Blog/Prescription Verification API: Integration Guide for Developers

DevelopersFebruary 8, 2026|9 min read

Prescription Verification API: Integration Guide for Developers

RxCompliant Team

Prescription verification experts

If you are building a custom ecommerce platform or need deep integration with your existing stack, the RxCompliant REST API gives you programmatic access to prescription verification, NPI lookup, and compliance management. This guide covers authentication, core endpoints, webhooks, and best practices.

Authentication

All API requests require authentication using an API key. You can generate API keys in your RxCompliant dashboard under Settings > API Keys.

Include your API key in the Authorization header:

Authorization: Bearer rxc_live_your_api_key_here

API keys come in two flavors:

rxc_test_ — test mode keys that do not process real verifications
rxc_live_ — production keys for real verification processing

Base URL

All API endpoints are available at:

https://api.rxcompliant.com/v1

Core Endpoints

Create a Verification

To submit a prescription for verification, make a POST request with the prescription image and order details:

POST /v1/verifications
Content-Type: multipart/form-data

Fields:
  prescription_file: (binary) - The prescription image or PDF
  patient_name: "John Doe"
  order_id: "ORD-12345"
  product_id: "PROD-CPAP-001"
  product_name: "ResMed AirSense 11"

Response:

{
  "id": "ver_abc123",
  "status": "processing",
  "created_at": "2026-02-08T14:30:00Z",
  "estimated_completion": "2026-02-08T14:30:10Z"
}

Check Verification Status

GET /v1/verifications/ver_abc123

Response (completed):

{
  "id": "ver_abc123",
  "status": "approved",
  "confidence_score": 0.96,
  "created_at": "2026-02-08T14:30:00Z",
  "completed_at": "2026-02-08T14:30:08Z",
  "prescription": {
    "patient_name": "John Doe",
    "prescriber_name": "Dr. Jane Smith",
    "prescriber_npi": "1234567890",
    "npi_verified": true,
    "date": "2026-01-15",
    "expiration_date": "2027-01-15",
    "device": "CPAP Machine",
    "signature_detected": true
  },
  "checks": {
    "document_valid": true,
    "npi_active": true,
    "npi_name_match": true,
    "date_valid": true,
    "patient_name_match": true,
    "fraud_flags": []
  }
}

List Verifications

GET /v1/verifications?status=pending&limit=20&offset=0

Supports filtering by status (processing, approved, rejected, pending_review), date range, and product ID.

Manual Override

POST /v1/verifications/ver_abc123/approve
POST /v1/verifications/ver_abc123/reject

Body:
{
  "reason": "Verified by phone with prescriber's office"
}

NPI Lookup

You can also use the NPI lookup endpoint independently:

GET /v1/npi/1234567890

Response:

{
  "npi": "1234567890",
  "active": true,
  "provider_name": "Dr. Jane Smith",
  "credential": "MD",
  "specialty": "Internal Medicine",
  "practice_address": {
    "line1": "123 Medical Center Dr",
    "city": "Austin",
    "state": "TX",
    "zip": "78701"
  }
}

Webhooks

Rather than polling for verification results, configure webhooks to receive real-time notifications. Set up webhook endpoints in your dashboard under Settings > Webhooks.

Webhook payload example:

{
  "event": "verification.completed",
  "data": {
    "id": "ver_abc123",
    "status": "approved",
    "confidence_score": 0.96,
    "order_id": "ORD-12345"
  },
  "timestamp": "2026-02-08T14:30:08Z"
}

Available webhook events:

verification.completed — verification finished (approved or rejected)
verification.pending_review — verification needs manual review
verification.expired — a previously approved prescription has expired

All webhooks include an X-RxCompliant-Signature header for verifying the payload authenticity. Compute an HMAC-SHA256 of the raw request body using your webhook secret and compare it to the signature.

Error Handling

The API uses standard HTTP status codes:

200 — success
201 — created
400 — bad request (check the error message for details)
401 — invalid or missing API key
404 — resource not found
429 — rate limited (default: 100 requests/minute)
500 — server error

Error responses include a machine-readable error code and a human-readable message:

{
  "error": {
    "code": "invalid_file_type",
    "message": "Uploaded file must be a JPEG, PNG, or PDF"
  }
}

SDKs and Libraries

We provide official SDKs for common languages:

Node.js — npm install @rxcompliant/node
Python — pip install rxcompliant
PHP — composer require rxcompliant/php-sdk

Community-maintained SDKs are also available for Ruby, Go, and Java.

Rate Limits and Best Practices

Default rate limit is 100 requests per minute per API key
Use webhooks instead of polling for verification results
Implement exponential backoff for retries on 429 or 5xx responses
Store verification IDs and results on your side to minimize API calls
Use test mode keys during development to avoid consuming verification credits

Need help with your API integration? Check our full documentation or create an account to get started with your API key.

Start verifying prescriptions today

Add AI-powered prescription verification to your store in under 10 minutes. Free to start, no credit card required.

Create free account →