Mock sample for your project: Veteran Confirmation API

Integrate with "Veteran Confirmation API" from va.gov in no time with Mockoon's ready to use mock sample

Veteran Confirmation

va.gov

Version: 0.0.1


Use this API in your project

Start working with "Veteran Confirmation API" right away by using this ready-to-use mock sample. API mocking can greatly speed up your application development by removing all the tedious tasks or issues: API key provisioning, account creation, unplanned downtime, etc.
It also helps reduce your dependency on third-party APIs and improves your integration tests' quality and reliability by accounting for random failures, slow response time, etc.

Description

The Veteran Confirmation API allows you to confirm Veteran status for a given person. This can be useful for offering Veterans discounts or other benefits.
The API will only return “Confirmed” or “Not Confirmed”.
Quickstart Guide
1. Get Access Credentials
Get started by filling out the form on the Apply for VA Lighthouse Developer Access page.
After submitting a request, you will receive your credentials for using the API in the Development environment, which allows you to try it out with mock data before moving to the Production environment.
2. Test the API
In the endpoint documentation below, we've provided a curl command builder for trying out the API before implementation with your app.
Use Test User attributes to populate the request body.
3. Build your app
The base URI for the Veteran Confirmation API in the Sandbox environment is:
https://sandbox-api.va.gov/services/veteran_confirmation/v0
In this environment, use attributes from the list of Test Users. Only Test Users can return a "confirmed" response.
Check out some of our sample apps. Please visit our VA Lighthouse Support portal should you need further assistance.
4. Show us a demo and get access to the Production environment
After building your app, we ask that you give us a demo before we set you up with production credentials. Please see the Path to Production page for more details.
Authorization
This API requires an API key in combination with identifiable information for the person being confirmed listed below. API requests are authorized through a symmetric API token provided in an HTTP header with name apikey. Including more information has a better chance of making a match and returning a Confirmed status.
Required information:
First Name
Last Name
Date of Birth
Social Security Number
Optional information:
Middle Name
Gender
Reference
Sandbox vs. Production Data
APIs accessed via the Sandbox environment are using the same underlying logic as VA’s production APIs; only the underlying data store is different.
Master Veteran Index (MVI)
The Master Veteran Index confirms a user's identity. In Production, several factors are considered to confirm identity. These include: a user’s first name, last name, date of birth and Social Security number. The MVI is mocked in the Sandbox environment. In this environment, the only factor used to confirm identity is the Social Security number.
Rate Limiting
We implemented basic rate limiting of 60 requests per minute. If you exceed this quota, your request will return a 429 status code. You may petition for increased rate limits by emailing and requests will be decided on a case by case basis.
Raw Open API Spec
https://api.va.gov/services/veteran_confirmation/docs/v0/api

Other APIs by va.gov

VA Facilities

va.gov
Background
This RESTful API provides information about physical VA facilities. Information available includes
geographic location, address, phone, hours of operation, and available services.
VA operates several different types of facilities, the types represented in this API include:
Health Facilities (vha)
Benefits Facilities (vba)
Cemeteries (nca)
Vet Centers (vc)
To read an FAQ on how wait times are calculated, click the "For more information" link on this page.
Getting Started
Base URLs
The base URLs for the VA Facilities API in the various environments are:
Sandbox: https://sandbox-api.va.gov/services/va_facilities/v0
Production: https://api.va.gov/services/va_facilities/v0
Authorization
API requests are authorized through a symmetric API token, provided in an HTTP header with name apikey.
Response Formats
Clients may request several response formats by setting the Accept header.
application/json - The default JSON response format complies with JSON API. This media type is not available for bulk requests using the /facilities/all endpoint. It will return 406 Not Acceptable.
application/geo+json - GeoJSON-compliant format, representing each facility as a feature with a point geometry.
application/vnd.geo+json - Deprecated. Prefer application/geo+json.
text/csv - Available for the bulk download operation only. Some structured fields are omitted from the CSV response.
Response Elements
Some data elements within the response are only present for facilities of a given type:
The patient satisfaction scores contained in the satisfaction element are only applicable
to VA health facilities.
The patient wait time values contained in the wait_times element are only applicable to
VA health facilities.
The list of available services in the services element is only applicable to VA health and
benefits facilities.
The operational hours special instructions contained in the operationalhoursspecial_instructions element is only applicable to VA health and Vet Center facilities.
Facility ID Formats and Constraints
A facility ID has the format prefix_stationNumber. The prefix is one of nca, vc, vba, or vha. Cemeteries may be national (VA) or non-national; non-national cemeteries have the station number prefixed with an s. There are no other constraints on the format. Examples:
Health: vha_402GA
Benefits: vba_539GB
National cemetery: nca_063
Non-national cemetery: nca_s1082
Vet center: vc_0872MVC
Mobile Facilities
The mobile health facilities move regularly within a region. If a facility comes back from this API with "mobile": "true", the latitude/longitude and address could be inaccurate. To get the exact current location, please call the number listed.
Deprecations
activestatus field is deprecated and replaced with operatingstatus.
application/vnd.geo+json media type is deprecated and replaced by application/geo+json
Reference
Raw VA Facilities Open API Spec
GeoJSON Format
JSON API Format

