NodeJs","variant":"Request"},{"key":"nodejs","label":"NodeJs","variant":"Unirest"},{"key":"objective-c","label":"Objective-C","variant":"NSURLSession"},{"key":"ocaml","label":"OCaml","variant":"Cohttp"},{"key":"php","label":"PHP","variant":"cURL"},{"key":"php","label":"PHP","variant":"Guzzle"},{"key":"php","label":"PHP","variant":"HTTP_Request2"},{"key":"php","label":"PHP","variant":"pecl_http"},{"key":"powershell","label":"PowerShell","variant":"RestMethod"},{"key":"python","label":"Python","variant":"http.client"},{"key":"python","label":"Python","variant":"Requests"},{"key":"r","label":"R","variant":"httr"},{"key":"r","label":"R","variant":"RCurl"},{"key":"ruby","label":"Ruby","variant":"Net::HTTP"},{"key":"shell","label":"Shell","variant":"Httpie"},{"key":"shell","label":"Shell","variant":"wget"},{"key":"swift","label":"Swift","variant":"URLSession"}],"languageOptions":[{"label":"C# - HttpClient","value":"csharp - HttpClient - C#"},{"label":"C# - RestSharp","value":"csharp - RestSharp - C#"},{"label":"cURL - cURL","value":"curl - cURL - cURL"},{"label":"Dart - http","value":"dart - http - Dart"},{"label":"Go - Native","value":"go - Native - Go"},{"label":"HTTP - HTTP","value":"http - HTTP - HTTP"},{"label":"Java - OkHttp","value":"java - OkHttp - Java"},{"label":"Java - Unirest","value":"java - Unirest - Java"},{"label":"JavaScript - Fetch","value":"javascript - Fetch - JavaScript"},{"label":"JavaScript - jQuery","value":"javascript - jQuery - JavaScript"},{"label":"JavaScript - XHR","value":"javascript - XHR - JavaScript"},{"label":"C - libcurl","value":"c - libcurl - C"},{"label":"NodeJs - Axios","value":"nodejs - Axios - NodeJs"},{"label":"NodeJs - Native","value":"nodejs - Native - NodeJs"},{"label":"NodeJs - Request","value":"nodejs - Request - NodeJs"},{"label":"NodeJs - Unirest","value":"nodejs - Unirest - NodeJs"},{"label":"Objective-C - NSURLSession","value":"objective-c - NSURLSession - Objective-C"},{"label":"OCaml - Cohttp","value":"ocaml - Cohttp - OCaml"},{"label":"PHP - cURL","value":"php - cURL - PHP"},{"label":"PHP - Guzzle","value":"php - Guzzle - PHP"},{"label":"PHP - HTTP_Request2","value":"php - HTTP_Request2 - PHP"},{"label":"PHP - pecl_http","value":"php - pecl_http - PHP"},{"label":"PowerShell - RestMethod","value":"powershell - RestMethod - PowerShell"},{"label":"Python - http.client","value":"python - http.client - Python"},{"label":"Python - Requests","value":"python - Requests - Python"},{"label":"R - httr","value":"r - httr - R"},{"label":"R - RCurl","value":"r - RCurl - R"},{"label":"Ruby - Net::HTTP","value":"ruby - Net::HTTP - Ruby"},{"label":"Shell - Httpie","value":"shell - Httpie - Shell"},{"label":"Shell - wget","value":"shell - wget - Shell"},{"label":"Swift - URLSession","value":"swift - URLSession - Swift"}],"layoutOptions":[{"value":"classic-single-column","label":"Single Column"},{"value":"classic-double-column","label":"Double Column"}],"versionOptions":[],"environmentOptions":[{"value":"0","label":"No Environment"}],"canonicalUrl":"https://api-docs.carepredict.com/view/metadata/2sAYX3q3Fd"}