Dental PMS

Platform

57 endpoints

Admins

6 endpoints

get/api/v1/platform/admins

List platform admins

List all users with platform access and their group assignments. Requires ``platform.admins.list`` permission.

Parameters

Query Parameters
searchstring

Filter by email or name (case-insensitive).

pageinteger

Page number (1-based).

Default: 1

page_sizeinteger

Items per page (max 100).

Default: 25

Responses

200Successful Response
itemsobject[]required

List of platform admin users.

totalintegerrequired

Total number of platform admins matching the query.

422Validation Error
detailobject[]
curl
curl -X GET "https://api.example.com/api/v1/platform/admins" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"
get/api/v1/platform/admins/{admin_uuid}

Get platform admin detail

Get detailed info for a platform admin including groups, org access, and effective permissions. Requires ``platform.admins.read`` permission. Raises 404 if the user is not found or does not have platform access.

Parameters

Path Parameters
admin_uuidstringrequired

Responses

200Successful Response
created_atstring (date-time)required

Account creation timestamp.

display_namestringrequired

Display name.

effective_permissionsstring[]

Flat list of all effective permission keys.

emailstringrequired

Email address.

groupsobject[]

Permission groups with system flag.

idstring (uuid)required

Public UUID of the user.

is_global_accessbooleanrequired

Whether the user has global org access.

last_login_atstring (date-time)
org_accessobject[]

Explicit org access grants.

statusstringrequired

User account status. One of: active, suspended, deactivated.

422Validation Error
detailobject[]
curl
curl -X GET "https://api.example.com/api/v1/platform/admins/{admin_uuid}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"
get/api/v1/platform/orgs

List organizations

List all organizations in the platform. Requires ``platform.orgs.list`` permission.

Parameters

Query Parameters
searchstring

Filter by org name or slug (case-insensitive).

statusstring

Filter by org status (active, migrating, suspended).

pageinteger

Page number (1-based).

Default: 1

page_sizeinteger

Items per page.

Default: 50

Responses

200Successful Response
itemsobject[]required

List of organizations.

totalintegerrequired

Total number of organizations matching the query.

422Validation Error
detailobject[]
curl
curl -X GET "https://api.example.com/api/v1/platform/orgs" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"
post/api/v1/platform/admins

Create platform admin

Grant platform access to a user and assign an initial permission group. Creates the user if one with the given email does not already exist. Requires ``platform.admins.create`` permission. Raises 409 if the user already has platform access.

Request Body

display_namestringrequired

Display name for the user.

emailstringrequired

Email address of the user to grant platform access.

group_uuidstring (uuid)required

Public UUID of the permission group to assign as the initial group.

Responses

201Successful Response
created_atstring (date-time)required

Account creation timestamp.

display_namestringrequired

Display name.

emailstringrequired

Email address.

groupsobject[]

Permission groups assigned to this user.

idstring (uuid)required

Public UUID of the user.

is_global_accessbooleanrequired

Whether the user has global org access.

last_login_atstring (date-time)
org_access_countinteger

Number of explicit org access grants.

statusstringrequired

User account status. One of: active, suspended, deactivated.

422Validation Error
detailobject[]
curl
curl -X POST "https://api.example.com/api/v1/platform/admins" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "display_name": "string",
    "email": "string",
    "group_uuid": "00000000-0000-0000-0000-000000000000"
  }'
patch/api/v1/platform/admins/{admin_uuid}

Update platform admin

Update a platform admin's profile fields (display_name, email). Requires ``platform.admins.update`` permission. Raises 404 if the user is not found or does not have platform access.

Parameters

Path Parameters
admin_uuidstringrequired

Request Body

display_namestring
emailstring

Responses

200Successful Response
created_atstring (date-time)required

Account creation timestamp.

display_namestringrequired

Display name.

emailstringrequired

Email address.

groupsobject[]

Permission groups assigned to this user.

idstring (uuid)required

Public UUID of the user.

is_global_accessbooleanrequired

Whether the user has global org access.

last_login_atstring (date-time)
org_access_countinteger

Number of explicit org access grants.

statusstringrequired

User account status. One of: active, suspended, deactivated.

