Skip to first unread message
Addie Armstrong
Nov 21, 2024, 1:53:00 PM11/21/24
to Beneficiary Claims Data API (BCDA) Community
Good afternoon,
Several of my colleagues and I have been trying to pull some test data from the sandbox environment without success.
Environment: Windows 10, using Command Prompt
We can all produce access tokens without issue; meaning this is working fine:
curl -d "" -X POST "https://sandbox.bcda.cms.gov/auth/token" \
--user 2462c96b-6427-4efb-aed7-118e20c2e997:825598c105bd1fe021c9eb9d41b30e82beb7a505a1184282e69891f76aa0a396dc9d20f35c9df4a5 \
-H "accept: application/json"
--user 2462c96b-6427-4efb-aed7-118e20c2e997:825598c105bd1fe021c9eb9d41b30e82beb7a505a1184282e69891f76aa0a396dc9d20f35c9df4a5 \
-H "accept: application/json"
However, once the token is obtained, curl -X GET always throws a 404.
curl -X GET "https://sandbox.bcda.cms.gov/api/v2/Patient/all/\$export" -H "accept: application/fhir+json" -H "Prefer: respond-async" -H "Authorization: Bearer eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE3MzIyMTM4OTEsImp0aSI6IjhmZWE0YjI2LTIwY2QtNDRmMS1hMjZhLWMzMWU5YjI3NmJhZiIsImlhdCI6MTczMjIxMjY5MSwiaXNzIjoic3NhcyIsInVzZSI6IkFjY2Vzc1Rva2VuIiwiY2lkIjoiMjQ2MmM5NmItNjQyNy00ZWZiLWFlZDctMTE4ZTIwYzJlOTk3Iiwic3lzIjoiMzQiLCJkYXQiOiJ7XCJjbXNfaWRzXCI6W1wiQTk5OTRcIl19In0.rfIZl21BlCfATA7qFAT2JHnalIIRa409PmYDdoOQ3BL8YGwhJJAD5kZWshfjpKkubbZ9dEr_-ipUbQjwWkCMH_8SyoResed7joztyY4EW2k3afLpMHJusowhy6-cO9zx6KB1zJCqvgJ8Gsy4QVF2vvNfY6BUid4pEdhtr0xiyB4vDHotjUZ6yJ4GkwobB5CGum6-nR4ZT8CwKC-A54N2q6L1RcflWe7mdfJ5cW4v8og-B6dqDJZAK2wcP68nHOqkLg0BEtIiO-UTtTkeXInUZJSYXUWoqt573PwxT7g_k-Tf-kludWroGKOaIErZLhHCCXEtrR0sfewfeqdarbizsg" -i
HTTP/1.1 404 Not Found
Date: Thu, 21 Nov 2024 18:31:25 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 19
Connection: keep-alive
Cache-Control: no-cache; no-store; must-revalidate; max-age=0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
404 page not found
HTTP/1.1 404 Not Found
Date: Thu, 21 Nov 2024 18:31:25 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 19
Connection: keep-alive
Cache-Control: no-cache; no-store; must-revalidate; max-age=0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
404 page not found
This has been tried with and without VPN, with \$export, `$export, and plain $export. We have tried both the Group & Patient options.
I can pull the metadata down and that appears normal:
curl -X GET "https://sandbox.bcda.cms.gov/api/v2/metadata" -vi
Note: Unnecessary use of -X or --request, GET is already inferred.
* Host sandbox.bcda.cms.gov:443 was resolved.
* IPv6: (none)
* IPv4: 54.163.98.184, 44.217.1.227
* Trying 54.163.98.184:443...
