NPPES + PECOS rows
Approximate serving-table rows counted separately; not unique entities or FHIR-resource coverage.
Refresh lag
Federal CMS source files pulled on a daily schedule.
FHIR resources
Practitioner · Organization · Location · PractitionerRole · HealthcareService
Sandbox · instant access
Get a read-only sandbox token in seconds. The sandbox serves 200 real provider records drawn from CMS data. Production keys require a pilot agreement and optionally a BAA.
Quickstart · 60 seconds
One request to look up a provider.
Pass an NPI in the identifier parameter. The response is a FHIR R4 Practitioner bundle. When source metadata is available, the resource can expose response-level tags on meta.tag; those tags are not individual-field signatures.
curl https://fonteum.com/api/fhir/r4/Practitioner?identifier=1234567890 \ -H "Authorization: Bearer $FONTEUM_API_KEY" \ -H "Accept: application/fhir+json"
Capability statement
US Core 6.1.0. Five resources. One endpoint.
The CapabilityStatement at /api/fhir/r4/metadata declares all supported interactions, search parameters, and conformance profiles. Supported resources may expose a nullable provenance block on meta.tag; availability varies by resource builder and source.
Practitioner
/api/fhir/r4/Practitioner
Individual clinician identity from the CMS federal practitioner registry — NPI, taxonomy, address, qualifications.
Organization
/api/fhir/r4/Organization
Practice groups and facility entities keyed by NPI-2 and CMS CCN.
Location
/api/fhir/r4/Location
Physical practice addresses linked to Practitioner and Organization resources.
PractitionerRole
/api/fhir/r4/PractitionerRole
Role binding — connects a Practitioner to an Organization at a Location.
HealthcareService
/api/fhir/r4/HealthcareService
Services offered by a facility or practitioner, with specialty coding.
FONTEUM API
Stable URIs. Snapshot attestations where present. Versioned methodology.
Auth flow
SMART on FHIR backend services. No redirect required.
Server-to-server apps use the SMART Backend Services profile. No user login, no OAuth redirect flow. Generate a JWT signed with your RS384 private key and post it to the token endpoint.
# 1. Build the client assertion JWT (RS384)
{
"iss": "<client_id>",
"sub": "<client_id>",
"aud": "https://fonteum.com/api/fhir/r4/token",
"exp": <unix_timestamp + 300>,
"jti": "<unique_id>"
}
# 2. Exchange for an access token
curl -X POST https://fonteum.com/api/fhir/r4/token \
-d "grant_type=client_credentials" \
-d "client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer" \
-d "client_assertion=<signed_jwt>" \
-d "scope=system/Practitioner.read"Webhook subscriptions
Get notified when a provider record changes.
FHIR R4 Subscription resources let you register a channel and receive a ping whenever a Practitioner or Organization resource changes. The notification payload can carry the updated resource and the provenance fields available for that event. Available to pilot customers — request access at /pilot-intake.
Status & SLA
Performance and source freshness are measured separately.
38 ms
p50 latency
142 ms
p95 latency
290 ms
p99 latency
99.9 %
Uptime target
SLA applies to pilot and production tiers. Latency is measured at the API gateway. Source data refresh lag is separately tracked at /freshness.
Build toward a use case
The same REST and provenance contract powers three jobs compliance and risk teams buy on: