Documents

65 endpoints

get/api/v1/{org_id}/documents

List documents

List and search documents with filtering and pagination. Supports filtering by owner, document type, category, and status. Free-text search queries against title and OCR text.

Parameters

Path Parameters

org_idstringrequired

Query Parameters

pageinteger

Page number (1-based).

Default: 1

page_sizeinteger

Items per page.

Default: 50

owner_typestring

Filter by owner type. One of: patient, provider, location.

owner_uuidstring

Filter by owning entity UUID.

document_typestring

Filter by semantic document type.

category_uuidstring

Filter by category UUID.

statusstring

Filter by status. One of: uploading, processing, active, quarantined, error, archived.

searchstring

Full-text search query.

sortstring

Sort field (e.g., created_at, title, file_size).

Default: "created_at"

orderstring

Sort order: asc or desc.

Default: "desc"

include_org_scopedboolean

Include org-scoped documents in results. Default excludes them.

Default: false

Responses

200Successful Response

itemsobject[]required

pageintegerrequired

Current page number (1-based).

page_sizeintegerrequired

Items per page.

totalintegerrequired

Total matching documents.

422Validation Error

detailobject[]

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

get/api/v1/{org_id}/documents/{document_uuid}

Get document

Retrieve a single document by UUID. Raises 404 if the document does not exist.

Parameters

Path Parameters

document_uuidstringrequired

org_idstringrequired

Responses

200Successful Response

ai_classificationstring

ai_confidencenumber

categoryobject

Lightweight reference to a related entity — exposes UUID and optional name.

created_atstring (date-time)required

Creation timestamp.

descriptionstring

document_datestring (date)

document_typeenumrequired

Semantic document type from the dental document taxonomy.

aclsadministrative_procedureaed_maintenance_recordanesthesia_consentannual_filingbaabackground_checkbiological_monitoring_resultbitewingboard_certificationbrand_assetbreach_logbuilding_permitbusiness_licensebylaws_operating_agreementcalibration_recordcase_presentationcbctce_certificatece_summarycephalometriccertificate_of_occupancyclaim_attachmentclinical_protocolcontrolled_substance_licensecorporate_resolutioncovid_screeningcpr_blscredentialing_packetdea_registrationdigital_impressionemergency_contact_formemergency_procedureemergency_protocolemployee_handbookemployment_agreementeobequipment_manualextraoral_photofacility_registrationfinancial_agreementfinancial_statementfire_inspectionform_1099formation_documentsgeneral_consenthealth_department_inspectionhealth_questionnairehipaa_acknowledgmenthipaa_training_certificateinfection_control_manualinsurance_card_backinsurance_card_frontinsurance_contractintraoral_photoit_agreementjob_descriptionlab_case_photoslab_contractlab_delivery_confirmationlab_prescriptionlease_agreementliability_insurancemaintenance_logmalpractice_insurancemarketing_collateralmarketing_templatemedical_historyminor_guardian_authorizationnarrativenpi_documentationnppodontogram_snapshotoffer_letterosha_compliance_documentosha_inspectionosha_training_certificateotherpanel_participation_letterpanoramicpatient_letterpatient_registrationpayment_plan_agreementpdmp_check_documentationperformance_reviewperiapicalperiodontal_chartphoto_id_backphoto_id_frontpreauth_requestpreauth_responseprescription_recordprivacy_policyprocedure_consentprogress_notesproperty_insuranceradiation_safety_inspectionradiation_safety_trainingrecall_noticereceiptreferral_letter_incomingreferral_letter_outgoingrisk_assessmentsds_sheetsecurity_policysedation_permitsmile_design_photospecialist_reportspecialty_certificationstate_dental_licensestatementsterilization_logtax_returntraining_manualtreatment_plan_signedtreatment_plan_unsignedvaccination_recordvendor_contractw9warranty_documentationwater_quality_reportworkers_comp

expiration_datestring (date)

file_namestringrequired

Original filename including extension.

file_sizeintegerrequired

File size in bytes.

has_thumbnailbooleanrequired

Whether a thumbnail is available for the current version.

idstring (uuid)required

Document UUID.

is_lockedbooleanrequired

Whether the document is locked.

is_org_scopedbooleanrequired

True if this document belongs to the organization.

is_signedbooleanrequired

Whether the document has been signed.

is_starredbooleanrequired

Whether the document is starred.

legal_holdbooleanrequired

Whether the document is under legal hold.

link_targetsobject[]

Resolved cross-entity links for this document.

mime_typestringrequired

MIME type.

ocr_statusenumrequired

OCR processing status. One of: pending, processing, completed, failed, skipped.

completedfailedpendingprocessingskipped

owner_typestring

page_countinteger

processing_statusstring

statusenumrequired

Document lifecycle status. One of: uploading, processing, active, quarantined, error, archived.

activearchivederrorprocessingquarantineduploading

tagsstring[]

Applied tags.

titlestringrequired

Display title.

updated_atstring (date-time)required

Last update timestamp.

uploaded_bystring

versionintegerrequired

Optimistic concurrency version.

422Validation Error

detailobject[]

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

get/api/v1/{org_id}/documents/{document_uuid}/audit

Get document audit trail

Get the audit trail for a specific document. Returns audit log entries ordered by newest first. Raises 404 if the document does not exist.

Parameters

Path Parameters

document_uuidstringrequired

org_idstringrequired

Query Parameters

pageinteger

Page number (1-based).

Default: 1

page_sizeinteger

Items per page.

Default: 50

Responses

200Successful Response

itemsobject[]required

pageintegerrequired

Current page number (1-based).

page_sizeintegerrequired

Items per page.

totalintegerrequired

Total matching audit entries.

422Validation Error

detailobject[]

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}/audit" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}/audit" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

get/api/v1/{org_id}/documents/{document_uuid}/download

Download document

Generate a pre-signed download URL for the current document version. The URL has ``Content-Disposition: attachment`` for browser downloads. Raises 404 if the document does not exist or has no confirmed version.

Parameters

Path Parameters

document_uuidstringrequired

org_idstringrequired

Responses

200Successful Response

download_urlstringrequired

Pre-signed URL for downloading.

expires_inintegerrequired

Seconds until the pre-signed URL expires.

422Validation Error

detailobject[]

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}/download" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}/download" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

get/api/v1/{org_id}/documents/{document_uuid}/links

List document links

List all cross-entity links for a document. Raises 404 if the document does not exist.

Parameters

Path Parameters

document_uuidstringrequired

org_idstringrequired

Responses

200Successful Response

itemsobject[]required

422Validation Error

detailobject[]

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}/links" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}/links" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

get/api/v1/{org_id}/documents/{document_uuid}/preview

Preview document

Generate a pre-signed inline URL for previewing the document. The URL has ``Content-Disposition: inline`` for browser rendering. Raises 404 if the document does not exist or has no confirmed version.

Parameters

Path Parameters

document_uuidstringrequired

org_idstringrequired

Responses

200Successful Response

download_urlstringrequired

Pre-signed URL for downloading.

expires_inintegerrequired

Seconds until the pre-signed URL expires.

422Validation Error

detailobject[]

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}/preview" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}/preview" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

get/api/v1/{org_id}/documents/{document_uuid}/processing-status

Get document processing status

Get the processing pipeline status for a document. Returns the status of each processing step (virus scan, OCR, AI classification) and overall progress. Raises 404 if the document does not exist.

Parameters

Path Parameters

document_uuidstringrequired

org_idstringrequired

Responses

200Successful Response

overall_progressstringrequired

Overall progress summary (e.g., '2/3 completed').

stepsobject[]required

Individual processing step statuses.

422Validation Error

detailobject[]

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}/processing-status" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}/processing-status" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

get/api/v1/{org_id}/documents/{document_uuid}/signatures

List document signatures

Return all electronic signatures for a document, ordered by signing order. Raises 404 if the document does not exist.

Parameters

Path Parameters

document_uuidstringrequired

org_idstringrequired

Responses

200Successful Response

itemsobject[]required

422Validation Error

detailobject[]

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}/signatures" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}/signatures" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

get/api/v1/{org_id}/documents/{document_uuid}/thumbnail

Get thumbnail URL

Generate a pre-signed URL for the current version's thumbnail. Returns a JPEG thumbnail image URL with ``Content-Disposition: inline``. Raises 404 if the document has no thumbnail (e.g., non-image file types).

Parameters

Path Parameters

document_uuidstringrequired

org_idstringrequired

Responses

200Successful Response

download_urlstringrequired

Pre-signed URL for downloading.

expires_inintegerrequired

Seconds until the pre-signed URL expires.

422Validation Error

detailobject[]

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}/thumbnail" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}/thumbnail" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

get/api/v1/{org_id}/documents/{document_uuid}/versions

List document versions

List all versions of a document, newest first. Raises 404 if the document does not exist.

Parameters

Path Parameters

document_uuidstringrequired

org_idstringrequired

Responses

200Successful Response

itemsobject[]required

422Validation Error

detailobject[]

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}/versions" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}/versions" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

get/api/v1/{org_id}/documents/{document_uuid}/versions/{version_number}/download

Download specific version

Generate a pre-signed download URL for a specific document version. Raises 404 if the document or version does not exist.