Benefits Intake

va.gov
The Benefits Intake API allows authorized third-party systems used by Veteran Service Organizations (VSOs), agencies, and Veterans to digitally submit VA benefits claim documents directly to the Veterans Benefits Administration's (VBA) claims intake process. This API handles documents related to the following benefit claim types:
Compensation
Pension/Survivors Benefits
Education
Fiduciary
Insurance
Veteran Readiness & Employment (VRE)
Board of Veteran Appeals (BVA)
This API also provides submission status updates until documents are successfully established for VBA claim processing, eliminating the need for users to switch between systems to manually check whether documents have been successfully uploaded.
Background
This API provides a secure, efficient, and tracked alternative to mail or fax for VA benefit claim document submissions. Documents are uploaded directly to the VBA so they can be processed as quickly as possible.
Technical overview
The Benefits Intake API first provides an upload location and unique submission identifier, and then accepts a payload consisting of a document in PDF format, zero or more optional attachments in PDF format, and some JSON metadata.
The metadata describes the document and attachments, and identifies the person for whom it is being submitted. This payload is encoded as binary multipart/form-data (not base64). The unique identifier supplied with the payload can subsequently be used to request the processing status of the uploaded document package.
To avoid errors and processing delays, API consumers are encouraged to validate the zipcode,fileNumber, veteranFirstName, veteranLastName and businessLine fields before submission according to their description in the DocumentUploadMetadata model and use the 'businessLine' attribute for the most efficient processing. Additionally, please ensure no PDF user or owner passwords are used in submitted PDFs.
Attachment & file size limits
There is no limit on the number of files a payload can contain, but size limits do apply.
Uploaded documents cannot be larger than 21" x 21"
The entire payload cannot exceed 5 GB
No single file in a payload can exceed 100 MB
Date of receipt
The date that documents are successfully submitted through the Benefits Intake API is used as the official VA date of receipt. However, note that until a document status of received, processing, success, or vbms is returned, a client cannot consider the document received by VA.
A status of received means that the document package has been transmitted, but may not be validated. Any errors with the document package, such as unreadable PDFs or a Veteran not found, will cause the status to change to error.
If the document status is error, VA has not received the submission and cannot honor the submission date as the date of receipt.
Authentication and Authorization
API requests are authorized through a symmetric API token, provided in an HTTP header with name 'apikey'. Request an API key.
Testing in the sandbox environment
In the sandbox environment, the final status of a submission is received and submissions do not actually progress to the central mail repository or VBMS.
Progress beyond the received status can be simulated for testing. We allow passing in a Status-Override header on the /uploads/{id} endpoint so that you can change the status of your submission to simulate the various scenarios.
The available statuses are pending, uploaded, received, processing, success, vbms, and error. The meaning of the various statuses is listed below in Models under DocumentUploadStatusAttributes.
Test data
We use mock test data in the sandbox environment. Data is not sent upstream and it is not necessary to align submitted test data with any other systems' data.
Upload operation
Allows a client to upload a multi-part document package (form + attachments + metadata).
Client Request: POST https://sandbox-api.va.gov/services/vba_documents/v1/
No request body or parameters required
Service Response: A JSON API object with the following attributes:
guid: An identifier used for subsequent status requests
location: A URL to which the actual document package payload can be submitted in the next step. The URL is specific to this upload request, and should not be re-used for subsequent uploads. The URL is valid for 900 seconds (15 minutes) from the time of this response. If the location is not used within 15 minutes, the GUID will expire. Once expired, status checks on the GUID will return a status of expired.
Note: If, after you've submitted a document, the status hasn't changed to uploaded before 15 minutes has elapsed, we recommend retrying the upload in order to make sure the document properly reaches our servers. If the upload continues to fail, try encoding the payload as Base64 (See below).
Client Request: PUT to the location URL returned in Step 2.
Request body should be encoded as binary multipart/form-data (base64 also available - see details below), equivalent to that generated by an HTML form submission or using “curl -F…”. The format is described in more detail below.
No apikey authorization header is required for this request, as authorization is embedded in the signed location URL.
Service Response: The HTTP status indicates whether the upload was successful.
Additionally, the response includes an ETag header containing an MD5 hash of the submitted payload. This can be compared to the submitted payload to ensure data integrity of the upload.
Status caching
Due to current system limitations, data for the /uploads/report endpoint is cached for one hour.
A request to the /uploads/{id} endpoint will return a real-time status for that GUID, and update its status in /uploads/report.
The updated_at field indicates the last time the status for a given GUID was updated.
Optional Base64 encoding
Base64 is an encoding scheme that converts binary data into text format, so that encoded textual data can be easily transported over networks uncorrupted and without data loss.
Base64 can be used to encode binary multipart/form-data it in its entirety. Note that the whole payload must be encoded, not individual parts/attachments.
After encoding your payload, you'll be required to preface your base64 string with data:multipart/form-data;base64, in order to allow our system to distinguish the file type. Your final string payload would look something like data:multipart/form-data;base64,(encryption string)== and close with the standard == marker. Note that the multipart boundaries i.e. -----WebKitFormBoundaryVfOwzCyvug0JmWYo and ending ------WebKitFormBoundaryVfOwzCyvug0JmWYo- must also be included.
Consumer onboarding process
When you're ready to move to production, request a production API key.