* Connected to sandbox.bcda.cms.gov (54.163.98.184) port 443
* schannel: disabled automatic use of client certificate
* ALPN: curl offers http/1.1
* ALPN: server accepted http/1.1
* using HTTP/1.x
> GET /api/v2/metadata HTTP/1.1
> Host: sandbox.bcda.cms.gov
> User-Agent: curl/8.9.1
> Accept: */*
>
* Request completely sent off
< HTTP/1.1 200 OK
HTTP/1.1 200 OK
< Date: Thu, 21 Nov 2024 18:02:29 GMT
Date: Thu, 21 Nov 2024 18:02:29 GMT
< Content-Type: application/json
Content-Type: application/json
< Content-Length: 1526
Content-Length: 1526
< Connection: keep-alive
Connection: keep-alive
< Cache-Control: no-cache; no-store; must-revalidate; max-age=0
Cache-Control: no-cache; no-store; must-revalidate; max-age=0
< Pragma: no-cache
Pragma: no-cache
< Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
< X-Content-Type-Options: nosniff
X-Content-Type-Options: nosniff
<
{"date":"2024-11-21T18:02:29+00:00","fhirVersion":"4.0.1","format":["application/json","application/fhir+json"],"implementation":{"description":"The Beneficiary Claims Data API (BCDA) enables Accountable Care Organizations (ACOs) participating in the Shared Savings Program to retrieve Medicare Part A, Part B, and Part D claims data for their prospectively assigned or assignable beneficiaries.","url":"https://sandbox.bcda.cms.gov"},"instantiates":["https://prod-sbx.bfd.cms.gov/v2/fhir/metadata","http://hl7.org/fhir/uv/bulkdata/CapabilityStatement/bulk-data"],"kind":"instance","publisher":"Centers for Medicare & Medicaid Services","resourceType":"CapabilityStatement","rest":[{"interaction":[{"code":"batch"},{"code":"search-system"}],"mode":"server","resource":[{"operation":[{"definition":"http://hl7.org/fhir/uv/bulkdata/OperationDefinition/patient-export","name":"patient-export"}],"type":"Patient"},{"operation":[{"definition":"http://hl7.org/fhir/uv/bulkdata/OperationDefinition/group-export","name":"group-export"}],"type":"Group"}],"security":{"cors":true,"extension":[{"extension":[{"url":"token","valueUri":"https://sandbox.bcda.cms.gov/auth/token"}],"url":"http://fhir-registry.smarthealthit.org/StructureDefinition/oauth-uris"}],"service":[{"coding":[{"code":"OAuth","display":"OAuth","system":"http://terminology.hl7.org/CodeSystem/restful-security-service"}],"text":"OAuth"}]}}],"software":{"name":"Beneficiary Claims Data API","releaseDate":"2024-11-21T18:02:29+00:00","version":"r235"},"status":"active"}* Connection #0 to host sandbox.bcda.cms.gov left intact
Note: Unnecessary use of -X or --request, GET is already inferred.
* Host sandbox.bcda.cms.gov:443 was resolved.
* IPv6: (none)
* IPv4: 54.163.98.184, 44.217.1.227
* Trying 54.163.98.184:443...
* Connected to sandbox.bcda.cms.gov (54.163.98.184) port 443
* schannel: disabled automatic use of client certificate
* ALPN: curl offers http/1.1
* ALPN: server accepted http/1.1
* using HTTP/1.x
> GET /api/v2/metadata HTTP/1.1
> Host: sandbox.bcda.cms.gov
> User-Agent: curl/8.9.1
> Accept: */*
>
* Request completely sent off
< HTTP/1.1 200 OK
HTTP/1.1 200 OK
< Date: Thu, 21 Nov 2024 18:02:29 GMT
Date: Thu, 21 Nov 2024 18:02:29 GMT
< Content-Type: application/json
Content-Type: application/json
< Content-Length: 1526
Content-Length: 1526
< Connection: keep-alive
Connection: keep-alive
< Cache-Control: no-cache; no-store; must-revalidate; max-age=0
Cache-Control: no-cache; no-store; must-revalidate; max-age=0
< Pragma: no-cache
Pragma: no-cache
< Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
< X-Content-Type-Options: nosniff
X-Content-Type-Options: nosniff
<
{"date":"2024-11-21T18:02:29+00:00","fhirVersion":"4.0.1","format":["application/json","application/fhir+json"],"implementation":{"description":"The Beneficiary Claims Data API (BCDA) enables Accountable Care Organizations (ACOs) participating in the Shared Savings Program to retrieve Medicare Part A, Part B, and Part D claims data for their prospectively assigned or assignable beneficiaries.","url":"https://sandbox.bcda.cms.gov"},"instantiates":["https://prod-sbx.bfd.cms.gov/v2/fhir/metadata","http://hl7.org/fhir/uv/bulkdata/CapabilityStatement/bulk-data"],"kind":"instance","publisher":"Centers for Medicare & Medicaid Services","resourceType":"CapabilityStatement","rest":[{"interaction":[{"code":"batch"},{"code":"search-system"}],"mode":"server","resource":[{"operation":[{"definition":"http://hl7.org/fhir/uv/bulkdata/OperationDefinition/patient-export","name":"patient-export"}],"type":"Patient"},{"operation":[{"definition":"http://hl7.org/fhir/uv/bulkdata/OperationDefinition/group-export","name":"group-export"}],"type":"Group"}],"security":{"cors":true,"extension":[{"extension":[{"url":"token","valueUri":"https://sandbox.bcda.cms.gov/auth/token"}],"url":"http://fhir-registry.smarthealthit.org/StructureDefinition/oauth-uris"}],"service":[{"coding":[{"code":"OAuth","display":"OAuth","system":"http://terminology.hl7.org/CodeSystem/restful-security-service"}],"text":"OAuth"}]}}],"software":{"name":"Beneficiary Claims Data API","releaseDate":"2024-11-21T18:02:29+00:00","version":"r235"},"status":"active"}* Connection #0 to host sandbox.bcda.cms.gov left intact
I hesitate to try to throw cookiejar or other modifiers at it, since there is nothing regarding the use of additional curlopts in the webpage. I'm not the most fluent in curl, so perhaps I'm missing something obvious?
