HIPAA AgentHIPAA Agent
Deploy Your Agent
Developer Documentation

HIPAA Agent Docs

Everything you need to integrate HIPAA compliance into your applications. REST API, MCP Server, JSON-RPC 2.0, and Google A2A protocol.

Get Free API KeyPython SDKNode.js SDK
Getting StartedAPI ReferenceMCP ToolsJSON-RPC 2.0IntegrationsMSP GuideSecurityChangelog

Getting Started

5-minute quickstart from zero to your first API call. Get your free API key and run your first compliance check.

  • Get Your API Key
  • First API Call
  • Trigger a Full Scan
  • Connect to Your AI Agent
  • Credit Costs & Rate Limits

API Reference

Complete reference for all 194+ REST API endpoints grouped by category with example requests and responses.

  • Authentication
  • Scanning APIs
  • Compliance APIs
  • Breach Intelligence
  • Threat Intelligence
  • Webhooks
  • BAA Management
  • Reputation & Health

MCP Tools

All 36 Model Context Protocol tools with names, descriptions, inputs, outputs, credits, scopes, and examples.

  • Scanning (3 tools)
  • Reports & Evidence (3 tools)
  • Documents (3 tools)
  • Breach Intelligence (2 tools)
  • Internal Network (3 tools)
  • Practice Info (3 tools)
  • Platform (4 tools)
  • Controls & Compliance (9 tools)
  • Free Tools (2 tools)

JSON-RPC 2.0

All 26 JSON-RPC methods with batch support, error codes, and sync/async behavior.

  • Request Format
  • Batch Requests
  • Method Reference
  • Error Codes
  • Sync vs Async

Integrations

Step-by-step guides for LangChain, LlamaIndex, OpenAI Agents SDK, Claude Desktop, Cursor, Zapier, and more.

  • LangChain (Python)
  • LlamaIndex
  • OpenAI Agents SDK
  • Claude Desktop (MCP)
  • Cursor / VS Code
  • Zapier
  • Python SDK
  • Node.js SDK
  • Google A2A Protocol

MSP Guide

Complete guide for Managed Service Providers: batch scanning, portfolio monitoring, white-label setup, and client reporting.

  • MSP API Key Types
  • Batch Scanning
  • Portfolio Monitoring
  • Client Reporting
  • White-Label Setup
  • May 2026 Deadline

Security

Authentication methods, OAuth2 scopes, API key types, rate limiting, HMAC webhook signatures, and data handling.

  • API Key Authentication
  • OAuth2 Client Credentials
  • Scopes & Permissions
  • Rate Limiting
  • Webhook Signatures
  • Data Encryption

Changelog

Version history of all major features, improvements, and fixes shipped to the platform.

  • March 2026
  • February 2026
  • Architecture

Supported Protocols

REST API

Standard HTTP JSON API with API key authentication. Primary integration method.

POST /api/a2a

MCP Server

Model Context Protocol for Claude, ChatGPT, Cursor, and custom AI assistants.

POST /api/mcp

JSON-RPC 2.0

Batch-capable JSON-RPC with 26 methods. Shares the A2A endpoint.

POST /api/a2a

Google A2A

Agent-to-Agent protocol for machine-to-machine compliance task delegation.

POST /api/a2a

Quick Example

Get compliance grade for any practice
curl -X POST https://hipaaagent.ai/api/a2a \
  -H "X-API-Key: ha_your_key_here" \
  -H "Content-Type: application/json" \
  -d '{
    "jsonrpc": "2.0",
    "method": "hipaa.grade",
    "params": { "npi": "1528585338" },
    "id": 1
  }'

Ready to integrate HIPAA compliance into your application?

Get Your Free API Key (500 Credits)