Private API
Token-authenticated platform and clinic API namespaces for internal, mobile, or partner-controlled integrations.
API tokenPlatform namespaceClinic namespaceTenant scoped
Details
API Shape
The API is intentionally private and controlled first, with central token issuance and optional clinic scoping.
- /platform/api/v1 exposes clinics, health snapshots, commercial summary, memberships, signup intents, SSO identity admin views, audit exports, and platform access policy state.
- /platform/api/v1 also exposes subscription summaries, token audit, and lifecycle actions for platform operators.
- /clinic/api/v1/{tenant} exposes clinic summary, AI runs, communications data, and patient communication preference state after tenant membership and token checks.
- Tokens can be unrestricted or pinned to one clinic.
- Tenant initialization happens inside the clinic API controller so responses use the same clinic-local data model as the web UI.
Details
Current Review And Queue Actions
The first private write surfaces mirror the safest operational actions already available in the web product.
- Clinic write tokens can approve, discard, or retry AI runs inside one tenant scope.
- Clinic write tokens can trigger communications replay for queued deliveries and inspect patient channel preferences without broad clinic edit permissions.
- Platform write tokens can execute clinic lifecycle transitions while platform read or commercial read tokens stay narrower.
- Membership or clinic suspension revokes scoped tokens so stale access cannot survive lifecycle changes.
Coverage appendix
This page is tied back to routes, views, requests, tests, and implementation files in the generated docs coverage appendix.