VA Forms

va.gov
Use the VA Forms API to search for VA forms, get the form's PDF link and metadata, and check for new versions.
Visit our VA Lighthouse Contact Us page for further assistance.
Background
This API offers an efficient way to stay up-to-date with the latest VA forms and information. The forms information listed on VA.gov matches the information returned by this API.
Search by form number, keyword, or title
Get a link to the form in PDF format
Get detailed form metadata including the number of pages, related forms, benefit categories, language, and more
Retrieve the latest date of PDF changes and the SHA256 checksum
Identify when a form is deleted by the VA
Technical summary
The VA Forms API collects form data from the official VA Form Repository on a nightly basis. The Index endpoint can return all available forms or, if an optional query parameter is passed, will return only forms that may relate to the query value. When a valid form name is passed to the Show endpoint, it will return a single form with additional metadata and full revision history. A JSON response is given with the PDF link (if published) and the corresponding form metadata.
Authentication and authorization
The form information shared by this API is publicly available. API requests are authorized through a symmetric API token, provided in an HTTP header with name apikey. Get a sandbox API Key.
Testing in sandbox environment
Form data in the sandbox environment is for testing your API only, and is not guaranteed to be up-to-date. This API also has a reduced API rate limit. When you're ready to move to production, be sure to request a production API key.
SHA256 revision history
Each form is checked nightly for recent file changes. A corresponding SHA256 checksum is calculated, which provides a record of when the PDF changed and the SHA256 hash that was calculated. This allows end users to know that they have the most recent version and can verify the integrity of a previously downloaded PDF.
Valid PDF link
Additionally, during the nightly refresh process, the link to the form PDF is verified and the valid_pdf metadata is updated accordingly. If marked true, the link is valid and is a current form. If marked false, the link is either broken or the form has been removed.
Deleted forms
If the deleted_at metadata is set, that means the VA has removed this form from the repository and it is no longer to be used.