Parameters

Path Parameters

document_uuidstringrequired

version_numberintegerrequired

org_idstringrequired

Responses

200Successful Response

download_urlstringrequired

Pre-signed URL for downloading.

expires_inintegerrequired

Seconds until the pre-signed URL expires.

422Validation Error

detailobject[]

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}/versions/{version_number}/download" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}/versions/{version_number}/download" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

get/api/v1/{org_id}/documents/categories

List categories by scope

Return the full category tree for a given scope. Categories are ordered by path and then sort_order.

Parameters

Path Parameters

org_idstringrequired

Query Parameters

scope"location" | "organization" | "patient" | "provider"required

Category scope to filter by. One of: patient, provider, location, organization.

locationorganizationpatientprovider

Responses

200Successful Response

itemsobject[]required

422Validation Error

detailobject[]

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/categories" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/categories" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

get/api/v1/{org_id}/documents/categories/{category_uuid}

Get category

Retrieve a single document category by UUID. Raises 404 if the category does not exist.

Parameters

Path Parameters

category_uuidstringrequired

org_idstringrequired

Responses

200Successful Response

created_atstring (date-time)required

Creation timestamp.

depthintegerrequired

Nesting depth (0 = root).

descriptionstring

idstring (uuid)required

Category UUID.

is_systembooleanrequired

True if this is a system-managed category.

namestringrequired

Display name.

parentobject

Lightweight reference to a related entity — exposes UUID and optional name.

scopestringrequired

Scope this category applies to. One of: patient, provider, location, organization.

slugstringrequired

URL-safe slug.

sort_orderintegerrequired

Sort position within siblings.

versionintegerrequired

Current version for optimistic concurrency — rejected with 409 if stale.

422Validation Error

detailobject[]

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/categories/{category_uuid}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/categories/{category_uuid}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

get/api/v1/{org_id}/documents/compliance/ai-stats

AI pipeline stats

Return AI pipeline processing statistics. Includes OCR counts by status, AI classification count, and average confidence score.

Parameters

Path Parameters

org_idstringrequired

Responses

200Successful Response

ai_classifiedintegerrequired

Documents with AI classification.

avg_confidencenumberrequired

Average AI confidence score.

ocr_completedintegerrequired

Documents with OCR completed.

ocr_failedintegerrequired

Documents with OCR failed.

ocr_pendingintegerrequired

Documents with OCR pending.

422Validation Error

detailobject[]

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/compliance/ai-stats" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/compliance/ai-stats" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

get/api/v1/{org_id}/documents/compliance/alerts

Compliance alerts

Return compliance alerts based on current data state. Alerts are generated dynamically based on expired documents, unsigned consents, and other compliance indicators.

Parameters

Path Parameters

org_idstringrequired

Responses

200Successful Response

itemsobject[]required

422Validation Error

detailobject[]

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/compliance/alerts" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/compliance/alerts" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

get/api/v1/{org_id}/documents/compliance/audit

Compliance audit log

List the compliance audit log for document-related actions. Supports filtering by date range and action type.

Parameters

Path Parameters

org_idstringrequired

Query Parameters

date_fromstring

Filter audit entries from this date (inclusive).

date_tostring

Filter audit entries until this date (inclusive).

action_typestring

Filter by action type (e.g., 'create', 'update').

pageinteger

Page number (1-based).

Default: 1

page_sizeinteger

Items per page.

Default: 50

Responses

200Successful Response

itemsobject[]required

pageintegerrequired

Current page number (1-based).

page_sizeintegerrequired

Items per page.

totalintegerrequired

Total matching entries.

422Validation Error

detailobject[]

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/compliance/audit" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/compliance/audit" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

get/api/v1/{org_id}/documents/compliance/expirations

Expiring documents

List documents with expiration dates. Can be filtered by expiration status (expired, expiring, valid), document type, and title search.

Parameters

Path Parameters

org_idstringrequired

Query Parameters

statusstring

Filter by expiration status. One of: expired, expiring, valid.

document_typestring

Filter by document type.

searchstring

Search by document title.

pageinteger

Page number (1-based).

Default: 1

page_sizeinteger

Items per page.

Default: 50

Responses

200Successful Response

itemsobject[]required

pageintegerrequired

Current page number (1-based).

page_sizeintegerrequired

Items per page.

totalintegerrequired

Total matching documents.

422Validation Error

detailobject[]

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/compliance/expirations" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/compliance/expirations" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

get/api/v1/{org_id}/documents/compliance/metrics

Compliance metrics

Return headline compliance metrics. Includes counts for expired documents, expiring documents, unsigned consents, active legal holds, and a compliance score.

Parameters

Path Parameters

org_idstringrequired

Responses

200Successful Response

active_legal_holdsintegerrequired

Number of active legal holds.

compliance_scoreintegerrequired

Overall compliance score (0-100).

expired_countintegerrequired

Number of documents past their expiration date.

expiring_90dintegerrequired

Number of documents expiring within 90 days.

unsigned_consentsintegerrequired

Number of consent forms without signatures.

422Validation Error

detailobject[]

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/compliance/metrics" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/compliance/metrics" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

get/api/v1/{org_id}/documents/compliance/storage

Storage stats

Return document storage usage statistics. Includes total bytes, document count, patient count, and average size.

Parameters

Path Parameters

org_idstringrequired

Responses

200Successful Response

avg_size_bytesintegerrequired

Average document size in bytes.

document_countintegerrequired

Total document count.

patient_countintegerrequired

Number of patients with documents.

total_bytesintegerrequired

Total storage used in bytes.

422Validation Error

detailobject[]

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/compliance/storage" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/compliance/storage" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

get/api/v1/{org_id}/documents/legal-holds

List legal holds

Return all legal holds, separated into active and released history. Active holds are listed first, then historical (released) holds. Both sections are independently paginated.

Parameters

Path Parameters

org_idstringrequired

Query Parameters

active_pageinteger

Page number for active holds.

Default: 1

active_page_sizeinteger

Items per page for active holds.

Default: 50

history_pageinteger

Page number for released holds.

Default: 1

history_page_sizeinteger

Items per page for released holds.

Default: 50

Responses

200Successful Response

activeobject[]required

Currently active legal holds.

historyobject[]required

Released (historical) legal holds.

422Validation Error

detailobject[]

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/legal-holds" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/legal-holds" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

get/api/v1/{org_id}/documents/retention-policies

List retention policies

List all retention policies, optionally filtered by scope and active status. Returns policies ordered by scope, then document type.

Parameters

Path Parameters

org_idstringrequired

Query Parameters

scope"location" | "organization" | "patient" | "provider"

Filter by scope. One of: patient, provider, location, organization.

is_activeboolean

Filter by active status.

Responses

200Successful Response

itemsobject[]required

Retention policy records.

totalintegerrequired

Total number of matching policies.

422Validation Error

detailobject[]

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/retention-policies" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/retention-policies" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

get/api/v1/{org_id}/documents/search

Search documents

Full-text search with filtering, pagination, and faceted counts. When ``q`` is provided, results are ranked by relevance against title, description, and OCR text. When omitted, standard sort applies. Facet counts (by document_type, owner_type, tag, mime_type) are computed after scope filtering, before pagination.

Parameters

Path Parameters

org_idstringrequired

Query Parameters

qstring

Full-text search query.

owner_typestring

Filter by owner type. One of: patient, provider, location.

owner_uuidstring

Filter by owner UUID.

include_org_scopedboolean

Include organization-scoped documents in results.

Default: false

document_typestring

Filter by semantic document type.

category_uuidstring

Filter by category UUID.

tagsstring[]

Filter by tags (OR logic — any match).

mime_typestring

Filter by MIME type.

date_fromstring

Document date range start (inclusive).

date_tostring

Document date range end (inclusive).

is_signedboolean

Filter by signed status.

is_starredboolean

Filter by starred status.

expiring_beforestring

Find documents expiring before this date.

statusstring

Filter by status. One of: uploading, active, quarantined, archived.

pageinteger

Page number (1-based).

Default: 1

page_sizeinteger

Items per page.

Default: 50

sortstring

Sort field (e.g., created_at, title, file_size).

Default: "created_at"

orderstring

Sort order: asc or desc.

Default: "desc"

include_facetsboolean

Include facet counts in response.

Default: true

Responses

200Successful Response

facetsobject

Aggregated facet counts for search refinement.

itemsobject[]required

pageintegerrequired

Current page number (1-based).

page_sizeintegerrequired

Items per page.

query_time_msinteger

totalintegerrequired

Total matching documents.

422Validation Error

detailobject[]

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/search" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/search" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

get/api/v1/{org_id}/documents/search/tags/autocomplete

Autocomplete tags

Return distinct tags matching a prefix for autocomplete. Returns up to ``limit`` tags ordered alphabetically.

Parameters

Path Parameters

org_idstringrequired

Query Parameters

prefixstring

Tag prefix to filter by (case-insensitive).

limitinteger

Maximum results.

Default: 20

Responses

200Successful Response

tagsstring[]required

Matching tags.

422Validation Error

detailobject[]

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/search/tags/autocomplete" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/search/tags/autocomplete" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

get/api/v1/{org_id}/documents/templates

List templates

Return a paginated list of document templates. Templates can be filtered by scope, document type, and active status.

