Getting started
Introduction to Empower Pharmacy APIs
The Empower Pharmacy API platform gives you direct access to the nation's largest compounding pharmacy infrastructure — programmatically. Our mission is to make high-quality compounded medications more accessible to patients everywhere, and we believe open, reliable APIs are central to making that happen.
We're excited to have partners like you who are looking to transform the patient medication experience. This API is central to our business and we can't wait for you to get started. We hope your integration is smooth — and if you have questions at any point, please contact us today.
What is an API?
If you're thinking of active pharmaceutical ingredient — you wouldn't be wrong! Here though, we're focused on technology APIs and how they can transform the way your patients access compounded medications.
The Empower Pharmacy API is a powerful, robust RESTful JSON-based API. It gives you the ability to tap into our compounding pharmacy infrastructure — submitting orders, tracking fulfillment, and receiving real-time status updates, all from within your own platform.
This guide will walk you through the essentials: how to authenticate, how to make requests, how to handle responses, and how to set up webhooks so your system stays in sync with ours. You can also dive into our full API reference documentation at any time.
HIPAA and security
Overview
Empower Pharmacy takes the security and confidentiality of protected health information (PHI) seriously. We ensure your data integrity is a top priority — from the moment you initiate an API request, all the way to when your patient receives their medication.
Empower maintains a comprehensive set of policies and procedures to safeguard our physical and technical infrastructure and remain compliant with the HIPAA Privacy Rule, Security Rule, Transactions and Code Sets Rule, and their implementing regulations. Empower Pharmacy is a Covered Entity. For more information, Empower also publishes a Privacy Policy, Notice of Privacy Practices, and Terms and Conditions.
All API requests are transmitted over TLS 1.2 protocol. All data is encrypted in transit and at rest using trusted, HIPAA-compliant cloud infrastructure.
Security assessments
Security, privacy, and regulatory compliance are core pillars of our business. We maintain an active internal review program and engage professional third-party auditors to evaluate the effectiveness of our controls on an ongoing basis.
We welcome our partners to conduct their own assessments, including security audits, site reviews, and other due-diligence measures. Questions or concerns about our security or privacy program can be directed to our Privacy Officer at privacy@empowerpharmacy.com.
Authentication
The Empower Pharmacy API uses an API Key and API Secret to authenticate integrations. These credentials are used to generate an access token, which must be included in all requests to protected API endpoints.
Access tokens are required for all authenticated API requests and have the following constraints:
- Tokens expire after 1 hour, or
- After 10 successful API requests
Requests that result in a 401 Unauthorized response do not count toward the 10-request limit. When an access token expires or reaches its usage limit, a new token must be generated using your API Key and API Secret.
Environments
Empower Pharmacy offers two API environments:
- Sandbox — Used for development and integration testing
- Production — Used for live prescription processing
Each environment includes its own Developer Console and requires separate credentials. To receive access, contact your Empower Pharmacy sales representative once you've confirmed that your integration meets your organization's technical requirements. When requesting access, please provide the following details for each user who needs Developer Console access:
- First Name
- Last Name
- Email Address
The sandbox environment is designed for testing and may not fully mirror the production environment. Key differences include:
- The sandbox typically includes 1–2 test providers.
- The production environment includes a full list of active providers.
- Product availability in the sandbox may differ from production, as sandbox data is not maintained with the same rigor.
Despite these differences, product identifiers remain consistent across both environments, ensuring that integrations developed in sandbox will function correctly in production.
Base request URLs
Webhook events
Empower Pharmacy can send webhook events to notify your system whenever an order's status changes. Webhooks enable your system to receive updates automatically, removing the need to continuously poll the API for new information.
Webhook notifications can be used by clinics regardless of whether they are directly integrated with Empower's API. As long as your system stores an identifier that matches one of the fields included in the webhook payload — such as LFOrderId — it can correctly associate the webhook event with the corresponding order.
Order status events
Orders submitted to Empower Pharmacy may generate up to three webhook events, depending on the submission method.
If an order is submitted through the Empower API, the following events will be triggered:
- Received
- Processing
- Complete
If an order is submitted through another channel — such as Surescripts, ScriptScan, or other external systems — the Received event will not be sent. In those cases, only the following events will be issued:
- Processing
- Complete
Received
The Received event is triggered when Empower Pharmacy successfully accepts an order submitted through the API. This webhook is sent immediately after the order has been received and validated by the system.
