Production readiness | Collate API Documentation

Use this checklist before sending live prior-authorization traffic through Collate.

Keep production API keys server-side. Log only sanitized request and response details, and never send unsanitized PHI or credentials to support.

Readiness checklist

Separate environments

Use separate API keys for sandbox and production. Make the base URL an environment-specific setting, not a hard-coded value.

Environment	Base URL
Sandbox	`https://api.sandbox.trycollate.ai`
Production	`https://api.trycollate.ai`

Verify provider setup

Confirm that every production providerNpi is visible to your organization and can resolve the payer routes you plan to send.

Use Choose a route and create for route validation.

Validate route coverage

For each payer, coverage state, request type, and service-code family you plan to send, verify that route resolution succeeds in the target environment.

Map questionnaires from returned linkIds

Treat the current questionnaire returned by the authorization as the answer contract. Store source-system mappings by route context when items vary by payer or service.

Exercise files and final approval

Upload, complete, and attach real document types in sandbox. Confirm that your approval workflow handles approve_submission and stale snapshots.

Prepare operations

Log the environment, authorization ID, current status, current nextAction, current version, request ID, and sanitized payload details for support and replay.

Go-live criteria

Area	Ready when
Authentication	Production keys are server-side and scoped to the correct organization.
Routing	Every planned provider, payer, state, request type, and service code resolves.
Requirements	Your integration can satisfy returned questionnaire items and document blockers.
Concurrency	`If-Match` retry behavior is implemented for mutable authorization writes.
Final approval	Reviewers can inspect and approve `submission.reviewSnapshot`.
Manual handoff	Operators can accept, access, close, and revoke handoffs when requested.
Polling	Automated jobs use bounded polling and back off while Collate or the payer owns the next step.
Support	Logs include enough sanitized context to diagnose failed or stuck cases.

Launch path

Environments

Understand sandbox, production, and safety gates.

Errors

Build recovery around typed error.code values.

Authorization lifecycle

Confirm your polling and action loop.