Parameters

Path Parameters

org_idstringrequired

Query Parameters

scope"location" | "organization" | "patient" | "provider"

Filter by scope. One of: patient, provider, location, organization.

document_typestring

Filter by semantic document type.

is_activeboolean

Filter by active status. Pass true/false to filter, omit for all.

pageinteger

Page number (1-based).

Default: 1

page_sizeinteger

Items per page.

Default: 50

sortstring

Sort column. One of: name, created_at, updated_at, document_type.

Default: "name"

orderstring

Sort order. One of: asc, desc.

Default: "asc"

Responses

200Successful Response

itemsobject[]required

pageintegerrequired

Current page number (1-based).

page_sizeintegerrequired

Items per page.

totalintegerrequired

Total matching templates.

422Validation Error

detailobject[]

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/templates" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/templates" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

get/api/v1/{org_id}/documents/templates/{template_uuid}

Get template

Retrieve a single document template by UUID. Raises 404 if the template does not exist.

Parameters

Path Parameters

template_uuidstringrequired

org_idstringrequired

Responses

200Successful Response

category_slugstring

content_formatstringrequired

Content format. One of: html, markdown, pdf.

created_atstring (date-time)required

Creation timestamp.

descriptionstring

document_typestringrequired

Semantic document type produced by this template.

idstring (uuid)required

Template UUID.

is_activebooleanrequired

Whether the template is active.

is_dso_managedbooleanrequired

Whether the template is DSO-managed.

merge_fieldsobject[]

namestringrequired

Template display name.

required_for_proceduresstring[]

requires_signaturebooleanrequired

Whether documents require signatures.

scopestringrequired

Entity scope. One of: patient, provider, location, organization.

signature_partiesstring[]

updated_atstring (date-time)required

Last update timestamp.

versionintegerrequired

Optimistic concurrency version.

422Validation Error

detailobject[]

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/templates/{template_uuid}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/templates/{template_uuid}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

get/api/v1/{org_id}/documents/templates/{template_uuid}/versions

List template versions

Return all versions for a template, newest first. Raises 404 if the template does not exist.

Parameters

Path Parameters

template_uuidstringrequired

org_idstringrequired

Responses

200Successful Response

itemsobject[]required

422Validation Error

detailobject[]

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/templates/{template_uuid}/versions" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/templates/{template_uuid}/versions" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

get/api/v1/{org_id}/documents/templates/merge-fields

List available merge fields

Return available merge fields grouped by entity type. Used by the template editor to offer field insertion.

Parameters

Path Parameters

org_idstringrequired

Responses

200Successful Response

groupsobject[]required

422Validation Error

detailobject[]

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/templates/merge-fields" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/templates/merge-fields" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

get/api/v1/{org_id}/documents/triage

List triage queue

List unfiled documents in the triage queue, oldest first. Returns documents that are active with no category assignment. Optionally filtered by the upload source of the current version.

Parameters

Path Parameters

org_idstringrequired

Query Parameters

pageinteger

Page number (1-based).

Default: 1

page_sizeinteger

Items per page.

Default: 50

Filter by upload source. One of: web, mobile, scanner, email, portal, api, migration.

Responses

200Successful Response

itemsobject[]required

pageintegerrequired

Current page number (1-based).

page_sizeintegerrequired

Items per page.

totalintegerrequired

Total matching documents.

422Validation Error

detailobject[]

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/triage" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/triage" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

get/api/v1/{org_id}/documents/triage/count

Get triage count

Return the number of unclassified documents in the triage queue.

Parameters

Path Parameters

org_idstringrequired

Responses

200Successful Response

countintegerrequired

Number of unclassified documents in the triage queue.

422Validation Error

detailobject[]

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/triage/count" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/triage/count" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

get/api/v1/{org_id}/documents/triage/stats

Get triage stats

Return triage queue statistics. Includes counts for unassigned, AI-classified, needs-review, and filed-today documents.

Parameters

Path Parameters

org_idstringrequired

Responses

200Successful Response

ai_classifiedintegerrequired

Unfiled documents with AI classification suggestion.

filed_todayintegerrequired

Documents filed from triage today.

needs_reviewintegerrequired

Unfiled documents with low AI confidence (< 0.90).

unassignedintegerrequired

Total unfiled documents in the triage queue.

422Validation Error

detailobject[]

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/triage/stats" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X GET "https://api.example.com/api/v1/{org_id}/documents/triage/stats" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

post/api/v1/{org_id}/documents/{document_uuid}/archive

Archive document

Archive (soft-delete) a document. Blocked if the document is locked or under legal hold — raises 422. Raises 404 if the document does not exist.

Parameters

Path Parameters

document_uuidstringrequired

org_idstringrequired

Responses

200Successful Response

ai_classificationstring

ai_confidencenumber

categoryobject

Lightweight reference to a related entity — exposes UUID and optional name.

created_atstring (date-time)required

Creation timestamp.

descriptionstring

document_datestring (date)

document_typeenumrequired

Semantic document type from the dental document taxonomy.

expiration_datestring (date)

file_namestringrequired

Original filename including extension.

file_sizeintegerrequired

File size in bytes.

has_thumbnailbooleanrequired

Whether a thumbnail is available for the current version.

idstring (uuid)required

Document UUID.

is_lockedbooleanrequired

Whether the document is locked.

is_org_scopedbooleanrequired

True if this document belongs to the organization.

is_signedbooleanrequired

Whether the document has been signed.

is_starredbooleanrequired

Whether the document is starred.

legal_holdbooleanrequired

Whether the document is under legal hold.

link_targetsobject[]

Resolved cross-entity links for this document.

mime_typestringrequired

MIME type.

ocr_statusenumrequired

OCR processing status. One of: pending, processing, completed, failed, skipped.

completedfailedpendingprocessingskipped

owner_typestring

page_countinteger

processing_statusstring

statusenumrequired

Document lifecycle status. One of: uploading, processing, active, quarantined, error, archived.

activearchivederrorprocessingquarantineduploading

tagsstring[]

Applied tags.

titlestringrequired

Display title.

updated_atstring (date-time)required

Last update timestamp.

uploaded_bystring

versionintegerrequired

Optimistic concurrency version.

422Validation Error

detailobject[]

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}/archive" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}/archive" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

post/api/v1/{org_id}/documents/{document_uuid}/confirm-upload

Confirm upload

Confirm that a file upload completed successfully. 1. Verifies the file exists at the staging location. 2. Verifies the SHA-256 checksum matches. 3. Scans the file for viruses via ClamAV. 4. If clean: moves file to permanent storage, creates the first ``DocumentVersion``, and transitions the document to ``status='active'``. 5. If infected: moves file to quarantine storage, sets document ``status='quarantined'``, and returns 422. Raises 409 if the document has already been confirmed. Raises 422 if checksum verification fails or virus is detected. Raises 503 if the virus scanner is temporarily unavailable. Raises 404 if the document does not exist.

Parameters

Path Parameters

document_uuidstringrequired

org_idstringrequired

Request Body

checksum_sha256stringrequired

SHA-256 hex digest of the uploaded file.

Responses

200Successful Response

ai_classificationstring

ai_confidencenumber

categoryobject

Lightweight reference to a related entity — exposes UUID and optional name.

created_atstring (date-time)required

Creation timestamp.

descriptionstring

document_datestring (date)

document_typeenumrequired

Semantic document type from the dental document taxonomy.

expiration_datestring (date)

file_namestringrequired

Original filename including extension.

file_sizeintegerrequired

File size in bytes.

has_thumbnailbooleanrequired

Whether a thumbnail is available for the current version.

idstring (uuid)required

Document UUID.

is_lockedbooleanrequired

Whether the document is locked.

is_org_scopedbooleanrequired

True if this document belongs to the organization.

is_signedbooleanrequired

Whether the document has been signed.

is_starredbooleanrequired

Whether the document is starred.

legal_holdbooleanrequired

Whether the document is under legal hold.

link_targetsobject[]

Resolved cross-entity links for this document.

mime_typestringrequired

MIME type.

ocr_statusenumrequired

OCR processing status. One of: pending, processing, completed, failed, skipped.

completedfailedpendingprocessingskipped

owner_typestring

page_countinteger

processing_statusstring

statusenumrequired

Document lifecycle status. One of: uploading, processing, active, quarantined, error, archived.

activearchivederrorprocessingquarantineduploading

tagsstring[]

Applied tags.

titlestringrequired

Display title.

updated_atstring (date-time)required

Last update timestamp.

uploaded_bystring

versionintegerrequired

Optimistic concurrency version.

422Validation Error

detailobject[]

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}/confirm-upload" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "checksum_sha256": "string"
  }'

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}/confirm-upload" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "checksum_sha256": "string"
  }'

post/api/v1/{org_id}/documents/{document_uuid}/confirm-version

Confirm version upload

Confirm that a new version upload completed successfully. 1. Verifies the file exists at the staging location. 2. Verifies the SHA-256 checksum matches. 3. Scans the file for viruses via ClamAV. 4. If clean: moves file to permanent storage, creates the ``DocumentVersion`` record, and updates denormalized fields. 5. If infected: moves file to quarantine, returns 422. Must be called after the file has been uploaded to the pre-signed URL returned by ``POST /{document_uuid:uuid}/upload-version``. Raises 422 if the file is not found in storage, checksum mismatches, or virus is detected. Raises 503 if the virus scanner is temporarily unavailable. Raises 404 if the document does not exist.