422Validation Error
detailobject[]
curl
curl -X PATCH "https://api.example.com/api/v1/platform/admins/{admin_uuid}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "display_name": "string",
    "email": "string"
  }'
delete/api/v1/platform/admins/{admin_uuid}

Revoke platform admin

Remove all platform access from a user. Deletes all group assignments and org access entries. Sets ``has_platform_access = False`` and ``is_global_access = False``. Requires ``platform.admins.revoke`` permission. Raises 404 if user not found or not a platform admin. Raises 400 if this would leave no users with the ``platform.admins.create`` permission.

Parameters

Path Parameters
admin_uuidstringrequired

Responses

204Successful Response
422Validation Error
detailobject[]
curl
curl -X DELETE "https://api.example.com/api/v1/platform/admins/{admin_uuid}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

Assignments

3 endpoints

get/api/v1/platform/admins/{admin_uuid}/assignments

List a platform admin's group assignments

List all group assignments for a platform admin. Requires ``platform.admins.read`` permission. Raises 404 if the admin user is not found.

Parameters

Path Parameters
admin_uuidstringrequired

Responses

200Successful Response
itemsobject[]required

List of group assignments for the platform admin.

422Validation Error
detailobject[]
curl
curl -X GET "https://api.example.com/api/v1/platform/admins/{admin_uuid}/assignments" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"
post/api/v1/platform/admins/{admin_uuid}/assignments

Assign a group to a platform admin

Assign a permission group to a platform admin. Requires ``platform.admins.update`` permission. Anti-escalation: the caller cannot assign groups containing permissions they do not hold. Raises 404 if the admin user or group is not found. Raises 409 if the user already has this group assigned. Raises 403 if anti-escalation check fails.

Parameters

Path Parameters
admin_uuidstringrequired

Request Body

expires_atstring (date-time)
group_uuidstring (uuid)required

Public UUID of the permission group to assign.

Responses

201Successful Response
assigned_atstring (date-time)required

Timestamp when the assignment was created.

assigned_byobjectrequired

Reference to the user who created this assignment (id + display_name).

expires_atstring (date-time)
groupobjectrequired

Reference to the assigned permission group (id + name).

idstring (uuid)required

Public UUID of the assignment.

is_activebooleanrequired

Whether this assignment is currently active.

422Validation Error
detailobject[]
curl
curl -X POST "https://api.example.com/api/v1/platform/admins/{admin_uuid}/assignments" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "expires_at": "string",
    "group_uuid": "00000000-0000-0000-0000-000000000000"
  }'
delete/api/v1/platform/admins/{admin_uuid}/assignments/{assignment_uuid}

Remove a group assignment

Remove a group assignment from a platform admin. Requires ``platform.admins.update`` permission. Raises 404 if the admin user or assignment is not found. Raises 400 if removing this assignment would leave no users with the ``platform.admins.create`` permission.

Parameters

Path Parameters
admin_uuidstringrequired
assignment_uuidstringrequired

Responses

204Successful Response
422Validation Error
detailobject[]
curl
curl -X DELETE "https://api.example.com/api/v1/platform/admins/{admin_uuid}/assignments/{assignment_uuid}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

Audit

5 endpoints

get/api/v1/platform/audit

List audit log entries

Return a paginated list of audit log entries across all organizations. Queries the ``platform_audit_log`` control-plane table. Supports filtering by org, actor, action(s), resource type, date range, and free-text search. Results are sortable and paginated. Requires ``platform.audit.read`` permission.

Parameters

Query Parameters
org_uuidstring

Filter by organization UUID.

actor_idstring

Filter by actor identifier.

actionstring[]

Filter by action types (supports multiple values).

resource_typestring

Filter by resource type (e.g., 'patient', 'appointment').

searchstring

Free-text search across actor, resource type, and resource ID.

start_datestring

Start of date range filter (inclusive, ISO 8601).

end_datestring

End of date range filter (inclusive, ISO 8601).

sort_bystring

Column to sort by. One of: created_at, action, resource_type, actor_id.

