PhilHealth eClaims Mock Server

User-friendly API docs with request/response samples for your sandbox integration.

Base URL: http://localhost:8899/PHIC/Claims3.0
Docs URL: http://localhost:8899/docs

Quick Start

npm install
npm run dev

Then call GET /getToken first, and pass the returned token in header token.

Test Credentials (Copy-Paste Ready)

Use these values para ma-access mo agad ang mock APIs.

Token Request Headers

accreditationNo: 300806
softwareCertificateId: SW-CERT-0001

Encryption Key

CIPHER_KEY=sample-philhealth-cipher-key

If binago mo ito sa .env, kailangan mo i-regenerate encrypted payloads.

Base URL

http://localhost:8899/PHIC/Claims3.0

Seeded Test Data

Member (for getMemberPIN)

lastname: ALOXXX
firstname: BERNAXXX
birthdate: 04-18-2006
expected pin: 192003610605

Doctor (for getDoctorPAN)

lastname: TEST2
firstname: TEST2
birthdate: 01-01-1990
expected pan: 1234-1527066-1

Other Useful Values

voucherNo: 201-062001-06I03
serieslhionos: 120723190000119
hospitalCode: 300832

Fastest Working Flow

  1. Call GET /getToken using headers above.
  2. Copy token from response and set header token.
  3. Call POST /getMemberPIN with encrypted body.
Ready sample encrypted body for getMemberPIN (default cipher key only) 
{
  "docMimeType": "text/xml",
  "hash": "2896cafd69a34b6b673f9249fd4a033112ac3b06eb5d66634ec070007b07d117",
  "key1": "",
  "key2": "",
  "iv": "MTIzNDU2Nzg5MGFiY2RlZg==",
  "doc": "3Lf6CoTW6PCJrWe03YGGM64huuc6OjzuqNJZPdibxp5niMGMirrA42WBz33/mdvrDDjln2b4aiZN0D83Xxmua5M2KagTWM97QUjq/GqudMQ="
}

Common Response Format

{
  "success": true,
  "message": "",
  "result": {}
}
{
  "success": false,
  "message": "Invalid or expired token",
  "result": null
}

Encryption Format

Most endpoints use encrypted request and encrypted result.

{
  "docMimeType": "text/xml",
  "hash": "sha256-hex",
  "key1": "",
  "key2": "",
  "iv": "base64-iv",
  "doc": "base64-encrypted-data"
}
Algorithm AES-256-CBC
Key SHA-256(cipherKey)
Padding Zero padding to 16-byte block

Payload Encryptor / Decryptor (For Postman)

Paste plaintext JSON/XML, click Encrypt, then copy output to Postman body.

Encrypt

Cipher Key docMimeType Plaintext Input (JSON or XML)

Encrypted Output (Postman Body)

{
  "docMimeType": "text/xml",
  "hash": "",
  "key1": "",
  "key2": "",
  "iv": "",
  "doc": ""
}

Decrypt

Cipher Key Encrypted JSON Payload

Decrypted Output

/* decrypted text will appear here */

Endpoint Summary

#MethodPathAuthEncrypted
1GET/getTokenNoNo
2POST/getMemberPINYesReq + Res
3POST/getDoctorPANYesReq + Res
4POST/isDoctorAccreditedYesReq + Res
5POST/searchEmployerYesReq + Res
6POST/isClaimEligibleYesReq + Res
7POST/generatePBEFPDFYesReq + Res
8POST/searchCaseRatesYesReq + Res
9POST/validateCF4YesReq + Res
10POST/validateeSOAYesReq + Res
11POST/validateCF5YesSpecial Req + Res
12POST/eClaimsFileCheckYesReq + Res
13POST/uploadeClaimsYesReq + Res
14GET/getUploadedClaimsMapYesRes
15GET/getClaimStatusYesRes
16POST/addRequiredDocumentYespXML encrypted
17GET/getVoucherDetailsYesRes
18GET/getDBServerDateTimeYesNo
19GET/getServerDateTimeYesNo
20GET/getServerVersionYesNo

Complete API Samples (All 20)

Tip: for encrypted endpoints, plaintext samples below are what you encrypt before sending.

