Production Access
Eligible organizations must get credentials from their model-specific systems to access enrollee claims data.
-
Authorize your model entity
Production credentials authorize your organization's access to the API. Create and manage credentials by logging in to your model-specific system:
- ACOs in the Medicare Shared Savings Program: Only users with the Credential Delegate role can manage credentials from the ACO Management System (ACO-MS).
-
REACH ACOs and KCEs or KCF practices in the Kidney Care Choices Model: Users with any of the
following roles can manage credentials from 4innovation (4i):
- Executive Contact
- Entity Primary Contact
- Entity Secondary Contact
- DUA Requestor
- DUA Custodian
Your registered contact can contact the help desk to assign these roles.
-
Obtain production credentials
- Visit the API Credentials page in your model-specific system.
- Choose the BCDA Credentials tab, then select Create New API Credentials.
- Add a public, static IP address for every system, including vendors, that will use the API (up to 8). It may take up to an hour for the Allow List to update.
Rotate (renew) credentials every 90 days
Visit BCDA Credentials and select the rotate icon in the Actions column.
Revoke (deactivate) credentials if compromised
Visit BCDA Credentials and select the delete icon in the Actions column. Email bcapi@cms.hhs.gov to review recent activity.
-
Access production claims data
The sandbox and production environments support the same workflow, endpoints, and resource types. Follow similar steps as you did in the sandbox to get a bearer token and retrieve claims data.
Visit Support or join the Google Group if you have questions. Do not share Personally Identifiable Information (PII) like tokens, credentials, or claims data.