Default: "created_at"

sort_orderstring

Sort direction. One of: asc, desc.

Default: "desc"

pageinteger

Page number (1-based).

Default: 1

page_sizeinteger

Items per page (max 100).

Default: 25

Responses

200Successful Response
itemsobject[]required

List of audit log entries.

totalintegerrequired

Total number of entries matching the query filters.

422Validation Error
detailobject[]
curl
curl -X GET "https://api.example.com/api/v1/platform/audit" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"
get/api/v1/platform/audit/{entry_uuid}

Get audit entry detail

Fetch a single audit entry with full before/after snapshots. The summary data comes from the control-plane ``platform_audit_log``. Before/after JSON snapshots are fetched from the originating tenant schema. If the tenant data is unavailable, before/after will be null. Requires ``platform.audit.read`` permission. Raises 404 if the entry UUID is not found.

Parameters

Path Parameters
entry_uuidstringrequired

Responses

200Successful Response
actionstringrequired

Action performed (e.g., 'create', 'update', 'delete').

actor_display_namestring
actor_idstringrequired

Identifier of the actor who performed the action.

actor_typestringrequired

Type of actor. One of: user, system, api_key.

afterobject
beforeobject
created_atstring (date-time)required

Timestamp when the audit entry was created.

idstring (uuid)required

Public UUID of the audit log entry.

ip_addressstring
org_idstring (uuid)
org_namestring
resource_display_idstringrequired

Human-readable identifier of the affected resource.

resource_typestringrequired

Type of resource affected (e.g., 'patient', 'appointment').

trace_idstring
422Validation Error
detailobject[]
curl
curl -X GET "https://api.example.com/api/v1/platform/audit/{entry_uuid}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"
get/api/v1/platform/audit/export

Export audit logs as CSV

Stream audit log entries as a CSV file download. Applies the same filters as the list endpoint. Returns a streaming CSV response suitable for direct download. Requires ``platform.audit.export`` permission.

Parameters

Query Parameters
org_uuidstring

Filter by organization UUID.

actor_idstring

Filter by actor identifier.

actionstring[]

Filter by action types.

resource_typestring

Filter by resource type.

searchstring

Free-text search.

start_datestring

Start of date range.

end_datestring

End of date range.

Responses

200Successful Response
422Validation Error
detailobject[]
curl
curl -X GET "https://api.example.com/api/v1/platform/audit/export" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"
get/api/v1/platform/audit/resource-types

List distinct resource types

Return distinct ``resource_type`` values across all audit entries. Useful for populating a filter dropdown in the UI. Requires ``platform.audit.read`` permission.

Responses

200Successful Response
curl
curl -X GET "https://api.example.com/api/v1/platform/audit/resource-types" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"
get/api/v1/platform/audit/stats

Get audit statistics

Return aggregate audit statistics: totals, by-action, by-resource-type, today's count, and active actors today. Requires ``platform.audit.read`` permission.

Parameters

Query Parameters
org_uuidstring

Filter stats to a specific organization.

start_datestring

Start of date range filter (inclusive, ISO 8601).

end_datestring

End of date range filter (inclusive, ISO 8601).

Responses

200Successful Response
active_actors_todayintegerrequired

Number of distinct actors who performed actions today.

by_actionobjectrequired

Count of entries grouped by action (e.g., {'create': 42, 'update': 100}).

by_resource_typeobject[]required

Top resource types by entry count.

today_countintegerrequired

Number of audit entries created today.

total_entriesintegerrequired

Total audit entries matching filters.

422Validation Error
detailobject[]
curl
curl -X GET "https://api.example.com/api/v1/platform/audit/stats" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

Billing

2 endpoints

get/api/v1/platform/orgs/{org_uuid}/billing

Get org billing info

Return billing information for an organization. Reads ``account_type``, ``max_locations``, and ``billing_email`` from the OrgRegistry record. Requires ``platform.billing.read`` permission and org access. Raises 404 if the organization does not exist.