Encrypted payload template (for request/result) 
{
  "docMimeType": "text/xml",
  "hash": "sha256-hex",
  "key1": "",
  "key2": "",
  "iv": "base64-iv",
  "doc": "base64-encrypted-data"
}
1) GET /getToken Headers 
accreditationNo: 300806
softwareCertificateId: SW-CERT-0001
Response sample 
{
  "success": true,
  "message": "Token is valid for 1800 seconds",
  "result": "Q0dMZ2NwNTY3..."
}
2) POST /getMemberPIN Headers 
token: <token from /getToken>
Payload sample (decrypted JSON) 
{
  "lastname": "ALOXXX",
  "firstname": "BERNAXXX",
  "birthdate": "04-18-2006"
}
Response sample (decrypted result) 
{ "pin": "192003610605" }
3) POST /getDoctorPAN Payload sample (decrypted JSON) 
{
  "lastname": "TEST2",
  "firstname": "TEST2",
  "birthdate": "01-01-1990"
}
Response sample (decrypted result) 
{ "pan": "1234-1527066-1" }
4) POST /isDoctorAccredited Payload sample (decrypted JSON) 
{
  "accrecode": "1234-1527066-1",
  "admissiondate": "01-01-2024",
  "dischargedate": "01-02-2024"
}
Response sample (decrypted result) 
{
  "isaccredited": "YES",
  "accrecode": "1234-1527066-1",
  "admissiondate": "01-01-2024",
  "dischargedate": "01-02-2024",
  "accreditationstart": "01-01-2020",
  "accreditationend": "12-31-2099"
}
5) POST /searchEmployer Payload sample (decrypted JSON) 
{ "PEN": "123456789012" }
Response sample (decrypted result) 
{
  "eEMPLOYERS": {
    "employer": [
      {
        "pPEN": "123456789012",
        "pEmployerName": "EMP1",
        "pEmployerAddress": "EMP1"
      }
    ],
    "ASOF": "01-01-2024"
  }
}
6) POST /isClaimEligible Payload sample (decrypted JSON) 
{
  "hospitalCode": "300832",
  "isForOPDHemodialysisClaim": "N",
  "memberPIN": "192003610605",
  "patientIs": "M",
  "admissionDate": "01-01-2024",
  "isFinal": "1"
}
Response sample (decrypted result) 
{
  "isok": "YES",
  "referenceno": "REF-1730000000000",
  "trackingno": "TRK-1730000000000",
  "asof": "10/27/2025"
}
7) POST /generatePBEFPDF Payload sample (decrypted JSON) 
{ "accreno": "300832", "referenceno": "REF-1730000000000" }
Response sample (decrypted result) 
"JVBERi0xLjQKJcfsj6IKMSAwIG9iago8PC9UeXBlIC9QYWdlL1BhcmVudCAyIDAgUi9NZWRpYUJveFswIDAgNTk1IDg0Ml0+PgplbmRvYmoK"
8) POST /searchCaseRates Payload sample (decrypted JSON) 
{ "description": "DIALYSIS" }
Response sample (decrypted result) 
{
  "eCASERATES": {
    "CASERATES": [
      {
        "pCaseRateCode": "CR0389",
        "pCaseRateDescription": "DIALYSIS PROCEDURE OTHER THAN HEMODIALYSIS (E.G. PERITONEAL, HEMOFILTRATION)",
        "pItemCode": "90945",
        "pItemDescription": "DIALYSIS PROCEDURE OTHER THAN HEMODIALYSIS (E.G. PERITONEAL, HEMOFILTRATION)",
        "pEffectivityDate": "02-14-2024",
        "pEffectivityEndDate": "12-31-9999",
        "amount": {
          "pPrimaryProfFee": "500.0",
          "pPrimaryHCIFee": "3500.0",
          "pPrimaryCaseRate": "4000.0"
        }
      }
    ]
  }
}
9) POST /validateCF4 Payload sample (decrypted XML) 
<CF4></CF4>
Response sample (decrypted result) 
{ "errors": [] }
10) POST /validateeSOA Payload sample (decrypted XML) 
<eSOA></eSOA>
Response sample (decrypted result) 
{ "errors": [] }
11) POST /validateCF5 Payload sample (special JSON body) 
{
  "cf5": { "docMimeType": "...", "hash": "...", "key1": "", "key2": "", "iv": "...", "doc": "..." },
  "eclaims": { "docMimeType": "...", "hash": "...", "key1": "", "key2": "", "iv": "...", "doc": "..." }
}
Plaintext inside each encrypted payload 