Parameters

Path Parameters

document_uuidstringrequired

org_idstringrequired

Request Body

change_notestring

checksum_sha256stringrequired

SHA-256 hex digest of the uploaded file.

file_namestringrequired

Filename of the uploaded version.

file_sizeintegerrequired

File size in bytes.

mime_typestringrequired

MIME type of the uploaded file.

version_numberintegerrequired

Version number returned by the upload-version endpoint.

Responses

200Successful Response

ai_classificationstring

ai_confidencenumber

categoryobject

Lightweight reference to a related entity — exposes UUID and optional name.

created_atstring (date-time)required

Creation timestamp.

descriptionstring

document_datestring (date)

document_typeenumrequired

Semantic document type from the dental document taxonomy.

expiration_datestring (date)

file_namestringrequired

Original filename including extension.

file_sizeintegerrequired

File size in bytes.

has_thumbnailbooleanrequired

Whether a thumbnail is available for the current version.

idstring (uuid)required

Document UUID.

is_lockedbooleanrequired

Whether the document is locked.

is_org_scopedbooleanrequired

True if this document belongs to the organization.

is_signedbooleanrequired

Whether the document has been signed.

is_starredbooleanrequired

Whether the document is starred.

legal_holdbooleanrequired

Whether the document is under legal hold.

link_targetsobject[]

Resolved cross-entity links for this document.

mime_typestringrequired

MIME type.

ocr_statusenumrequired

OCR processing status. One of: pending, processing, completed, failed, skipped.

completedfailedpendingprocessingskipped

owner_typestring

page_countinteger

processing_statusstring

statusenumrequired

Document lifecycle status. One of: uploading, processing, active, quarantined, error, archived.

activearchivederrorprocessingquarantineduploading

tagsstring[]

Applied tags.

titlestringrequired

Display title.

updated_atstring (date-time)required

Last update timestamp.

uploaded_bystring

versionintegerrequired

Optimistic concurrency version.

422Validation Error

detailobject[]

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}/confirm-version" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "change_note": "string",
    "checksum_sha256": "string",
    "file_name": "string",
    "file_size": 1,
    "mime_type": "string",
    "version_number": 1
  }'

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}/confirm-version" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "change_note": "string",
    "checksum_sha256": "string",
    "file_name": "string",
    "file_size": 1,
    "mime_type": "string",
    "version_number": 1
  }'

post/api/v1/{org_id}/documents/{document_uuid}/links

Create document link

Create a cross-entity link from a document to another entity. Raises 409 if the link already exists. Raises 404 if the document or target entity does not exist.

Parameters

Path Parameters

document_uuidstringrequired

org_idstringrequired

Request Body

link_typestring

Link type (e.g., 'reference', 'attachment', 'supporting'). Defaults to 'reference'.

target_typeenumrequired

Entity type to link to. One of: patient, provider, location, claim. Additional types (appointment, treatment_plan) will be added when those domain resolvers are available.

claimlocationpatientprovider

target_uuidstring (uuid)required

UUID of the target entity.

Responses

201Successful Response

created_atstring (date-time)required

Creation timestamp.

idstring (uuid)required

Link UUID.

link_typestringrequired

Link relationship type (e.g., 'reference', 'attachment').

target_displaystring

target_typestringrequired

Target entity type (e.g., 'patient', 'appointment').

target_uuidstring (uuid)required

UUID of the target entity.

422Validation Error

detailobject[]

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}/links" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "link_type": "reference",
    "target_type": "claim",
    "target_uuid": "00000000-0000-0000-0000-000000000000"
  }'

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}/links" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "link_type": "reference",
    "target_type": "claim",
    "target_uuid": "00000000-0000-0000-0000-000000000000"
  }'

post/api/v1/{org_id}/documents/{document_uuid}/sign

Sign document

Record an electronic signature on a document. Raises 404 if the document does not exist. Raises 422 if the document is locked or the party has already signed.

Parameters

Path Parameters

document_uuidstringrequired

org_idstringrequired

Request Body

content_hash_sha256stringrequired

SHA-256 hex digest of the document content at signing time. Used for tamper detection.

signature_datastring

signature_methodenumrequired

Signature capture method. One of: drawn, typed, uploaded.

drawntypeduploaded

signer_namestringrequired

Display name of the signer.

signer_typeenumrequired

Type of signer. One of: patient, provider, guardian, witness.

guardianpatientproviderwitness

signer_uuidstring (uuid)

Responses

201Successful Response

idstring (uuid)required

Signature UUID.

signature_methodstringrequired

Capture method. One of: drawn, typed, uploaded.

signed_atstring (date-time)required

Timestamp of the signature.

signer_namestringrequired

Display name of the signer.

signer_typestringrequired

Signer type. One of: patient, provider, guardian, witness.

signer_uuidstring (uuid)

signing_orderintegerrequired

Order in which the signature was recorded.

422Validation Error

detailobject[]

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}/sign" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "content_hash_sha256": "string",
    "signature_data": "string",
    "signature_method": "drawn",
    "signer_name": "string",
    "signer_type": "guardian"
  }'

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}/sign" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "content_hash_sha256": "string",
    "signature_data": "string",
    "signature_method": "drawn",
    "signer_name": "string",
    "signer_type": "guardian"
  }'

post/api/v1/{org_id}/documents/{document_uuid}/tags

Add tags to document

Add one or more tags to a document. Duplicate tags are silently ignored (unique constraint). Raises 404 if the document does not exist.

Parameters

Path Parameters

document_uuidstringrequired

org_idstringrequired

Request Body

tagsstring[]required

Tags to add (max 20 per request).

Responses

200Successful Response

ai_classificationstring

ai_confidencenumber

categoryobject

Lightweight reference to a related entity — exposes UUID and optional name.

created_atstring (date-time)required

Creation timestamp.

descriptionstring

document_datestring (date)

document_typeenumrequired

Semantic document type from the dental document taxonomy.

expiration_datestring (date)

file_namestringrequired

Original filename including extension.

file_sizeintegerrequired

File size in bytes.

has_thumbnailbooleanrequired

Whether a thumbnail is available for the current version.

idstring (uuid)required

Document UUID.

is_lockedbooleanrequired

Whether the document is locked.

is_org_scopedbooleanrequired

True if this document belongs to the organization.

is_signedbooleanrequired

Whether the document has been signed.

is_starredbooleanrequired

Whether the document is starred.

legal_holdbooleanrequired

Whether the document is under legal hold.

link_targetsobject[]

Resolved cross-entity links for this document.

mime_typestringrequired

MIME type.

ocr_statusenumrequired

OCR processing status. One of: pending, processing, completed, failed, skipped.

completedfailedpendingprocessingskipped

owner_typestring

page_countinteger

processing_statusstring

statusenumrequired

Document lifecycle status. One of: uploading, processing, active, quarantined, error, archived.

activearchivederrorprocessingquarantineduploading

tagsstring[]

Applied tags.

titlestringrequired

Display title.

updated_atstring (date-time)required

Last update timestamp.

uploaded_bystring

versionintegerrequired

Optimistic concurrency version.

422Validation Error

detailobject[]

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}/tags" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "tags": []
  }'

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}/tags" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "tags": []
  }'

post/api/v1/{org_id}/documents/{document_uuid}/upload-version

Initiate version upload

Initiate a new version upload and receive a pre-signed URL. This is the first step of a two-step process: 1. Call this endpoint to get an upload URL and version number. 2. Upload the file to the pre-signed URL (staging location). 3. Call ``POST /{document_uuid:uuid}/confirm-version`` to trigger virus scanning and finalize. No version record is created until confirm — if the upload fails, no stale data remains. Raises 422 if MIME type or file size is invalid. Raises 404 if the document does not exist.

Parameters

Path Parameters

document_uuidstringrequired

org_idstringrequired

Request Body

change_notestring

file_namestringrequired

Original filename including extension.

file_sizeintegerrequired

File size in bytes.

mime_typestringrequired

MIME type (e.g., 'application/pdf', 'image/jpeg').

Responses

201Successful Response

documentobjectrequired

Full document representation.

uploadobjectrequired

Pre-signed upload target returned to the client.

version_numberintegerrequired

Server-assigned version number. Pass this to confirm-version after uploading.

422Validation Error

detailobject[]

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}/upload-version" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "change_note": "string",
    "file_name": "string",
    "file_size": 1,
    "mime_type": "string"
  }'

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}/upload-version" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "change_note": "string",
    "file_name": "string",
    "file_size": 1,
    "mime_type": "string"
  }'

post/api/v1/{org_id}/documents/bulk/archive

Bulk archive documents

Archive (soft-delete) multiple documents. Maximum 100 documents per request. Locked documents and documents on legal hold are skipped with an error. Raises 404 if any document UUID is not found.