Parameters

Path Parameters
org_uuidstringrequired

Responses

200Successful Response
account_typestringrequired

Account tier. One of: starter, professional, enterprise.

billing_emailstring
max_locationsintegerrequired

Maximum number of locations allowed for the org.

org_idstring (uuid)required

Public UUID of the organization.

422Validation Error
detailobject[]
curl
curl -X GET "https://api.example.com/api/v1/platform/orgs/{org_uuid}/billing" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"
patch/api/v1/platform/orgs/{org_uuid}/billing

Update org billing info

Update billing fields for an organization. Only provided (non-None) fields are applied. Updates are applied via the existing org update path which handles version bumping. Requires ``platform.billing.update`` permission and org access. Raises 404 if the organization does not exist. Raises 422 if validation fails (invalid account_type, max_locations < 1, bad email).

Parameters

Path Parameters
org_uuidstringrequired

Request Body

account_typestring
billing_emailstring
max_locationsinteger

Responses

200Successful Response
account_typestringrequired

Account tier. One of: starter, professional, enterprise.

billing_emailstring
max_locationsintegerrequired

Maximum number of locations allowed for the org.

org_idstring (uuid)required

Public UUID of the organization.

422Validation Error
detailobject[]
curl
curl -X PATCH "https://api.example.com/api/v1/platform/orgs/{org_uuid}/billing" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "account_type": "string",
    "billing_email": "string",
    "max_locations": 1
  }'

Groups

6 endpoints

get/api/v1/platform/groups

List platform permission groups

List all platform permission groups with user and permission counts. Requires ``platform.groups.list`` permission.

Responses

200Successful Response
itemsobject[]required

List of platform permission groups.

curl
curl -X GET "https://api.example.com/api/v1/platform/groups" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"
get/api/v1/platform/groups/{group_uuid}

View platform group detail

View a platform permission group's detail including permissions and assigned users. Requires ``platform.groups.read`` permission. Raises 404 if the group is not found.

Parameters

Path Parameters
group_uuidstringrequired

Responses

200Successful Response
assigned_usersobject[]

Users currently assigned to this group.

descriptionstringrequired

Group description.

idstring (uuid)required

Public UUID of the permission group.

is_systembooleanrequired

Whether this is a system-defined group.

namestringrequired

Group display name.

permissionsobject[]

Permissions included in this group.

statusstringrequired

Group status. One of: active, archived.

versionintegerrequired

Current version for optimistic concurrency.

422Validation Error
detailobject[]
curl
curl -X GET "https://api.example.com/api/v1/platform/groups/{group_uuid}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"
get/api/v1/platform/permissions

List all platform permissions

List all registered platform permissions. Used by the group editor UI to display available permissions. Requires ``platform.groups.read`` permission.

Responses

200Successful Response
domainsstring[]required

Sorted list of distinct permission domains.

itemsobject[]required

All registered platform permissions.

curl
curl -X GET "https://api.example.com/api/v1/platform/permissions" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"
post/api/v1/platform/groups

Create platform permission group

Create a new custom platform permission group. Requires ``platform.groups.create`` permission. Anti-escalation: cannot include permissions the caller does not hold. Raises 409 if a group with the same name already exists. Raises 403 if any requested permission exceeds the caller's own.

Request Body

descriptionstring

Description of what this group grants access to.

namestringrequired

Display name for the group (must be unique).

permission_keysstring[]

List of permission key strings to include in the group.

Responses

201Successful Response
assigned_usersobject[]

Users currently assigned to this group.

descriptionstringrequired

Group description.

idstring (uuid)required

Public UUID of the permission group.

is_systembooleanrequired

Whether this is a system-defined group.

namestringrequired

Group display name.

permissionsobject[]

Permissions included in this group.

statusstringrequired

Group status. One of: active, archived.

versionintegerrequired

Current version for optimistic concurrency.