Other APIs in the same category

FRC Events

firstinspires.org
Overview
FIRST /FMS FRC Events API is a service to return relevant information about the FIRST Robotics Competition (FRC). Information is made available from events operating around the world.
For FRC, information is made available by the Field Management System (FMS) server operating at each event site. The FMS will attempt to sync all data from the event to "the cloud" as long as internet is available at the venue. If internet is unavailable, or "goes down" during the event, the FMS will automatically sync all data from the time the system was offline as soon as the connection is restored. The API will provide data as soon as it has synced, and we do not add any artificial delays. If you are receiving "stale" data, it may be because of connectivity problems at the venue. We recommend you try again later, and post on the FIRST FMS TeamForge site if the problem persists. (Note: FMS does not sync while a match is running, so data that has to do with a particular match should become available once the score has been revealed to the audience at the event.)
Migration and Program Notes:
Pay close attention to the addresses for calling the various endpoints- as well as the notes regarding endpoints with multiple possible responses (i.e. score details and rankings).
Documentation Notes
All times are listed in the local time to the event venue. HTTP-date values will show their timezone.
If you specify a parameter, but no value for that parameter, it will be ignored. For example, if you request URL?teamNumber= the teamNumber parameter would be ignored.
We will continue to support the current version of the API plus one version older. Old APIs are depricated once a version "two times newer" is available, at minimum 6 months. For example, version 2.0 and 1.0 are supported right now, but 1.0 will not be supported once 2.1 (or 3.0) is available. Versions may also be retired earlier with prior notice here in the documentation.
The full host address of the API is needed in all calls. The version number is required in each call in order to ensure your requests are made (and responses are returned) in the formats you anticipate. The version number for this documentation is found on the top of the page, in the title. If you call this version number, the API responses will match the formats listed below.
All of the APIs are capable of accepting the Accept HTTP header with either application/xml or application/json based on the desired return type. Any API call that results in an HTTP Status Code other than 200 (OK) will only be shown here as an application/json response to save space, but the content is the same regardless of the request type. All response will have a Content-Length and Date response header, but those are not shown in the documentaiton.
For all APIs that accept a query string in addition to the URI base, the order of parameters do not matter, but the name shown in the documentation must match exactly, as does the associated value format as described in details.
For response codes that are not HTTP 200 (OK), the documentation will show a body message that represents a possible response value. While the "title" of the HTTP Status Code will match those shown in the response codes documentation section exactly, the body of the response will be a more detailed explanation of why that status code is being returned and may not always be exactly as shown in the examples.
None of the APIs will show possible return here in the documentation of HTTP 401 (Unauthorized), but that code applies to all APIs as a possible response if the request is made without a valid token.
Last-Modified, FMS-OnlyModifiedSince, and If-Modified-Since Headers
The FRC Events API utilizes the Last-Modified and If-Modified-Since Headers to communicate with consumers regarding the age of the data they are requesting. With a couple of exceptions, all calls will return a Last-Modified Header set with the time at which the data at that endpoint was last modified. The Header will always be set in the HTTP-date format, as described in the HTTP Protocol. There are two exceptions: the Last-Modified Header is not set if the endpoint returns no results (such as a request for a schedule with no matches) and will also not be set if the request was an HTTP DELETE.
Consumers should keep track of the Last-Modified Header, and return it on subsequent calls to the same endpoint as the If-Modified-Since. The server will recognize this request, and will only return a result if the data has been modified since the last request. If no changes have been made, an HTTP 304 will be returned. If data has been modified, ALL data on that call will be returned (for "only modified" data, see below).
The FRC Events API also allows a custom header used to filter the return data to a specific subset. This is done by specifying a FMS-OnlyModifiedSince header with each call. As with the If-Modified-Since header, consumers should keep track of the Last-Modified Header, and return it on subsequent calls to the same endpoint as the FMS-OnlyModifiedSince Header. The server will recognize this request, and will only return a result if the data has been modified since the last request, and, if returned, the data will only be those portions modified since the included date. If no changes, have been made, an HTTP 304 will be returned. Using this method, the server and consumer save processing time by only receiving modified data that is in need of update on the consumer side.
If the Headers are improperly passed (such as the wrong Day of Week for the matching date, or a date in the future), the endpoint will simply ignore the Header and return all results. If both headers are specified, the request will be denied.
Response Codes
