Sentinel Signal API

Workflow intelligence for healthcare claims.

Version: v1

Base URL: https://api.sentinelsignal.io/v1

Home Get an API key Hosted MCP MCP Verify Portal blog Portal documents Open Swagger

Quick Start

Start with healthcare.denial for claim routing, then expand into prior-auth or reimbursement workflows.

MCP Quickstart (Agents)

Hosted workflow intelligence MCP:

Remote endpoint: https://mcp.sentinelsignal.io/mcp

Smithery listing: @sentinelsignal/scoring (listing page)

Free no-signup trial key: POST https://token.sentinelsignal.io/v1/keys/trial

Hosted client guide: /portal/track/mcp-quickstart

MCP Verify index: /portal/track/verify

Trial key flow: /portal/track/trial-key

Install and run the local MCP server:

uvx sentinel-signal-mcp

Hosted remote MCP endpoint (Streamable HTTP): https://mcp.sentinelsignal.io/mcp

Smithery listing: @sentinelsignal/scoring (gateway URL)

Drop this MCP config into Claude Desktop, Cursor, or Windsurf (same config shape):

{
  "mcpServers": {
    "sentinel-signal": {
      "command": "uvx",
      "args": ["sentinel-signal-mcp"],
      "env": {
        "SENTINEL_BASE_URL": "https://api.sentinelsignal.io",
        "SENTINEL_TOKEN_BASE_URL": "https://token.sentinelsignal.io"
      }
    }
  }
}

SENTINEL_API_KEY is optional. If omitted, the local MCP server auto-mints a trial key via POST https://token.sentinelsignal.io/v1/keys/trial. PyPI: sentinel-signal-mcp. Smithery-hosted connections collect the key and forward it as x-sentinel-api-key.

ChatGPT, Claude, and Smithery setup steps plus copy-paste prompts live at /portal/track/mcp-quickstart. Reviewer package: Anthropic Connectors Directory Reviewer Kit.

Canonical Demo Flows

Trial key -> first healthcare score -> verify limits and usage
Hosted MCP -> score_workflow for denial review or reimbursement analysis inside an agent runtime
Same-key upgrade -> Stripe checkout -> continue calling the same API key

Detailed walkthrough: Three Demo Flows for Denial-Risk Triage.

1. Get an API Key

Fastest path: mint an instant no-signup trial key with POST /v1/keys/trial (no auth required).

curl -X POST https://token.sentinelsignal.io/v1/keys/trial

Trial keys can call workflow discovery and scoring surfaces: GET /v1/workflows, GET /v1/workflows/{workflow}/schema, POST /v1/workflows/{workflow}/validate, POST /v1/score, POST /v1/score/batch, GET /v1/limits, and GET /v1/usage, then upgrade the same key via POST /v1/billing/checkout-session (Bearer trial key) when quota is exhausted.

Start free via dashboard self-serve signup/login, then create a key under /v1/control-plane/workspace/api-keys.

Admin-assisted issuance remains available via POST /v1/apikeys/issue.

Self-serve onboarding is available through dashboard auth endpoints: POST /v1/control-plane/auth/signup, POST /v1/control-plane/auth/login, and workspace/key lifecycle under /v1/control-plane.

One-time setup links remain available for admin-assisted onboarding.

Workspace rename/update uses POST /v1/control-plane/workspace with payload {"workspace_name":"..."}.

For paid plans, start Stripe Checkout from /portal/dashboard (self-serve), use POST /v1/billing/checkout-session (API-key-auth trial upgrade), or use POST /v1/billing/checkout/session (admin flow).

Include the key in all requests:

Authorization: Bearer YOUR_API_KEY

Field Mapping Quickstart (Caller-Owned IDs)

These values come from your claim source system and should stay stable across requests. They are not API credentials.

provider_id: provider master key from your source system
payer_id: payer/plan master key from your source system
patient_id (optional): patient/member key (tokenized or hashed is acceptable)
place_of_service (optional): 2-digit CMS POS code such as 11, 22, or 23

Drop-in mapping templates for common source shapes:

// Template A: 837 / clearinghouse style row
{
  "provider_id": 1021,
  "payer_id": 44,
  "patient_id": "PT00012345",
  "place_of_service": "11"
}

// Template B: EHR encounter + charge export
{
  "provider_id": 30455,
  "payer_id": 2207,
  "patient_id": "MRN-009871",
  "place_of_service": "22"
}

// Template C: Internal work-queue row (tokenized member id)
{
  "provider_id": 88,
  "payer_id": 901,
  "patient_id": "tok_7f3a4b2c",
  "place_of_service": "23"
}

Launch note: Caller-Owned IDs and Validate-First Guard for Faster Integrations.