422Validation Error
detailobject[]
curl
curl -X POST "https://api.example.com/api/v1/platform/groups" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "description": "",
    "name": "string",
    "permission_keys": []
  }'
patch/api/v1/platform/groups/{group_uuid}

Update platform permission group

Update a custom platform permission group. Requires ``platform.groups.update`` permission. Uses optimistic concurrency via ``base_version``. Anti-escalation: cannot add permissions the caller does not hold. Raises 404 if the group is not found. Raises 422 if the group is a system group. Raises 409 if the version does not match.

Parameters

Path Parameters
group_uuidstringrequired

Request Body

add_permissionsstring[]

Permission keys to add to the group.

base_versionintegerrequired

Current version for optimistic concurrency — rejected with 409 if stale.

descriptionstring
namestring
remove_permissionsstring[]

Permission keys to remove from the group.

Responses

200Successful Response
assigned_usersobject[]

Users currently assigned to this group.

descriptionstringrequired

Group description.

idstring (uuid)required

Public UUID of the permission group.

is_systembooleanrequired

Whether this is a system-defined group.

namestringrequired

Group display name.

permissionsobject[]

Permissions included in this group.

statusstringrequired

Group status. One of: active, archived.

versionintegerrequired

Current version for optimistic concurrency.

422Validation Error
detailobject[]
curl
curl -X PATCH "https://api.example.com/api/v1/platform/groups/{group_uuid}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "add_permissions": [],
    "base_version": 1,
    "description": "string",
    "name": "string",
    "remove_permissions": []
  }'
delete/api/v1/platform/groups/{group_uuid}

Delete platform permission group

Delete (archive) a custom platform permission group. Requires ``platform.groups.delete`` permission. Raises 404 if the group is not found. Raises 422 if the group is a system group. Raises 422 if the group still has active user assignments.

Parameters

Path Parameters
group_uuidstringrequired

Responses

204Successful Response
422Validation Error
detailobject[]
curl
curl -X DELETE "https://api.example.com/api/v1/platform/groups/{group_uuid}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

Impersonation

3 endpoints

get/api/v1/platform/impersonation/sessions

List impersonation sessions

List impersonation session history with optional filters. Requires ``platform.impersonation.read`` permission. Supports filtering by admin user, target user, and active status. Results are ordered by ``started_at`` descending (most recent first).

Parameters

Query Parameters
admin_user_uuidstring

Filter by admin user UUID.

target_user_uuidstring

Filter by target (impersonated) user UUID.

active_onlyboolean

If true, return only active (non-ended, non-expired) sessions.

Default: false

pageinteger

Page number (1-based).

Default: 1

page_sizeinteger

Items per page (max 100).

Default: 25

Responses

200Successful Response
itemsobject[]required

List of impersonation sessions.

totalintegerrequired

Total number of sessions matching the query.

422Validation Error
detailobject[]
curl
curl -X GET "https://api.example.com/api/v1/platform/impersonation/sessions" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"
post/api/v1/platform/impersonation/end

End impersonation session

End the caller's active impersonation session. Finds the most recent active (non-expired, non-ended) impersonation session for the caller and sets ``ended_at`` to the current timestamp. Requires ``platform.impersonation.start`` permission. Raises 404 if no active impersonation session exists for the caller.

Responses

204Successful Response
curl
curl -X POST "https://api.example.com/api/v1/platform/impersonation/end" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"
post/api/v1/platform/impersonation/start

Start impersonation session

Start an impersonation session for a platform admin. Creates a time-limited impersonation token that allows the admin to act as the target user within the target organization. Validations: - Caller has ``platform.impersonation.start`` permission (enforced by dependency). - Caller has org access to the target organization. - Target user is active (not deactivated). - Target user has an active membership in the target organization. - Caller cannot impersonate themselves. - Caller does not already have an active impersonation session. Raises 403 if caller lacks org access to the target organization. Raises 404 if the target user or organization is not found. Raises 422 if the target user is deactivated, has no org membership, or the caller is trying to self-impersonate.

Request Body

org_uuidstring (uuid)required

Public UUID of the target organization context.

reasonstringrequired

Reason for the impersonation session. Must be at least 10 characters.

user_uuidstring (uuid)required

Public UUID of the target user to impersonate.