The FRC Events API HTTP Status Codes correspond with the common codes, but occasionally with different "titles". The "title" used by the API is shown next to each of the below possible response HTTP Status Codes. Throughout the documentation, Apiary may automatically show the common "title" in example returns (like "Not Found" for 404) but on the production server, the "title" will instead match those listed below.
HTTP 200 - "OK"
The request has succeeded. An entity corresponding to the requested resource is sent in the response. This will be returned as the HTTP Status Code for all request that succeed, even if the body is empty (such as an event that has no rankings, but with a valid season and event code were used)
HTTP 304 - "Not Modified"
When utilizing a Header that allows filtered data returns, such as If-Modified-Since, this response indicates that no data meets the request.
HTTP 400 - "Invalid Season Requested"/"Malformed Parameter Format In Request"/"Missing Parameter In Request"/"Invalid API Version Requested":
The request could not be understood by the server due to malformed syntax. The client SHOULD NOT repeat the request without modifications. Specifically for this API, a 400 response indicates that the requested URI matches with a valid API, but one or more required parameter was malformed or invalid. Examples include an event code that is too short or team number that contains a letter.
HTTP 401 - "Unauthorized"
All requests against the API require authentication via a valid user token. Failing to provide one, or providing an invalid one, will warrant a 401 response. The client MAY repeat the request with a suitable Authorization header field.
HTTP 404 - "Invalid Event Requested"
Even though the 404 code usually indicates any not found status, a 404 will only be issued in this API when an event cannot be found for the requested season and event code. If the request didn't match a valid API or there were malformed parameters, the response would not receive a 404 but rather a 400 or 501. If this HTTP code is received, the season was a valid season and the event code matched the acceptable style of an event code, but there were no records of an event matching the combination of that season and event code. For example, HTTP 404 would be issued when the event had a different code in the requested season (the codes can change year to year based on event location).
HTTP 500 - "Internal Server Error"
The server encountered an unexpected condition which prevented it from fulfilling the request. This is a code sent directly by the server, and has no special alternate definition specific to this API.
HTTP 501 - "Request Did Not Match Any Current API Pattern"
The server does not support the functionality required to fulfill the request. Specifically, the request pattern did not match any of the possible APIs, and thus processing was discontinued. This code is also issued when too many optional parameters were included in a single request and fulfilling it would make the result confusing or misleading. Each API will specify which parameters or combination of parameters can be used at the same time.
HTTP 503 - "Service Unavailable"
The server is currently unable to handle the request due to a temporary overloading or maintenance of the server. The implication is that this is a temporary condition which will be alleviated after some delay. If known, the length of the delay MAY be indicated in a Retry-After header. This code will not always appear, sometimes the server may outright refuse the connection instead. This is a code sent directly by the server, and has no special alternate definition specific to this API.
See the notes at the top of this documentation for important information about HTTP Status Codes.
Authorization
In order to make calls against the FRC Events API, you must include an HTTP Header called Authorization with the value set as specified below. If a request is made without this header, processing stops and an HTTP 401 is issued. All Authorization headers follow the same format:
Authorization: Basic 000000000000000000000000000000000000000000000000000000000000
Where the Zeros are replaced by your Token. The Token can be formed by taking your username and your AuthorizationKey and adding a colon. For example, if your username is sampleuser and your AuthorizationKey is 7eaa6338-a097-4221-ac04-b6120fcc4d49 you would have this string:
sampleuser:7eaa6338-a097-4221-ac04-b6120fcc4d49
This string must then be encoded using Base64 Encoded to form the Token, which will be the same length as the example above, but include letters and numbers. For our example, we would have:
c2FtcGxldXNlcjo3ZWFhNjMzOC1hMDk3LTQyMjEtYWMwNC1iNjEyMGZjYzRkNDk=
NOTICE : Publicly distributing an application, code snippet, etc, that has your username and token in it, encoded or not, WILL result in your token being blocked from the API. Each user should apply for their own token.
If you wish to acquire a token for your development, you may do so by requesting a token through our automated system on this website.
AUTOMATED REMOVAL : If you do not activate your account within 72 hours of making your request for a token, or if you do not make at least one API request every twelve (12) months, your account/token will be marked as disabled for inactivity and subject to being deleted. (This policy does not apply to accounts with special operating agreements with FIRST)
HTTP401 and Authorization
Each Token can be individually enabled and disabled by FIRST. As such, a normally valid combination of username and AuthorizationToken could still be rejected. The possible return messages you may see in these instances are:
Incorrect Token (You supplied an AuthorizationToken, but it wasn't correct)
Account Disabled, Contact Support (You have been disabled for excessive traffic or abuse. Contact support)
Username Not Found (A username was found, but didn't match any on file)
Unable To Determine Authorization Token (The format of the Authorization header was incorrect)