{
"LifeFile_Practice_ID__c": <INTEGER_PRACTICE_ID_IN_LIFEFILE>,
"LFProviderId": null,
"PrescriberOrderNumber": "",
"EipOrderId": <THE_ORDER_ID_RETURNED_FROM_EASYRX>,
"LFPatientId": null,
"LFOrderId": null,
"LFReferenceId": null,
"ClientOrderId": "<THE_ORDER_ID_IN_CLIENTS_SYSTEM>",
"ClientPatientId": null,
"MessageId": "<A_GUID_USED_FOR_TRACKING_IN_LIFEFILE>",
"CanonicalOrderId": <AN_INTERNAL_ID_FOR_THAT_RELATES_TO_THE_EIP_ORDER_ID>,
"Reference1": null,
"Reference2": null,
"Reference3": null,
"Reference4": null,
"Reference5": null,
"OrderStatus": "Received",
"Error": null,
"PrescriptionPdfBase64": null,
"OrderStatusLastUpdatedTime": null,
"OrderLines": [],
"ShipmentLines": []
}Processing
The Processing event is triggered when a pharmacy staff member begins working on the order. At this point, the order has officially entered the fulfillment workflow.
{
"LifeFile_Practice_ID__c": <INTEGER_PRACTICE_ID_IN_LIFEFILE>,
"LFProviderId": null,
"PrescriberOrderNumber": "",
"EipOrderId": <THE_ORDER_ID_RETURNED_FROM_EASYRX>,
"LFPatientId": null,
"LFOrderId": null,
"LFReferenceId": null,
"ClientOrderId": "<THE_ORDER_ID_IN_CLIENTS_SYSTEM>",
"ClientPatientId": null,
"MessageId": "<A_GUID_USED_FOR_TRACKING_IN_LIFEFILE>",
"CanonicalOrderId": <AN_INTERNAL_ID_FOR_THAT_RELATES_TO_THE_EIP_ORDER_ID>,
"Reference1": null,
"Reference2": null,
"Reference3": null,
"Reference4": null,
"Reference5": null,
"OrderStatus": "Processing",
"Error": null,
"PrescriptionPdfBase64": null,
"OrderStatusLastUpdatedTime": null,
"OrderLines": [],
"ShipmentLines": []
}Complete
The Complete event is triggered when an order has finished the fulfillment process. This typically occurs when a tracking number has been generated, or the patient has picked up the order from the pharmacy. The webhook payload will include shipment details within the ShipmentLines array.
At this time, the API does not provide real-time shipment tracking updates. Only a single shipment entry is returned in the payload.
{
"LifeFile_Practice_ID__c": <INTEGER_PRACTICE_ID_IN_LIFEFILE>,
"LFProviderId": null,
"PrescriberOrderNumber": "",
"EipOrderId": <THE_ORDER_ID_RETURNED_FROM_EASYRX>,
"LFPatientId": "<PATIENT_ID_IN_LIFEFILE>",
"LFOrderId": "<ORDER_ID_IN_LIFEFILE>",
"LFReferenceId": null,
"ClientOrderId": "<THE_ORDER_ID_IN_CLIENTS_SYSTEM>",
"ClientPatientId": null,
"MessageId": "<A_GUID_USED_FOR_TRACKING_IN_LIFEFILE>",
"CanonicalOrderId": <AN_INTERNAL_ID_FOR_THAT_RELATES_TO_THE_EIP_ORDER_ID>,
"Reference1": null,
"Reference2": null,
"Reference3": null,
"Reference4": null,
"Reference5": null,
"OrderStatus": "Complete",
"Error": null,
"PrescriptionPdfBase64": null,
"OrderStatusLastUpdatedTime": null,
"OrderLines": [],
"ShipmentLines": [
{
"ShipmentStatus": "<STATUS>",
"ShipmentStatusLastUpdatedTime": "<DATE_TIME_STAMP>",
"ShipmentTrackingNumber": "<TRACKING_NUMBER>",
"ShipmentTrackingUrl": "http://wwwapps.ups.com/WebTracking/processInputRequest?TypeOfInquiryNumber=T&InquiryNumber1=<TRACKING_NUMBER>",
"ShipmentProvider": "<UPS_OR_FEDEX>"
}
]
}Webhook delivery
Empower Pharmacy delivers webhook events as HTTP POST requests sent to the endpoint you configure.
Headers: Content-Type: application/json
Your endpoint should respond with 200 OK to acknowledge successful receipt of the webhook. If your endpoint returns a non-200 status code, the webhook delivery may be retried.