2. Make Your First Request

curl https://api.sentinelsignal.io/v1/score \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "workflow": "healthcare.denial",
    "payload": {
      "external_claim_id": "CLM-SS-0001",
      "service_date": "2026-02-14",
      "provider_id": 1021,
      "payer_id": 44,
      "cpt_code": "99213",
      "icd10_code": "E119",
      "billed_amount": 250.00,
      "place_of_service": "11",
      "network_status": "in_network"
    },
    "options": {
      "operating_point": "high_recall",
      "distribution_profile": "commercial_beta"
    }
  }'

3. Response

{
  "workflow": "healthcare.denial",
  "score": 0.81,
  "risk_level": "high",
  "confidence": 0.92,
  "model_version": "0.3.3",
  "explanation": {
    "top_factors": [...]
  },
  "details": {
    "workflow": "healthcare.denial",
    "denial": {
      "denial_probability": 0.81,
      "operating_point": "high_recall",
      "distribution_profile": "commercial_beta",
      "routing_source": "explicit"
    }
  },
  "scored_at": "2026-02-14T12:00:00Z"
}

4. Check Usage and Limits

GET /v1/limits
GET /v1/usage

Workflow Discovery and Validation

Use workflow metadata to remove guesswork before the first score.

# 1) Discover workflows and pull the canonical payload schema
GET /v1/workflows
GET /v1/workflows/healthcare.denial/schema

# 2) Validate candidate payloads (no scoring call consumed)
POST /v1/workflows/healthcare.denial/validate

# 3) Submit validated payloads
POST /v1/score
POST /v1/score/batch

GET /v1/workflows/{workflow}/schema returns required fields, optional fields, the request schema, and an example payload. POST /v1/workflows/{workflow}/validate returns normalized payload output and structured validation errors without consuming a scoring call.

Example validation failure to catch early: place_of_service must be a 2-digit POS code, so values like OFFICE should fail at validation before you call /v1/score.

5. Submit Outcome Feedback (Optional)

Use the scoring response x-request-id when posting feedback telemetry:

POST /v1/feedback
{
  "request_id": "<x-request-id-from-score-response>",
  "endpoint": "denial",
  "observed_outcome": "denied",
  "expected_outcome": "paid",
  "confidence_mismatch": true,
  "notes": "Unexpected denial after review"
}

Feedback calls are telemetry-only and are not counted as billable scoring calls.

Launch Notes

Portal launch notes live alongside the docs so operators can track new endpoints, hosted MCP changes, and distribution updates without leaving the documentation surface.

Core Concepts

Scoring Call

A scoring call is one successful 2xx response from a scoring endpoint. POST /v1/score is the primary path; legacy scoring endpoints are also billable.

Every successful scoring call increments metered usage for the authenticated API key.

OpenAPI marks billable scoring operations with x-billable: true and x-meter: scoring_calls.

Each call returns:

score - unified score (probability for denial and prior-auth; normalized risk for reimbursement)
risk_level - categorical interpretation
confidence - model confidence estimate
model_version - version identifier
explanation - top contributing factors
details - workflow-specific detail object (denial, prior_auth, reimbursement)

Each scoring response also returns an x-request-id header used for support correlation and feedback submission.

Determinism

Given:

Identical payload
Identical workflow
Identical model_version

The output will be identical.

Versioning

Models are versioned.

Each response includes:

model_version

You may pin a version explicitly.

Optional request controls are passed in options (model_version, allow_fallback, operating_point, distribution_profile).

Denial supports regime-aware routing: set options.distribution_profile (synthetic_v1, cms_v1, commercial_beta) when known.

Regime-specific denial model pins are frozen in contracts for synthetic_v1 and cms_v1; runtime default remains commercial_beta.

If no explicit profile is provided, routing uses payload.data_source hint first, then auto-detection (CPT pattern, allowed-amount band, payer id bucket).

Denial responses include details.denial.distribution_profile and details.denial.routing_source for routing auditability.

Workflows

payload schema depends on workflow; validation is applied per workflow.

OpenAPI includes x-workflowSchemas metadata to map workflow ids to payload schemas.

GET /v1/workflows is the discovery index. Then call GET /v1/workflows/{workflow}/schema or POST /v1/workflows/{workflow}/validate before the first score if you want schema-driven onboarding.

healthcare.denial

Predicts claim denial risk using structured claim attributes.

Payload fields:

Field	Type	Required
external_claim_id	string	yes
service_date	date	yes
provider_id	integer	yes
payer_id	integer	yes
cpt_code	string (5 digits)	yes
icd10_code	string	yes
billed_amount	number	yes

Future workflows will follow the same API surface.

Authentication

API keys are required.

Header:

Authorization: Bearer <key>

Rate limits apply per key.

Rate Limits

Trial / free:

1,000 calls/month
1 req/sec with burst 5
1 in-flight scoring request per trial key

Paid:

Usage-based
Higher concurrency

429 is used for throttling. Trial monthly quota exhaustion returns 402 with an upgrade_url.