Gujarat Vidyapith, Ahmedabad

apisetu.gov.in
Gujarat Vidyapith, Ahmedabad (http://www.gujaratvidyapith.org/) is issuing Degree certificates through DigiLocker. These can be pulled by students into their DigiLocker accounts. Currently, data for the year 2019 is made available by Gujarat Vidyapith.

National Skill Development Corporation (NSDC)

apisetu.gov.in
NSDC (https://www.nsdcindia.org) promotes skill development by catalyzing creation of large, quality and for-profit vocational institutions. Skill certificates provided under various NSDC programmes are made available to citizens in their DigiLocker accounts.

Future Generali Total Insurance Solutions

apisetu.gov.in
Two Wheeler, Car, Commercial Vehicle, Home and Travel Insurance policies issued by Future Generali are available on DigiLocker and can be pulled by citizens in their account.

eDistrict Kerala, Kerala

apisetu.gov.in
eDistrict Kerala (https://edistrict.kerala.gov.in/) is the online service delivery portal for Kerala State Govt. Certain documents issued by it (e.g. Residence, Income, Caste Certificates etc) are made available in citizens' DigiLocker accounts.

Pramerica Life Insurance Ltd.

apisetu.gov.in
APIs provided by Pramerica Life Insurance Ltd..

Department of Labour, Govt of Punjab, Punjab

apisetu.gov.in
APIs provided by Department of Labour, Govt of Punjab, Punjab.

Antyodaya Saral Haryana, Haryana

apisetu.gov.in
APIs provided by Antyodaya Saral Haryana, Haryana.

SBI General Insurance Company Ltd

apisetu.gov.in
Insurance Policies such as Car, Two Wheeler, Commercial Vehicle, Health and Travel issued by SBI General (https://www.sbigeneral.in) are now available for Customers to be fetched into their DigiLocker accounts

Goa Water Resources Department, Goa

apisetu.gov.in
Goa WRD (https://goawrd.gov.in/) is the official departmental portal of the Water Resources Department, Govt. of Goa, through which citizens can avail time bound service being offered by the department. Certificates issued by it (e.g. Contractor Enlistment, Well Registration etc) are made available in citizens' DigiLocker accounts.

AIIMS Mangalagiri

apisetu.gov.in
AIIMS Mangalagiri is one of the AIIMS healthcare institutes being established by the Ministry of Health & Family Welfare, Government of India.

Transport Department, Himachal Pradesh

apisetu.gov.in
Driving License (DL) and Vehicle Registration Certificate (RC) of the State, as available on Parivahan Sewa (http://parivahan.co.in/) of Ministry of Road Transport and Highways, are available on DigiLocker. Citizens can pull these documents into their DigiLocker accounts.