Responses

201Successful Response
expires_atstring (date-time)required

UTC timestamp when the impersonation token expires.

session_idstring (uuid)required

Public UUID of the impersonation session.

target_orgobjectrequired

Reference to the target organization (id + name).

target_userobjectrequired

Reference to the impersonated user (id + display_name).

tokenstringrequired

Impersonation token prefixed with 'imp_'. Use in Authorization header.

422Validation Error
detailobject[]
curl
curl -X POST "https://api.example.com/api/v1/platform/impersonation/start" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "org_uuid": "00000000-0000-0000-0000-000000000000",
    "reason": "string",
    "user_uuid": "00000000-0000-0000-0000-000000000000"
  }'

Me

2 endpoints

get/api/v1/platform/me

Get current platform user profile

Get current platform user profile with groups and effective permissions. Returns the user's profile, assigned permission groups, and a flat list of all effective permission keys from those groups. Raises 403 when no actor identity is resolved. Raises 404 when the user record is not found.

Responses

200Successful Response
display_namestringrequired

Display name.

effective_permissionsstring[]

List of all effective permission keys.

emailstringrequired

Email address.

groupsobject[]

Permission groups assigned to this user.

has_platform_accessbooleanrequired

Whether the user has platform access.

idstring (uuid)required

Public UUID of the user.

is_global_accessbooleanrequired

Whether the user has global org access.

last_login_atstring (date-time)
statusstringrequired

User account status.

curl
curl -X GET "https://api.example.com/api/v1/platform/me" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"
get/api/v1/platform/my-orgs

Get accessible organizations

Get minimal org list for navigation, filtered by org access. If user has global access, returns all orgs (paginated) with is_global=true. Otherwise returns only the orgs explicitly granted access to. Raises 403 when no actor identity is resolved.

Parameters

Query Parameters
pageinteger

Page number (1-based).

Default: 1

page_sizeinteger

Items per page.

Default: 50

Responses

200Successful Response
is_globalbooleanrequired

Whether the user has global org access.

itemsobject[]

List of accessible organizations.

totalintegerrequired

Total number of accessible organizations.

422Validation Error
detailobject[]
curl
curl -X GET "https://api.example.com/api/v1/platform/my-orgs" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

Org Access

4 endpoints

get/api/v1/platform/admins/{admin_uuid}/org-access

List a platform admin's org access entries

List all org access entries for a platform admin. Requires ``platform.org_access.read`` permission. Raises 404 if the admin user is not found.

Parameters

Path Parameters
admin_uuidstringrequired

Responses

200Successful Response
itemsobject[]required

List of org access entries for the platform admin.

422Validation Error
detailobject[]
curl
curl -X GET "https://api.example.com/api/v1/platform/admins/{admin_uuid}/org-access" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"
post/api/v1/platform/admins/{admin_uuid}/org-access

Grant org access to a platform admin

Grant a platform admin access to a specific organization. Requires ``platform.org_access.grant`` permission. Raises 404 if the admin user or organization is not found. Raises 409 if the user already has access to this organization.

Parameters

Path Parameters
admin_uuidstringrequired

Request Body

notestring
org_uuidstring (uuid)required

Public UUID of the organization to grant access to.

Responses

201Successful Response
granted_atstring (date-time)required

Timestamp when the access was granted.

granted_byobjectrequired

Reference to the user who granted this access (id + display_name).

idstring (uuid)required

Public UUID of the org access entry.

notestring
orgobjectrequired

Reference to the organization (id + name).

422Validation Error
detailobject[]
curl
curl -X POST "https://api.example.com/api/v1/platform/admins/{admin_uuid}/org-access" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "note": "string",
    "org_uuid": "00000000-0000-0000-0000-000000000000"
  }'
put/api/v1/platform/admins/{admin_uuid}/org-access/global

Toggle global org access for a platform admin

Toggle a platform admin's global org access. When enabled, the user can access all organizations without explicit per-org grants. Requires ``platform.org_access.grant`` permission. Raises 404 if the admin user is not found or is not a platform admin.