Thank you for any advice you can give us!
Thank you for any advice you can give us!
AA
Addie Armstrong
Nov 21, 2024, 3:39:06 PM11/21/24
to Beneficiary Claims Data API (BCDA) Community
Follow Up: This error is not replicable on Linux (SUSE) - all works as expected.
Implication: This is something with the Windows 10 environment. I'm really not fluent in Windows, so any advice at all here is welcome.
Note: It may be useful to in include information about the -o option for naming the downloaded file in the "Getting Started" pages under step 4 (Getting Started). E.g. curl -o "{filename.gzip}" -X GET "{output url}"....
Note: It may be useful to in include information about the -o option for naming the downloaded file in the "Getting Started" pages under step 4 (Getting Started). E.g. curl -o "{filename.gzip}" -X GET "{output url}"....
Thanks again,
AA
Jack Shoemaker
Nov 22, 2024, 11:44:47 AM11/22/24
to Addie Armstrong, Beneficiary Claims Data API (BCDA) Community
Dear Addie,
This suggests to me that however you are cutting-and-pasting teh access token in Windows is introducing a hidden character that is making the authentication fail.
-
Jack
From: bc-...@googlegroups.com <bc-...@googlegroups.com> on behalf of Addie Armstrong <addie.e.r...@gmail.com>
Sent: Thursday, November 21, 2024 15:36
To: Beneficiary Claims Data API (BCDA) Community <bc-...@googlegroups.com>
Subject: [BCDA] Re: Sandbox throwing 404 error on curl -X GET
Sent: Thursday, November 21, 2024 15:36
To: Beneficiary Claims Data API (BCDA) Community <bc-...@googlegroups.com>
Subject: [BCDA] Re: Sandbox throwing 404 error on curl -X GET
--
You received this message because you are subscribed to the Google Groups "Beneficiary Claims Data API (BCDA) Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bc-api+un...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/bc-api/74c022c2-27cd-4728-9ee0-b34b21c64131n%40googlegroups.com.
You received this message because you are subscribed to the Google Groups "Beneficiary Claims Data API (BCDA) Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bc-api+un...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/bc-api/74c022c2-27cd-4728-9ee0-b34b21c64131n%40googlegroups.com.
Beneficiary Claims Data API (BCDA) Community
Nov 25, 2024, 10:49:14 AM11/25/24
to Beneficiary Claims Data API (BCDA) Community
Hi Addie,
It looks like you're doing most things correctly, but you should not include "all" in the URL for a request to the patient endpoint. If you want data for all patients to be exported, please use the following URL in your curl command:
"https://sandbox.bcda.cms.gov/api/v2/Patient/\$export"
Another way is to use "all" with the "Group" endpoint. This export will also include all enrollees.
"https://sandbox.bcda.cms.gov/api/v2/Group/all/\$export"
The "Requesting Data" and "Requesting Filtered Data" sections of our website contain examples for both endpoints, but please reach out if you have additional questions.
Thank you,
The BCDA Team
On Thursday, November 21, 2024 at 1:53:00 PM UTC-5 Addie Armstrong wrote:
Addie Armstrong
Nov 25, 2024, 5:34:57 PM11/25/24
to Beneficiary Claims Data API (BCDA) Community
Thank you very much; this seems to have been the gotcha.
Reply all
Reply to author
Forward
0 new messages