Parameters

Path Parameters

org_idstringrequired

Request Body

document_uuidsstring (uuid)[]required

UUIDs of documents to archive (max 100).

Responses

200Successful Response

errorsstring[]

failedintegerrequired

Number of documents that failed processing.

succeededintegerrequired

Number of documents processed successfully.

422Validation Error

detailobject[]

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/bulk/archive" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "document_uuids": []
  }'

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/bulk/archive" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "document_uuids": []
  }'

post/api/v1/{org_id}/documents/bulk/download

Bulk download as ZIP

Request a bulk download of multiple documents as a ZIP archive. Maximum 100 documents per request. Returns a pre-signed URL for the generated ZIP file. Raises 501 until async ZIP generation is implemented (M7 — Export & Reporting).

Parameters

Path Parameters

org_idstringrequired

Request Body

document_uuidsstring (uuid)[]required

UUIDs of documents to download (max 100).

Responses

200Successful Response

document_countintegerrequired

Number of documents in the ZIP.

download_urlstringrequired

Pre-signed URL for the ZIP file.

expires_inintegerrequired

Seconds until the URL expires.

total_sizeintegerrequired

Total size of all files in bytes.

422Validation Error

detailobject[]

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/bulk/download" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "document_uuids": []
  }'

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/bulk/download" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "document_uuids": []
  }'

post/api/v1/{org_id}/documents/bulk/move

Bulk move to category

Move multiple documents to a target category. Maximum 100 documents per request. Raises 404 if the category or any document UUID is not found.

Parameters

Path Parameters

org_idstringrequired

Request Body

category_uuidstring (uuid)required

UUID of the target category.

document_uuidsstring (uuid)[]required

UUIDs of documents to move (max 100).

Responses

200Successful Response

errorsstring[]

failedintegerrequired

Number of documents that failed processing.

succeededintegerrequired

Number of documents processed successfully.

422Validation Error

detailobject[]

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/bulk/move" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "category_uuid": "00000000-0000-0000-0000-000000000000",
    "document_uuids": []
  }'

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/bulk/move" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "category_uuid": "00000000-0000-0000-0000-000000000000",
    "document_uuids": []
  }'

post/api/v1/{org_id}/documents/bulk/tag

Bulk add tags

Add tags to multiple documents in a single operation. Maximum 100 documents and 20 tags per request. Duplicate tags on individual documents are silently ignored. Raises 404 if any document UUID is not found.

Parameters

Path Parameters

org_idstringrequired

Request Body

document_uuidsstring (uuid)[]required

UUIDs of documents to tag (max 100).

tagsstring[]required

Tags to apply (max 20).

Responses

200Successful Response

errorsstring[]

failedintegerrequired

Number of documents that failed processing.

succeededintegerrequired

Number of documents processed successfully.

422Validation Error

detailobject[]

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/bulk/tag" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "document_uuids": [],
    "tags": []
  }'

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/bulk/tag" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "document_uuids": [],
    "tags": []
  }'

post/api/v1/{org_id}/documents/categories

Create category

Create a new document category. Raises 404 if ``parent_uuid`` references a non-existent category.

Parameters

Path Parameters

org_idstringrequired

Request Body

descriptionstring

namestringrequired

Category display name.

parent_uuidstring (uuid)

scopeenumrequired

Scope this category applies to. One of: patient, provider, location, organization.

locationorganizationpatientprovider

sort_orderinteger

Sort position within siblings.

Responses

201Successful Response

created_atstring (date-time)required

Creation timestamp.

depthintegerrequired

Nesting depth (0 = root).

descriptionstring

idstring (uuid)required

Category UUID.

is_systembooleanrequired

True if this is a system-managed category.

namestringrequired

Display name.

parentobject

Lightweight reference to a related entity — exposes UUID and optional name.

scopestringrequired

Scope this category applies to. One of: patient, provider, location, organization.

slugstringrequired

URL-safe slug.

sort_orderintegerrequired

Sort position within siblings.

versionintegerrequired

Current version for optimistic concurrency — rejected with 409 if stale.

422Validation Error

detailobject[]

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/categories" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "description": "string",
    "name": "string",
    "parent_uuid": "string",
    "scope": "location",
    "sort_order": 0
  }'

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/categories" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "description": "string",
    "name": "string",
    "parent_uuid": "string",
    "scope": "location",
    "sort_order": 0
  }'

post/api/v1/{org_id}/documents/categories/{category_uuid}/archive

Archive category

Archive a document category (soft-delete). System categories cannot be archived — raises 422. Raises 404 if the category does not exist.

Parameters

Path Parameters

category_uuidstringrequired

org_idstringrequired

Responses

200Successful Response

created_atstring (date-time)required

Creation timestamp.

depthintegerrequired

Nesting depth (0 = root).

descriptionstring

idstring (uuid)required

Category UUID.

is_systembooleanrequired

True if this is a system-managed category.

namestringrequired

Display name.

parentobject

Lightweight reference to a related entity — exposes UUID and optional name.

scopestringrequired

Scope this category applies to. One of: patient, provider, location, organization.

slugstringrequired

URL-safe slug.

sort_orderintegerrequired

Sort position within siblings.

versionintegerrequired

Current version for optimistic concurrency — rejected with 409 if stale.

422Validation Error

detailobject[]

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/categories/{category_uuid}/archive" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/categories/{category_uuid}/archive" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

post/api/v1/{org_id}/documents/compliance/export

Export compliance report

Export a compliance report (PDF/CSV). Not yet implemented — deferred to M10.

Parameters

Path Parameters

org_idstringrequired

Responses

422Validation Error

detailobject[]

501Successful Response

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/compliance/export" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/compliance/export" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

post/api/v1/{org_id}/documents/legal-holds

Create legal hold

Create a legal hold on one or more documents. Sets ``legal_hold=True`` on each document and prevents modification or deletion until the hold is released. Raises 404 if any document UUID does not exist or is soft-deleted.

Parameters

Path Parameters

org_idstringrequired

Request Body

case_referencestring

document_uuidsstring (uuid)[]required

UUIDs of documents to place on hold (max 100). Duplicates are automatically removed.

reasonstringrequired

Reason for the legal hold (e.g., litigation, regulatory).

Responses

201Successful Response

case_referencestring

created_atstring (date-time)required

Creation timestamp.

document_countintegerrequired

Number of documents under this hold.

document_uuidsstring (uuid)[]required

Documents under this hold.

held_atstring (date-time)required

Timestamp when the hold was placed.

held_bystring

idstring (uuid)required

Legal hold UUID.

reasonstringrequired

Reason for the legal hold.

release_reasonstring

released_atstring (date-time)

released_bystring

statusstringrequired

Hold status. One of: active, released.

updated_atstring (date-time)required

Last update timestamp.

versionintegerrequired

Optimistic concurrency version.

422Validation Error

detailobject[]

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/legal-holds" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "case_reference": "string",
    "document_uuids": [],
    "reason": "string"
  }'

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/legal-holds" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "case_reference": "string",
    "document_uuids": [],
    "reason": "string"
  }'

post/api/v1/{org_id}/documents/retention-policies

Create retention policy

Create a new retention policy for a scope + document type. Raises 422 if a policy for the given (scope, document_type) already exists.

Parameters

Path Parameters

org_idstringrequired

Request Body

auto_disposeboolean

If true, documents are automatically disposed when the retention period expires.

disposal_methodenum

Method of disposal after retention expires. One of: archive, delete, shred.

archivedeleteshred

document_typestringrequired

Semantic document type this policy governs (e.g., 'consent_form', 'periapical').

minor_extension_yearsinteger

Additional years added when the patient is a minor (only used with age_of_majority trigger).

retention_triggerenum

Event that starts the retention clock. One of: upload_date, document_date, last_visit, age_of_majority, expiration_date, termination_date.

age_of_majoritydocument_dateexpiration_datelast_visittermination_dateupload_date

retention_yearsintegerrequired

Number of years to retain documents of this type.

scopeenumrequired

Entity scope this policy applies to. One of: patient, provider, location, organization.

locationorganizationpatientprovider

Responses

201Successful Response

auto_disposebooleanrequired

Whether automatic disposal is enabled.

created_atstring (date-time)required

Creation timestamp.

disposal_methodstringrequired

Disposal method: archive, delete, or shred.

document_typestringrequired

Semantic document type this policy governs.

idstring (uuid)required

Retention policy UUID.

is_activebooleanrequired

Whether this policy is currently active.

minor_extension_yearsintegerrequired

Additional years for minor patients.

retention_triggerstringrequired

Event that starts the retention clock.

retention_yearsintegerrequired

Number of years to retain.

scopestringrequired

Entity scope. One of: patient, provider, location, organization.

updated_atstring (date-time)required

Last update timestamp.

versionintegerrequired

Optimistic concurrency version.

422Validation Error

detailobject[]

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/retention-policies" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "auto_dispose": false,
    "disposal_method": "archive",
    "document_type": "string",
    "minor_extension_years": 0,
    "retention_trigger": "age_of_majority",
    "retention_years": 1,
    "scope": "location"
  }'

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/retention-policies" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "auto_dispose": false,
    "disposal_method": "archive",
    "document_type": "string",
    "minor_extension_years": 0,
    "retention_trigger": "age_of_majority",
    "retention_years": 1,
    "scope": "location"
  }'

post/api/v1/{org_id}/documents/search/semantic

Semantic search

Natural-language semantic search using vector similarity. Uses document embeddings and pgvector for cosine-similarity ranking. Raises 501 until embedding pipeline is implemented (M7).

