Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.trycollate.ai/llms.txt

Use this file to discover all available pages before exploring further.

The Prior Auth API is an HTTP+JSON API. Every endpoint accepts JSON request bodies and returns JSON responses, with HTTP status codes following standard conventions.

Base URLs

EnvironmentBase URL
Sandboxhttps://api.sandbox.trycollate.ai
Productionhttps://api.trycollate.ai
Sandbox and production use separate API keys. See Environments.

Authentication

Authenticate every request with a bearer token: 
Authorization: Bearer <API_KEY>
Only GET /health is public. Every other /v1/* endpoint returns 401 unauthorized without a valid key.

Idempotency

Send a unique Idempotency-Key header on every command-style POST:
  • POST /v1/prior-auth/authorizations
  • POST /v1/prior-auth/authorizations/{authorizationId}/attachments
  • POST /v1/prior-auth/authorizations/{authorizationId}/confirm
  • POST /v1/prior-auth/authorizations/{authorizationId}/cancel
Reusing the same key with the same request body returns the original result. Reusing it with a different body returns 409 idempotency_key_reused.

Concurrency

Mutable authorization operations require optimistic concurrency. Send the current authorization version as a quoted entity tag: 
If-Match: "17"
Stale tags return 409 version_conflict. Re-read the authorization, refresh your local snapshot, and retry with the current version.

Pagination

List endpoints use cursor pagination.
ParameterTypeDefault
limitinteger (1–100)25
cursorstring
The response includes pagination.nextCursor when another page is available.

Errors

Every error response uses a single envelope: 
{
  "error": {
    "code": "version_conflict",
    "message": "Authorization version does not match If-Match.",
    "retryable": false,
    "details": { "expectedVersion": 2, "actualVersion": 3 },
    "issues": []
  },
  "requestId": "req_123"
}
Match error.code to recover. See Errors and troubleshooting for the full catalog and recovery steps.

Files

The attachment flow is:
  1. POST /v1/files
  2. PUT <upload.url>
  3. POST /v1/files/{fileId}/complete
  4. POST /v1/prior-auth/authorizations/{authorizationId}/attachments
See Attaching files for the full walkthrough.