Authentication

You'll need to authenticate every request to the Claims Database API. All endpoints require a valid bearer token issued via your dashboard.

Bearer token

The Claims Database API uses Laravel Sanctum bearer tokens for authentication. Include your API token in the Authorization header of every request:

Example authenticated request

curl -X POST https://YOUR_DOMAIN/api/v1/claims \
  -H "Authorization: Bearer {token}" \
  -H "Content-Type: application/json" \
  -H "Accept: application/json"

Obtaining a token

API tokens are created from the Claims Database dashboard:

  1. Log in to your dashboard.
  2. Navigate to Settings » API Tokens.
  3. Click Create Token and provide a descriptive name.
  4. The plain-text token is shown once — copy it immediately and store it securely.

Tokens do not expire automatically. You can revoke a token at any time from the API Tokens settings page.

Company scope

Each API token is tied to the user who created it. All requests are automatically scoped to that user's company. You can only:

  • Submit claims on behalf of your company.
  • Search client history across all participating companies (read-only, cross-company).
  • Import CSV data for your company.

Required headers

Every API request should include these headers:

  • Name
    Authorization
    Type
    string
    Description

    Bearer {token} — your API token.

  • Name
    Accept
    Type
    string
    Description

    application/json — required for proper error responses.

  • Name
    Content-Type
    Type
    string
    Description

    application/json for JSON requests, or multipart/form-data for file uploads (CSV import).

Inactive company

If your company account has been deactivated, all API requests will return a 403 Forbidden response:

403 Forbidden

{
  "message": "Your company account is inactive or not found."
}

Contact the system administrator to reactivate your company account.

Was this page helpful?