Parameters

Path Parameters

org_idstringrequired

Request Body

limitinteger

Maximum results to return.

owner_typeenum

locationpatientprovider

owner_uuidstring (uuid)

querystringrequired

Natural language query (e.g., 'wisdom tooth X-ray from last year').

Responses

200Successful Response

facetsobject

Aggregated facet counts for search refinement.

itemsobject[]required

pageintegerrequired

Current page number (1-based).

page_sizeintegerrequired

Items per page.

query_time_msinteger

totalintegerrequired

Total matching documents.

422Validation Error

detailobject[]

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/search/semantic" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "limit": 20,
    "owner_type": "string",
    "owner_uuid": "string",
    "query": "string"
  }'

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/search/semantic" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "limit": 20,
    "owner_type": "string",
    "owner_uuid": "string",
    "query": "string"
  }'

post/api/v1/{org_id}/documents/templates

Create template

Create a new document template with initial content (v1). Raises 422 if validation fails.

Parameters

Path Parameters

org_idstringrequired

Request Body

category_slugstring

contentstringrequired

Template body content for the initial version (v1).

content_formatenum

Content format. One of: html, markdown, pdf. Defaults to html.

htmlmarkdownpdf

descriptionstring

document_typestringrequired

Semantic document type produced by this template (e.g., 'general_consent', 'treatment_plan_unsigned').

is_dso_managedboolean

If true, the template is managed at the DSO level and cannot be modified by individual practices.

merge_fieldsobject[]

namestringrequired

Template display name (e.g., 'Standard Adult Consent').

required_for_proceduresstring[]

requires_signatureboolean

Whether documents created from this template require signatures.

scopeenumrequired

Entity scope this template applies to. One of: patient, provider, location, organization.

locationorganizationpatientprovider

signature_partiesstring[]

Responses

201Successful Response

category_slugstring

content_formatstringrequired

Content format. One of: html, markdown, pdf.

created_atstring (date-time)required

Creation timestamp.

descriptionstring

document_typestringrequired

Semantic document type produced by this template.

idstring (uuid)required

Template UUID.

is_activebooleanrequired

Whether the template is active.

is_dso_managedbooleanrequired

Whether the template is DSO-managed.

merge_fieldsobject[]

namestringrequired

Template display name.

required_for_proceduresstring[]

requires_signaturebooleanrequired

Whether documents require signatures.

scopestringrequired

Entity scope. One of: patient, provider, location, organization.

signature_partiesstring[]

updated_atstring (date-time)required

Last update timestamp.

versionintegerrequired

Optimistic concurrency version.

422Validation Error

detailobject[]

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/templates" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "category_slug": "string",
    "content": "string",
    "content_format": "html",
    "description": "string",
    "document_type": "string",
    "name": "string",
    "scope": "location"
  }'

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/templates" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "category_slug": "string",
    "content": "string",
    "content_format": "html",
    "description": "string",
    "document_type": "string",
    "name": "string",
    "scope": "location"
  }'

post/api/v1/{org_id}/documents/templates/{template_uuid}/archive

Archive template

Archive a document template (soft-delete). Raises 404 if the template does not exist.

Parameters

Path Parameters

template_uuidstringrequired

org_idstringrequired

Responses

200Successful Response

category_slugstring

content_formatstringrequired

Content format. One of: html, markdown, pdf.

created_atstring (date-time)required

Creation timestamp.

descriptionstring

document_typestringrequired

Semantic document type produced by this template.

idstring (uuid)required

Template UUID.

is_activebooleanrequired

Whether the template is active.

is_dso_managedbooleanrequired

Whether the template is DSO-managed.

merge_fieldsobject[]

namestringrequired

Template display name.

required_for_proceduresstring[]

requires_signaturebooleanrequired

Whether documents require signatures.

scopestringrequired

Entity scope. One of: patient, provider, location, organization.

signature_partiesstring[]

updated_atstring (date-time)required

Last update timestamp.

versionintegerrequired

Optimistic concurrency version.

422Validation Error

detailobject[]

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/templates/{template_uuid}/archive" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/templates/{template_uuid}/archive" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

post/api/v1/{org_id}/documents/templates/{template_uuid}/generate

Generate document from template

Render a template with merge data and create a new document. Resolves ``{{namespace.field}}`` placeholders in the template's latest published version using the provided ``merge_data``. The rendered content is stored as a new HTML document linked to the source template version. Raises 404 if template not found. Raises 422 if template has no published versions or owner validation fails.

Parameters

Path Parameters

template_uuidstringrequired

org_idstringrequired

Request Body

is_org_scopedboolean

If true, document is org-scoped (no owner).

location_uuidstring

merge_dataobject

Merge field values as flat key→value pairs (e.g., {"patient.name": "John Doe", "date.today": "2026-03-14"}).

owner_typeenum

locationpatientprovider

owner_uuidstring

titlestring

Responses

201Successful Response

ai_classificationstring

ai_confidencenumber

categoryobject

Lightweight reference to a related entity — exposes UUID and optional name.

created_atstring (date-time)required

Creation timestamp.

descriptionstring

document_datestring (date)

document_typeenumrequired

Semantic document type from the dental document taxonomy.

expiration_datestring (date)

file_namestringrequired

Original filename including extension.

file_sizeintegerrequired

File size in bytes.

has_thumbnailbooleanrequired

Whether a thumbnail is available for the current version.

idstring (uuid)required

Document UUID.

is_lockedbooleanrequired

Whether the document is locked.

is_org_scopedbooleanrequired

True if this document belongs to the organization.

is_signedbooleanrequired

Whether the document has been signed.

is_starredbooleanrequired

Whether the document is starred.

legal_holdbooleanrequired

Whether the document is under legal hold.

link_targetsobject[]

Resolved cross-entity links for this document.

mime_typestringrequired

MIME type.

ocr_statusenumrequired

OCR processing status. One of: pending, processing, completed, failed, skipped.

completedfailedpendingprocessingskipped

owner_typestring

page_countinteger

processing_statusstring

statusenumrequired

Document lifecycle status. One of: uploading, processing, active, quarantined, error, archived.

activearchivederrorprocessingquarantineduploading

tagsstring[]

Applied tags.

titlestringrequired

Display title.

updated_atstring (date-time)required

Last update timestamp.

uploaded_bystring

versionintegerrequired

Optimistic concurrency version.

422Validation Error

detailobject[]

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/templates/{template_uuid}/generate" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "is_org_scoped": false,
    "location_uuid": "string",
    "merge_data": {},
    "owner_type": "string",
    "owner_uuid": "string"
  }'

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/templates/{template_uuid}/generate" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "is_org_scoped": false,
    "location_uuid": "string",
    "merge_data": {},
    "owner_type": "string",
    "owner_uuid": "string"
  }'

post/api/v1/{org_id}/documents/templates/{template_uuid}/publish

Publish new template version

Publish a new version of a document template. Creates an immutable ``DocumentTemplateVersion`` record with an incremented version number. Raises 404 if the template does not exist. Raises 409 if the ``base_version`` is stale.

Parameters

Path Parameters

template_uuidstringrequired

org_idstringrequired

Request Body

base_versionintegerrequired

Current version for optimistic concurrency — rejected with 409 if stale.

change_notestring

contentstringrequired

New template body content for this version.

Responses

201Successful Response

category_slugstring

content_formatstringrequired

Content format. One of: html, markdown, pdf.

created_atstring (date-time)required

Creation timestamp.

descriptionstring

document_typestringrequired

Semantic document type produced by this template.

idstring (uuid)required

Template UUID.

is_activebooleanrequired

Whether the template is active.

is_dso_managedbooleanrequired

Whether the template is DSO-managed.

merge_fieldsobject[]

namestringrequired

Template display name.

required_for_proceduresstring[]

requires_signaturebooleanrequired

Whether documents require signatures.

scopestringrequired

Entity scope. One of: patient, provider, location, organization.

signature_partiesstring[]

updated_atstring (date-time)required

Last update timestamp.

versionintegerrequired

Optimistic concurrency version.

422Validation Error

detailobject[]

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/templates/{template_uuid}/publish" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "base_version": 1,
    "change_note": "string",
    "content": "string"
  }'

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/templates/{template_uuid}/publish" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "base_version": 1,
    "change_note": "string",
    "content": "string"
  }'

post/api/v1/{org_id}/documents/templates/validate-codes

Validate procedure codes

Validate a list of procedure codes against the system catalog. Returns which codes are valid (exist) and which are invalid.

Parameters

Path Parameters

org_idstringrequired

Request Body

codesstring[]required

Procedure codes to validate (max 100).

Responses

200Successful Response

invalidstring[]required

Codes that do not exist.

validstring[]required

Codes that exist in the system.

