Mira
Español

Call us directly

801-341-9304
Developer Platform

Build on Mira™.

REST API + webhooks for agencies that want to integrate Mira™ into their stack. HIPAA-compliant, SSO-ready, OAuth2-secured.

Capabilities

What you can do

The Mira™ API exposes the same surfaces your staff uses in the portal — fully programmable so you can embed billing intelligence directly into your EHR, agency management system, or custom workflow.

Patient Sync

Create, update, and query patient demographics, insurance coverage, and care-plan metadata in real time.

Claim Submission

Submit professional and institutional claims, attach encounter data, and poll for payer adjudication status.

Webhook Events

Subscribe to claim-status changes, denial alerts, payment postings, and patient-record updates via signed HTTP webhooks.

AI Feature Endpoints

Trigger denial-prediction scoring, AI-assisted claim coding, IDG brief generation, and audit-anomaly detection from your own workflows.

Getting Started

Quick Start

Hostname notice: API examples reference api.usemirahealth.com; the API host migrates from api.cpsbilling.* in a separate release. Existing integrations are not affected.

1. Obtain an API key

Navigate to Portal → Settings → API Keys to create a new key. Keys are prefixed with mira_sk_ and shown in full only once — store them in a secrets manager.

2. Your first request — patient sync (curl)

List patients — curl
curl -X GET https://api.usemirahealth.com/v2/patients \
  -H "Authorization: Bearer mira_sk_a1b2c3d4e5f6..." \
  -H "Content-Type: application/json"

3. Submit a claim (curl)

POST /v2/claims — curl
curl -X POST https://api.usemirahealth.com/v2/claims \
  -H "Authorization: Bearer mira_sk_a1b2c3d4e5f6..." \
  -H "Content-Type: application/json" \
  -d '{
    "patientId": "pat_01HXZ9R...",
    "encounterId": "enc_01HXZ9S...",
    "billingCodes": ["99213", "Z79.899"],
    "diagnosisCodes": ["E11.9"]
  }'

4. Using the JavaScript SDK

Install the SDK with npm install @mira-ai/sdk, then:

quickstart.mjs — JavaScript
import { MiraClient } from '@mira-ai/sdk';

const mira = new MiraClient({ apiKey: process.env.MIRA_API_KEY });

// Sync a patient
const patient = await mira.patients.create({
  firstName: 'Jane',
  lastName: 'Doe',
  dob: '1980-04-15',
  mrn: 'MRN-00123',
});

// Submit a claim
const claim = await mira.claims.submit({
  patientId: patient.id,
  encounterId: 'enc_01HXZ9S...',
  billingCodes: ['99213'],
});

console.log('Claim ID:', claim.id);

5. Webhook events

Register an HTTPS endpoint in Portal → Webhooks. Mira™ signs every delivery with a Mira-Signature header (HMAC-SHA256). Example payload:

claim.status_changed webhook
POST https://your-endpoint.example.com/webhooks/mira
Content-Type: application/json
Mira-Signature: sha256=...

{
  "event": "claim.status_changed",
  "timestamp": "2026-06-09T14:22:00Z",
  "data": {
    "claimId": "clm_01HXZ9T...",
    "previousStatus": "submitted",
    "newStatus": "approved",
    "payer": "Medicare"
  }
}
Security

Auth + SSO Overview

API Keys

Long-lived secrets for server-to-server integrations. Scoped to read, write, or admin. Rotate any time from the portal.

OAuth 2.0

Authorization-code flow for user-delegated access. Issue short-lived access tokens (15 min) + refresh tokens (30 days). Supports PKCE for public clients.

SSO / SAML

Enterprise SSO via Azure AD B2C + SAML 2.0 federation. Staff authenticate through your existing IdP — no separate Mira™ password. SCIM provisioning available on Enterprise plans.

OAuth 2.0 Authorization Flow

OAuth 2.0 authorization-code + PKCE
# 1. Redirect user to authorization
GET https://auth.usemirahealth.com/oauth2/authorize
  ?response_type=code
  &client_id=YOUR_CLIENT_ID
  &redirect_uri=https://your-app.com/callback
  &scope=claims:read+claims:write+patients:read
  &state=RANDOM_STATE_TOKEN

# 2. Exchange code for tokens
POST https://auth.usemirahealth.com/oauth2/token
Content-Type: application/x-www-form-urlencoded

grant_type=authorization_code
&code=AUTH_CODE
&redirect_uri=https://your-app.com/callback
&client_id=YOUR_CLIENT_ID
&client_secret=YOUR_CLIENT_SECRET

HIPAA Compliance

All API traffic is TLS 1.2+ encrypted in transit. PHI at rest uses AES-256. Mira™ operates as a HIPAA Business Associate — a BAA is available for all paid plans. API audit logs are immutable and retained for 7 years.

Reference

API Reference & OpenAPI Docs

The complete API surface is described in an OpenAPI 3.1 specification. Use it to generate typed client libraries, import into Postman / Insomnia, or power your own tooling.

API Key Scope Permissions
read Read-only access to all endpoints
write Read + create/update access
admin Full access including webhook + SSO management

Ready to build?

Create an API key in the portal and start integrating in minutes. Questions? Our developer support team is one message away.