Every Da Vinci IG that CMS-0057-F names is implemented as a real FastAPI router, gated by SMART Backend Services client_credentials and BAA-attestation chain. /fhir/r4/metadata carries the canonical IG URLs, the supported resource interactions, the named operations, and a SMART-on-FHIR security service entry with the oauth-uris extension pointing at our token endpoint — no out-of-band discovery required.
| IG | Endpoint | Operation |
|---|---|---|
| PAS 2.0.1 | POST /fhir/r4/Claim/$submit | Claim-submit |
| PAS 2.0.1 | GET /fhir/r4/ClaimResponse/{id} | read |
| CRD 2.0.1 | POST /fhir/r4/CoverageEligibilityRequest/$inquire | CER-inquire |
| DTR 2.0.0 | GET /fhir/r4/Questionnaire/{id} | read |
| DTR 2.0.0 | POST /fhir/r4/QuestionnaireResponse/$apply | QR-apply |
| SMART | GET /.well-known/smart-configuration | discovery |
| SMART | POST /oauth/token | client_credentials |
- Tier 1
NCD
National coverage determinations — top of the Medicare hierarchy
- Tier 2
LCD
MAC-jurisdiction-scoped to the member’s state of service on the DOS
- Tier 3
Article
Companion to LCDs; same MAC scope. Some HCPCS have only an Article.
- Tier 4
Custom (tenant)
Tenant-internal supplements. Lowest tier, never centrally held.
First hit short-circuits. Pinned to the case at intake — subsequent CMS revisions never retroactively change a case’s controlling guideline.
| NCD + LCD daily refresh | 03:00 | pg_cron → /v1/admin/guidelines/refresh |
|---|---|---|
| Articles daily refresh | 03:15 | separate cron, same admin endpoint |
| NCCI weekly refresh | Sun 03:30 | PTP + MUE + Add-on advisory |
| IO Manual weekly refresh | Sun 03:45 | CMS Internet-Only Manuals |
# 1. CapabilityStatement curl https://your-host/fhir/r4/metadata | jq '.rest[0].security' # 2. SMART configuration curl https://your-host/.well-known/smart-configuration | jq # 3. Mint a backend-services token curl -X POST https://your-host/oauth/token \ -d 'grant_type=client_credentials' \ -d 'client_id=...' -d 'client_secret=...' \ -d 'scope=system/Claim.read system/Claim.write' # 4. Submit a Da Vinci PAS bundle (synthetic — start from # api/tests/fixtures/davinci-pas-official/SurgicalRequestBundleExample.json) curl -X POST https://your-host/fhir/r4/Claim/\$submit \ -H "Authorization: Bearer $TOKEN" \ -H "Content-Type: application/fhir+json" \ -d @synthetic_pas_bundle.json
Reply to this brief and we will send a synthetic Da Vinci PAS request bundle, the expected ClaimResponse, and a 30-minute call slot to walk through the round-trip on a screen-share.