422Validation Error

detailobject[]

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/templates/validate-codes" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "codes": []
  }'

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/templates/validate-codes" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "codes": []
  }'

post/api/v1/{org_id}/documents/triage/{document_uuid}/file

File triage document

File a triage document into a category. Raises 404 if the document or category does not exist. Raises 422 if the document is already filed in a category.

Parameters

Path Parameters

document_uuidstringrequired

org_idstringrequired

Request Body

category_uuidstring (uuid)required

UUID of the category to file the document into.

document_typestring

Responses

200Successful Response

ai_classificationstring

ai_confidencenumber

categoryobject

Lightweight reference to a related entity — exposes UUID and optional name.

created_atstring (date-time)required

Creation timestamp.

descriptionstring

document_datestring (date)

document_typeenumrequired

Semantic document type from the dental document taxonomy.

expiration_datestring (date)

file_namestringrequired

Original filename including extension.

file_sizeintegerrequired

File size in bytes.

has_thumbnailbooleanrequired

Whether a thumbnail is available for the current version.

idstring (uuid)required

Document UUID.

is_lockedbooleanrequired

Whether the document is locked.

is_org_scopedbooleanrequired

True if this document belongs to the organization.

is_signedbooleanrequired

Whether the document has been signed.

is_starredbooleanrequired

Whether the document is starred.

legal_holdbooleanrequired

Whether the document is under legal hold.

link_targetsobject[]

Resolved cross-entity links for this document.

mime_typestringrequired

MIME type.

ocr_statusenumrequired

OCR processing status. One of: pending, processing, completed, failed, skipped.

completedfailedpendingprocessingskipped

owner_typestring

page_countinteger

processing_statusstring

statusenumrequired

Document lifecycle status. One of: uploading, processing, active, quarantined, error, archived.

activearchivederrorprocessingquarantineduploading

tagsstring[]

Applied tags.

titlestringrequired

Display title.

updated_atstring (date-time)required

Last update timestamp.

uploaded_bystring

versionintegerrequired

Optimistic concurrency version.

422Validation Error

detailobject[]

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/triage/{document_uuid}/file" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "category_uuid": "00000000-0000-0000-0000-000000000000",
    "document_type": "string"
  }'

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/triage/{document_uuid}/file" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "category_uuid": "00000000-0000-0000-0000-000000000000",
    "document_type": "string"
  }'

post/api/v1/{org_id}/documents/triage/auto-classify

Auto-classify triage documents

Auto-classify unfiled documents using AI. Not yet implemented — requires M7 AI pipeline.

Parameters

Path Parameters

org_idstringrequired

Responses

422Validation Error

detailobject[]

501Successful Response

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/triage/auto-classify" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/triage/auto-classify" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

post/api/v1/{org_id}/documents/triage/bulk-file

Bulk file by AI confidence

Bulk-file triage documents with sufficient AI confidence. Files documents whose ``ai_confidence`` is at or above the specified threshold. Documents without a clear category mapping are skipped.

Parameters

Path Parameters

org_idstringrequired

Request Body

min_confidencenumber

Minimum AI confidence score required for auto-filing (0.0-1.0).

Responses

200Successful Response

filed_countintegerrequired

Number of documents successfully filed.

skipped_countintegerrequired

Number of documents skipped (no clear mapping).

422Validation Error

detailobject[]

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/triage/bulk-file" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "min_confidence": 0.9
  }'

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/triage/bulk-file" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "min_confidence": 0.9
  }'

post/api/v1/{org_id}/documents/upload

Initiate upload

Initiate a document upload and receive a pre-signed URL. 1. Validates MIME type against allowlist and file size against org limit. 2. Resolves ``owner_uuid`` to internal ID if provided. 3. Creates a Document record with ``status='uploading'``. 4. Generates a pre-signed upload URL for the staging prefix. The client uploads directly to the staging location. After upload, call ``POST /{document_uuid:uuid}/confirm-upload`` to trigger virus scanning and promotion to permanent storage. Raises 422 if MIME type or file size is invalid, or if mutual exclusion between ``is_org_scoped`` and ``owner_type``/``owner_uuid`` is violated. Raises 404 if the owner or category entity is not found.

Parameters

Path Parameters

org_idstringrequired

Request Body

category_uuidstring (uuid)

descriptionstring

document_datestring (date)

document_typestringrequired

Semantic document type (e.g., 'consent_form', 'periapical').

expiration_datestring (date)

file_namestringrequired

Original filename including extension.

file_sizeintegerrequired

File size in bytes.

is_org_scopedboolean

If true, document belongs to the organization. owner_type and owner_uuid must both be omitted.

location_uuidstring (uuid)

mime_typestringrequired

MIME type (e.g., 'application/pdf', 'image/jpeg').

owner_typeenum

locationpatientprovider

owner_uuidstring (uuid)

tagsstring[]

titlestringrequired

Display title for the document.

Responses

201Successful Response

documentobjectrequired

Full document representation.

uploadobjectrequired

Pre-signed upload target returned to the client.

422Validation Error

detailobject[]

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/upload" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "category_uuid": "string",
    "description": "string",
    "document_date": "string",
    "document_type": "string",
    "expiration_date": "string",
    "file_name": "string",
    "file_size": 1,
    "mime_type": "string",
    "title": "string"
  }'

curl

curl -X POST "https://api.example.com/api/v1/{org_id}/documents/upload" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "category_uuid": "string",
    "description": "string",
    "document_date": "string",
    "document_type": "string",
    "expiration_date": "string",
    "file_name": "string",
    "file_size": 1,
    "mime_type": "string",
    "title": "string"
  }'

patch/api/v1/{org_id}/documents/{document_uuid}

Update document metadata

Update document metadata fields. Requires ``base_version`` for optimistic concurrency. Raises 409 if the version is stale. Raises 404 if document not found.

Parameters

Path Parameters

document_uuidstringrequired

org_idstringrequired

Request Body

base_versionintegerrequired

Current version for optimistic concurrency — rejected with 409 if stale.

category_uuidstring (uuid)

descriptionstring

document_datestring (date)

document_typestring

expiration_datestring (date)

is_starredboolean

titlestring

Responses

200Successful Response

ai_classificationstring

ai_confidencenumber

categoryobject

Lightweight reference to a related entity — exposes UUID and optional name.

created_atstring (date-time)required

Creation timestamp.

descriptionstring

document_datestring (date)

document_typeenumrequired

Semantic document type from the dental document taxonomy.

expiration_datestring (date)

file_namestringrequired

Original filename including extension.

file_sizeintegerrequired

File size in bytes.

has_thumbnailbooleanrequired

Whether a thumbnail is available for the current version.

idstring (uuid)required

Document UUID.

is_lockedbooleanrequired

Whether the document is locked.

is_org_scopedbooleanrequired

True if this document belongs to the organization.

is_signedbooleanrequired

Whether the document has been signed.

is_starredbooleanrequired

Whether the document is starred.

legal_holdbooleanrequired

Whether the document is under legal hold.

link_targetsobject[]

Resolved cross-entity links for this document.

mime_typestringrequired

MIME type.

ocr_statusenumrequired

OCR processing status. One of: pending, processing, completed, failed, skipped.

completedfailedpendingprocessingskipped

owner_typestring

page_countinteger

processing_statusstring

statusenumrequired

Document lifecycle status. One of: uploading, processing, active, quarantined, error, archived.

activearchivederrorprocessingquarantineduploading

tagsstring[]

Applied tags.

titlestringrequired

Display title.

updated_atstring (date-time)required

Last update timestamp.

uploaded_bystring

versionintegerrequired

Optimistic concurrency version.

422Validation Error

detailobject[]

curl

curl -X PATCH "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "base_version": 1,
    "category_uuid": "string",
    "description": "string",
    "document_date": "string",
    "document_type": "string"
  }'

curl

curl -X PATCH "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "base_version": 1,
    "category_uuid": "string",
    "description": "string",
    "document_date": "string",
    "document_type": "string"
  }'

patch/api/v1/{org_id}/documents/categories/{category_uuid}

Update category

Update a document category. Raises 404 if the category or new parent does not exist.

Parameters

Path Parameters

category_uuidstringrequired

org_idstringrequired

Request Body

base_versionintegerrequired

Current version for optimistic concurrency — rejected with 409 if stale.

descriptionstring

namestring

parent_uuidstring (uuid)

sort_orderinteger

Responses

200Successful Response

created_atstring (date-time)required

Creation timestamp.

depthintegerrequired

Nesting depth (0 = root).

descriptionstring

idstring (uuid)required

Category UUID.

is_systembooleanrequired

True if this is a system-managed category.

namestringrequired

Display name.

parentobject

Lightweight reference to a related entity — exposes UUID and optional name.

scopestringrequired

Scope this category applies to. One of: patient, provider, location, organization.

slugstringrequired

URL-safe slug.

sort_orderintegerrequired

Sort position within siblings.

versionintegerrequired

Current version for optimistic concurrency — rejected with 409 if stale.