cf5 => <CF5></CF5>
eclaims => <eCLAIMS></eCLAIMS>
Response sample (decrypted result) 
{ "errors": [] }
12) POST /eClaimsFileCheck Payload sample (decrypted XML) 
<eCLAIMS></eCLAIMS>
Response sample (decrypted result) 
{
  "validation": "PASSED",
  "errors": []
}
13) POST /uploadeClaims Payload sample (decrypted XML) 
<eCLAIMS></eCLAIMS>
Response sample (decrypted result) 
{
  "eCONFIRMATION": {
    "pReceiptTicketNumber": "2517372840000",
    "pHospitalCode": "300832",
    "pHospitalTransmittalNo": "3008321107000008",
    "pTotalClaims": "1",
    "pReceivedDate": "10/27/2025"
  }
}
14) GET /getUploadedClaimsMap Query params 
receiptTicketNumber=2517372840000
Response sample (decrypted result) 
{
  "eCONFIRMATION": {
    "MAPPING": [
      {
        "pClaiminNumber": "202517372840000",
        "pPatientLastName": "LASTNAME",
        "pPatientFirstName": "FIRSTNAME",
        "pPatientMiddleName": "",
        "pPatientSuffix": "",
        "pAdmissionDate": "01-01-2024",
        "pDischargeDate": "01-02-2024",
        "pClaimSeriesLhio": "202517372840000"
      }
    ],
    "pReceiptTicketNumber": "2517372840000",
    "pHospitalCode": "300832",
    "pHospitalTransmittalNo": "3008321107000008",
    "pTotalClaims": "1",
    "pReceivedDate": "10/27/2025, 12:00:00 PM"
  }
}
15) GET /getClaimStatus Query params 
serieslhionos=120723190000119
// multiple: serieslhionos=120723190000119,060516030019903
Response sample (decrypted result) 
{
  "STATUS": {
    "pAsOf": "10/27/2025",
    "pAsOfTime": "12:00:00 PM",
    "CLAIM": [
      {
        "pClaimSeriesLhio": "120723190000119",
        "pPin": "190892937994",
        "pPatientLastName": "ALARCON",
        "pPatientFirstName": "MAMERTO",
        "pPatientMiddleName": "TRIA",
        "pPatientSuffix": "",
        "pAdmissionDate": "05-02-2012",
        "pDischargeDate": "05-06-2012",
        "pStatus": "IN PROCESS"
      }
    ]
  }
}
16) POST /addRequiredDocument Payload sample (actual JSON) 
{
  "pSeriesLhioNo": "120723190000119",
  "pXML": { "docMimeType": "...", "hash": "...", "key1": "", "key2": "", "iv": "...", "doc": "..." }
}
Plaintext XML inside pXML.doc 
<DOCUMENTS>
  <DOCUMENT pDocumentType="OPR" pDocumentURL="http://sample/file/opr.pdf" />
</DOCUMENTS>
Response sample 
{
  "success": true,
  "message": "",
  "result": "Required documents added"
}
17) GET /getVoucherDetails Query params 
voucherno=201-062001-06I03
Response sample (decrypted result) 
{
  "VOUCHER": {
    "pVoucherNo": "201-062001-06I03",
    "pVoucherDate": "06-14-2006",
    "pTotalAmount": "19608.65",
    "pNumberOfClaims": "1",
    "claims": []
  }
}
18) GET /getDBServerDateTime Response sample 
{
  "success": true,
  "message": "",
  "result": [
    { "server": "DB Server 1", "datetime": "10/27/2025, 12:00:00 PM", "remarks": "" },
    { "server": "DB Server 2", "datetime": "10/27/2025, 12:00:00 PM", "remarks": "" }
  ]
}
19) GET /getServerDateTime Response sample 
{
  "success": true,
  "message": "",
  "result": { "server": "DB Server 1", "datetime": "10/27/2025, 12:00:00 PM", "remarks": "" }
}
20) GET /getServerVersion Response sample 
{
  "success": true,
  "message": "",
  "result": "PECWS 3.0"
}

Useful Seeded Test Values

Member

lastname: ALOXXX
firstname: BERNAXXX
birthdate: 04-18-2006

Doctor

lastname: TEST2
firstname: TEST2
birthdate: 01-01-1990

Voucher Query

voucherno: 201-062001-06I03

Troubleshooting

More detailed docs are also available in DOCUMENTATION.md.