How to Integrate with My HSA

Health Savings Accounts (HSAs) hold some of the most valuable financial data for consumers and platforms alike — contribution amounts, balances, eligible expenses, transaction history. But for developers and product teams, accessing this data programmatically has historically been a nightmare.

HSA providers don't offer public APIs. Their portals are fragmented across dozens of administrators — HealthEquity, Optum Bank, Fidelity, HSA Bank, WEX, and more — each with its own interface, authentication method, and data structure. Integrating with even one can take weeks. Integrating with all of them is often considered practically impossible without serious infrastructure investment.

This guide explains the challenges, the approaches teams have tried, and how Deck solves the HSA integration problem at scale.

Why HSA Integration Is So Hard

No Official API Ecosystem

Unlike banking systems with open banking standards or payroll platforms with normalized schemas, the HSA industry has no standard API layer. Each administrator operates independently, with no shared protocol for programmatic data access. If you want to pull a user's balance from HealthEquity and Optum in the same product experience, you're essentially building two different integrations from scratch.

Complex Authentication

HSA portals enforce strict security practices: multi-factor authentication, session expiration, device verification, and sometimes CAPTCHA challenges on login. These defenses are designed to prevent unauthorized access — but they also block legitimate automation.

Fragmented Data Models

Even when you can access data from an HSA portal, it often returns in inconsistent formats. Dates formatted differently. Transaction categories named differently. Balance fields with different labels. Normalizing data across providers requires significant mapping work on top of the integration itself.

Approaches Teams Have Tried

Manual File Exports

Some teams ask users to log into their HSA portal, download a CSV or PDF statement, and upload it to the platform. This works for one-time verification scenarios but falls apart for anything requiring ongoing, automated access. The user experience is poor, and the data goes stale immediately.

DIY Automation Scripts

Other teams build their own Selenium or Playwright-based scripts to log into HSA portals and scrape data. This gives you initial access, but it's fragile. Portal layout changes break scripts. Auth updates require urgent patches. Scaling across multiple providers multiplies the maintenance burden significantly.

Partnerships and Agreements

Some larger fintech companies pursue direct data-sharing agreements with HSA administrators. This is the most reliable path — but also the most resource-intensive. Negotiations take months. Coverage is typically limited to a handful of the largest providers. Smaller administrators and regional plans remain out of reach.

How Deck Solves HSA Integration

Deck takes a different approach: instead of waiting for HSA administrators to open up APIs or negotiating provider-by-provider agreements, Deck's platform accesses HSA portals the same way a user would — through the front-end interface, with explicit user permission.

How It Works

1. User Consent: The user connects their HSA account through a secure, Deck-powered flow. They authenticate directly with their HSA provider using their own credentials. Deck never stores passwords — it manages sessions using secure tokens.
2. Authentication Handling: Deck handles the MFA, CAPTCHA, and session management challenges that make HSA portals hard to access programmatically. If the portal requires a one-time code, Deck facilitates that step within the user consent flow.
3. Data Extraction: Once authenticated, Deck navigates the portal and extracts structured data — balance, contributions, transactions, eligible expense history — and returns it as clean, normalized JSON through its API.
4. Ongoing Access: Deck maintains the session so subsequent data pulls don't require the user to re-authenticate. If a session expires or the portal changes, Deck handles the recovery automatically.

What You Can Access

• Current HSA balance
• Year-to-date contributions (employee and employer)
• Contribution limits and remaining capacity
• Transaction history and eligible expense records
• Investment account details (where applicable)

Supported Providers

Deck supports HSA integration across the major administrators in the US market, including HealthEquity, Optum Bank, Fidelity, HSA Bank, WEX Health, and others. Coverage expands continuously as new providers are added.

Use Cases for HSA Integration

Financial Planning and Budgeting Apps

Help users understand how their HSA fits into their overall financial picture. Show HSA balance alongside bank accounts, investment accounts, and retirement savings for a complete view.

Benefits Administration Platforms

Give HR teams and employees real-time visibility into HSA balances and contribution status without requiring manual reporting from the HSA administrator.

Healthcare Cost Management

Help users track eligible expenses against their HSA balance, flag reimbursable costs, and optimize HSA contributions based on expected medical spend.

Lending and Affordability

Incorporate HSA balances into affordability assessments for healthcare financing, where HSA funds represent a reliable repayment source.

Getting Started

If you're building a product that needs HSA data access, Deck provides a straightforward integration path. You connect to Deck's API once, implement the user consent flow, and get access to HSA data across supported providers — without building or maintaining individual integrations for each administrator.