422Validation Error

detailobject[]

curl

curl -X PATCH "https://api.example.com/api/v1/{org_id}/documents/categories/{category_uuid}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "base_version": 1,
    "description": "string",
    "name": "string",
    "parent_uuid": "string",
    "sort_order": 1
  }'

curl

curl -X PATCH "https://api.example.com/api/v1/{org_id}/documents/categories/{category_uuid}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "base_version": 1,
    "description": "string",
    "name": "string",
    "parent_uuid": "string",
    "sort_order": 1
  }'

patch/api/v1/{org_id}/documents/legal-holds/{hold_uuid}/release

Release legal hold

Release a legal hold, allowing held documents to be modified again. Only clears the ``legal_hold`` flag on documents that have no other active holds remaining. Raises 404 if the hold does not exist. Raises 409 if the version is stale. Raises 422 if the hold has already been released.

Parameters

Path Parameters

hold_uuidstringrequired

org_idstringrequired

Request Body

base_versionintegerrequired

Current version for optimistic concurrency — rejected with 409 if stale.

release_reasonstring

Responses

200Successful Response

case_referencestring

created_atstring (date-time)required

Creation timestamp.

document_countintegerrequired

Number of documents under this hold.

document_uuidsstring (uuid)[]required

Documents under this hold.

held_atstring (date-time)required

Timestamp when the hold was placed.

held_bystring

idstring (uuid)required

Legal hold UUID.

reasonstringrequired

Reason for the legal hold.

release_reasonstring

released_atstring (date-time)

released_bystring

statusstringrequired

Hold status. One of: active, released.

updated_atstring (date-time)required

Last update timestamp.

versionintegerrequired

Optimistic concurrency version.

422Validation Error

detailobject[]

curl

curl -X PATCH "https://api.example.com/api/v1/{org_id}/documents/legal-holds/{hold_uuid}/release" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "base_version": 1,
    "release_reason": "string"
  }'

curl

curl -X PATCH "https://api.example.com/api/v1/{org_id}/documents/legal-holds/{hold_uuid}/release" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "base_version": 1,
    "release_reason": "string"
  }'

patch/api/v1/{org_id}/documents/retention-policies/{policy_uuid}

Update retention policy

Update a retention policy. Requires ``base_version`` for optimistic concurrency. Raises 409 if the version is stale. Raises 404 if policy not found.

Parameters

Path Parameters

policy_uuidstringrequired

org_idstringrequired

Request Body

auto_disposeboolean

base_versionintegerrequired

Current version for optimistic concurrency — rejected with 409 if stale.

disposal_methodenum

archivedeleteshred

is_activeboolean

minor_extension_yearsinteger

retention_triggerenum

age_of_majoritydocument_dateexpiration_datelast_visittermination_dateupload_date

retention_yearsinteger

Responses

200Successful Response

auto_disposebooleanrequired

Whether automatic disposal is enabled.

created_atstring (date-time)required

Creation timestamp.

disposal_methodstringrequired

Disposal method: archive, delete, or shred.

document_typestringrequired

Semantic document type this policy governs.

idstring (uuid)required

Retention policy UUID.

is_activebooleanrequired

Whether this policy is currently active.

minor_extension_yearsintegerrequired

Additional years for minor patients.

retention_triggerstringrequired

Event that starts the retention clock.

retention_yearsintegerrequired

Number of years to retain.

scopestringrequired

Entity scope. One of: patient, provider, location, organization.

updated_atstring (date-time)required

Last update timestamp.

versionintegerrequired

Optimistic concurrency version.

422Validation Error

detailobject[]

curl

curl -X PATCH "https://api.example.com/api/v1/{org_id}/documents/retention-policies/{policy_uuid}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "auto_dispose": null,
    "base_version": 1,
    "disposal_method": "string",
    "is_active": null,
    "minor_extension_years": 1
  }'

curl

curl -X PATCH "https://api.example.com/api/v1/{org_id}/documents/retention-policies/{policy_uuid}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "auto_dispose": null,
    "base_version": 1,
    "disposal_method": "string",
    "is_active": null,
    "minor_extension_years": 1
  }'

patch/api/v1/{org_id}/documents/templates/{template_uuid}

Update template

Update document template metadata. Raises 404 if the template does not exist. Raises 409 if the ``base_version`` is stale.

Parameters

Path Parameters

template_uuidstringrequired

org_idstringrequired

Request Body

base_versionintegerrequired

Current version for optimistic concurrency — rejected with 409 if stale.

category_slugstring

content_formatenum

htmlmarkdownpdf

descriptionstring

document_typestring

is_activeboolean

merge_fieldsobject[]

namestring

required_for_proceduresstring[]

requires_signatureboolean

signature_partiesstring[]

Responses

200Successful Response

category_slugstring

content_formatstringrequired

Content format. One of: html, markdown, pdf.

created_atstring (date-time)required

Creation timestamp.

descriptionstring

document_typestringrequired

Semantic document type produced by this template.

idstring (uuid)required

Template UUID.

is_activebooleanrequired

Whether the template is active.

is_dso_managedbooleanrequired

Whether the template is DSO-managed.

merge_fieldsobject[]

namestringrequired

Template display name.

required_for_proceduresstring[]

requires_signaturebooleanrequired

Whether documents require signatures.

scopestringrequired

Entity scope. One of: patient, provider, location, organization.

signature_partiesstring[]

updated_atstring (date-time)required

Last update timestamp.

versionintegerrequired

Optimistic concurrency version.

422Validation Error

detailobject[]

curl

curl -X PATCH "https://api.example.com/api/v1/{org_id}/documents/templates/{template_uuid}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "base_version": 1,
    "category_slug": "string",
    "content_format": "string",
    "description": "string",
    "document_type": "string"
  }'

curl

curl -X PATCH "https://api.example.com/api/v1/{org_id}/documents/templates/{template_uuid}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "base_version": 1,
    "category_slug": "string",
    "content_format": "string",
    "description": "string",
    "document_type": "string"
  }'

delete/api/v1/{org_id}/documents/{document_uuid}/links/{link_uuid}

Delete document link

Delete a cross-entity link from a document. Raises 404 if the document, link does not exist, or link does not belong to the specified document.

Parameters

Path Parameters

document_uuidstringrequired

link_uuidstringrequired

org_idstringrequired

Responses

204Successful Response

422Validation Error

detailobject[]

curl

curl -X DELETE "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}/links/{link_uuid}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X DELETE "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}/links/{link_uuid}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

delete/api/v1/{org_id}/documents/{document_uuid}/tags/{tag}

Remove tag from document

Remove a tag from a document. Raises 404 if the document or tag does not exist.

Parameters

Path Parameters

document_uuidstringrequired

tagstringrequired

org_idstringrequired

Responses

200Successful Response

ai_classificationstring

ai_confidencenumber

categoryobject

Lightweight reference to a related entity — exposes UUID and optional name.

created_atstring (date-time)required

Creation timestamp.

descriptionstring

document_datestring (date)

document_typeenumrequired

Semantic document type from the dental document taxonomy.

expiration_datestring (date)

file_namestringrequired

Original filename including extension.

file_sizeintegerrequired

File size in bytes.

has_thumbnailbooleanrequired

Whether a thumbnail is available for the current version.

idstring (uuid)required

Document UUID.

is_lockedbooleanrequired

Whether the document is locked.

is_org_scopedbooleanrequired

True if this document belongs to the organization.

is_signedbooleanrequired

Whether the document has been signed.

is_starredbooleanrequired

Whether the document is starred.

legal_holdbooleanrequired

Whether the document is under legal hold.

link_targetsobject[]

Resolved cross-entity links for this document.

mime_typestringrequired

MIME type.

ocr_statusenumrequired

OCR processing status. One of: pending, processing, completed, failed, skipped.

completedfailedpendingprocessingskipped

owner_typestring

page_countinteger

processing_statusstring

statusenumrequired

Document lifecycle status. One of: uploading, processing, active, quarantined, error, archived.

activearchivederrorprocessingquarantineduploading

tagsstring[]

Applied tags.

titlestringrequired

Display title.

updated_atstring (date-time)required

Last update timestamp.

uploaded_bystring

versionintegerrequired

Optimistic concurrency version.

422Validation Error

detailobject[]

curl

curl -X DELETE "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}/tags/{tag}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X DELETE "https://api.example.com/api/v1/{org_id}/documents/{document_uuid}/tags/{tag}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

delete/api/v1/{org_id}/documents/retention-policies/{policy_uuid}

Delete retention policy

Hard-delete a retention policy. Raises 404 if the policy does not exist.

Parameters

Path Parameters

policy_uuidstringrequired

org_idstringrequired

Responses

204Successful Response

422Validation Error

detailobject[]

curl

curl -X DELETE "https://api.example.com/api/v1/{org_id}/documents/retention-policies/{policy_uuid}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X DELETE "https://api.example.com/api/v1/{org_id}/documents/retention-policies/{policy_uuid}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

delete/api/v1/{org_id}/documents/triage/{document_uuid}

Delete triage item

Delete (soft-delete) an unfiled triage document. Raises 404 if the document does not exist. Raises 422 if the document is already filed in a category.

Parameters

Path Parameters

document_uuidstringrequired

org_idstringrequired

Responses

204Successful Response

422Validation Error

detailobject[]

curl

curl -X DELETE "https://api.example.com/api/v1/{org_id}/documents/triage/{document_uuid}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

curl

curl -X DELETE "https://api.example.com/api/v1/{org_id}/documents/triage/{document_uuid}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"