Use GET /v1/limits and GET /v1/usage for live usage envelopes.

Feedback API

POST /v1/feedback accepts structured, non-PHI outcome telemetry linked to prior scoring calls.

request_id must be recent and must match the caller + endpoint family.
notes are optional, short, and screened for PHI-like patterns.
Validation is backed by persisted request-id events for multi-instance consistency.

Billing & API Key Lifecycle

POST /v1/keys/trial - issue tightly-limited no-signup trial API key
POST /v1/billing/checkout-session - create Stripe Checkout session using an API key (same-key trial upgrade)
POST /v1/billing/checkout/session - create Stripe Checkout session (paid plans)
POST /v1/billing/webhooks/stripe - receive Stripe lifecycle events
GET /v1/control-plane/workspace/billing/status - dashboard session billing snapshot
POST /v1/control-plane/workspace/billing/checkout/session - dashboard session Stripe Checkout session
POST /v1/apikeys/issue - issue persistent API key
POST /v1/apikeys/{api_key_id}/revoke - revoke key
GET /v1/billing/accounts/{email}/usage - admin usage summary
GET /v1/billing/accounts/{email}/status - admin billing status (plan, renewal, payment, key-state)
POST /v1/control-plane/setup-links - create one-time setup link
POST /v1/control-plane/setup-links/redeem - redeem setup link into dashboard session
POST /v1/control-plane/auth/signup - self-serve workspace signup + session
POST /v1/control-plane/auth/login - self-serve login + session
POST /v1/control-plane/workspace - create/update workspace name ({"workspace_name":"..."})
GET/POST /v1/control-plane/workspace/api-keys - self-serve key list/create
POST /v1/control-plane/sessions/logout - revoke dashboard session token

Account-level usage reports are DB-backed and reflect flushed usage batches (eventually consistent within the batch flush interval).

Billing/account endpoints are managed by the token-service and appear in the integrated portal spec.

Free Tier

1,000 scoring calls/month
Trial keys: 1 req/sec + burst 5, 1 in-flight scoring request
No card required for trial issuance (POST /v1/keys/trial)

Paid plans use Stripe metered billing. Growth is pay-as-you-go after the included 1,000 monthly calls; Pro adds a monthly commit with lower overage rates. Trial keys can upgrade in place through Stripe Checkout.

Errors

Standard HTTP codes:

400 - invalid request
401 - missing/invalid API key
402 - billing account inactive/payment issue, or trial quota exhausted (includes upgrade URL)
409 - requested model version unavailable with fallback disabled
429 - rate limit exceeded
500 - internal error

Feedback-specific validation errors use 422 (unknown/expired request_id, endpoint mismatch, or disallowed note content).

Example error response:

{
  "detail": "Requested model_version `0.9.9` is unavailable for workflow `healthcare.denial`."
}

Governance

Sentinel Signal models:

Are calibrated
Are validated across seeds
Include drift monitoring
Are intended for decision support only

Full governance documentation available here:

/portal/governance

Changelog

v1.0.0

Initial workflow-based scoring API

v1.1.0

Added Stripe metering, API key lifecycle, and usage reporting endpoints

v1.2.0

Added structured feedback endpoint with DB-backed request-id validation for multi-instance deployments

v1.3.0

Added regime-aware denial routing with explicit distribution_profile controls and response routing metadata

v1.3.1

Published latest local/Fly 5-seed validation snapshots and dual-machine Fly runtime profile notes

v1.4.0

Added control-plane self-serve API key dashboard flow with one-time setup links and workspace sessions

Latest Validation Snapshot (2026-02-17 UTC)

Local full 5-seed pack: denial 20/25, prior-auth 20/20, reimbursement 13/15, overall p95 latency 66.87 ms.
Fly 5-seed fast pack: denial 20/25, prior-auth 20/20, reimbursement 11/15, overall p95 latency 3482.47 ms.
Fly dual-machine rerun: cross-model 6/7, overall p95 latency 529.02 ms, latency gate < 500 ms narrowly missed.
Fly dual-machine profile used in rerun: API 2 x shared 4 vCPU / 4096 MB, DB shared 4 vCPU / 4096 MB, token service shared 2 vCPU / 1024 MB (all iad).

Security Overview

API auth is enabled by default with bearer token enforcement.
Token issuance and API key lifecycle actions require admin token controls.
TLS is enforced at the Fly edge via HTTPS-only app routing.
Runtime readiness checks expose dependency status via /readyz.
Observability endpoints: /metrics (Prometheus, public, text/plain; version=0.0.4; charset=utf-8) and /metrics.json (debug snapshot, schema 1, requires metrics:read scope).

OpenAPI

Machine-readable spec available at:

/openapi.json