Parameters

Path Parameters
admin_uuidstringrequired

Request Body

is_globalbooleanrequired

Whether the user should have global access to all organizations.

Responses

200Successful Response
idstring (uuid)required

Public UUID of the user.

is_global_accessbooleanrequired

Updated global access status.

422Validation Error
detailobject[]
curl
curl -X PUT "https://api.example.com/api/v1/platform/admins/{admin_uuid}/org-access/global" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "is_global": false
  }'
delete/api/v1/platform/admins/{admin_uuid}/org-access/{org_uuid}

Revoke org access from a platform admin

Revoke a platform admin's access to a specific organization. Requires ``platform.org_access.revoke`` permission. Raises 404 if the admin user is not found or the org access entry does not exist.

Parameters

Path Parameters
admin_uuidstringrequired
org_uuidstringrequired

Responses

204Successful Response
422Validation Error
detailobject[]
curl
curl -X DELETE "https://api.example.com/api/v1/platform/admins/{admin_uuid}/org-access/{org_uuid}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

Orgs

7 endpoints

get/api/v1/platform/orgs/{org_uuid}

Get organization detail

Return full details for a single organization. Requires ``platform.orgs.read`` permission. Raises 404 if the organization does not exist.

Parameters

Path Parameters
org_uuidstringrequired

Responses

200Successful Response
account_typestringrequired

Account tier. One of: starter, professional, enterprise.

billing_emailstring
contact_emailstring
contact_namestring
contact_phonestring
created_atstring (date-time)required

Organization creation timestamp.

hq_address_line1string
hq_address_line2string
hq_citystring
hq_countrystring
hq_postal_codestring
hq_statestring
idstring (uuid)required

Public UUID of the organization.

internal_notesstring
max_locationsintegerrequired

Maximum number of locations allowed.

namestringrequired

Organization display name.

onboarding_statusstringrequired

Onboarding status. One of: pending, in_progress, completed.

schema_namestringrequired

Tenant database schema name.

slugstringrequired

URL-safe slug (unique).

statusstringrequired

Org status. One of: active, migrating, suspended.

tax_idstring
updated_atstring (date-time)required

Last update timestamp.

versionintegerrequired

Current version for optimistic concurrency -- rejected with 409 if stale.

websitestring
422Validation Error
detailobject[]
curl
curl -X GET "https://api.example.com/api/v1/platform/orgs/{org_uuid}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"
get/api/v1/platform/orgs/{org_uuid}/members

List organization members

List members of an organization with search, filtering, and pagination. Returns user details alongside membership status and role hint. Requires ``platform.users.read`` permission.

Parameters

Path Parameters
org_uuidstringrequired
Query Parameters
searchstring

Filter by email or display name (case-insensitive).

statusstring

Filter by membership status (invited, active, suspended, removed).

sort_bystring

Sort column. One of: display_name, email, joined_at.

Default: "display_name"

sort_orderstring

Sort direction. One of: asc, desc.

Default: "asc"

pageinteger

Page number (1-based).

Default: 1

page_sizeinteger

Items per page (max 200).

Default: 50

Responses

200Successful Response
itemsobject[]required

List of org members.

totalintegerrequired

Total number of members matching the query.

422Validation Error
detailobject[]
curl
curl -X GET "https://api.example.com/api/v1/platform/orgs/{org_uuid}/members" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"
post/api/v1/platform/orgs

Create organization

Provision a new organization with its tenant schema. Creates the org record, provisions the database schema on an available shard, seeds default coverage categories, and optionally bootstraps an admin user. Requires ``platform.orgs.create`` permission. Raises 409 if the slug is already taken. Raises 503 if no shard capacity is available.

Request Body

account_typestring
admin_user_uuidstring (uuid)
billing_emailstring
contact_emailstring
contact_namestring
contact_phonestring
hq_address_line1string
hq_address_line2string
hq_citystring
hq_countrystring
hq_postal_codestring
hq_statestring
internal_notesstring
max_locationsinteger
namestringrequired

Organization display name.

slugstringrequired

URL-safe slug (lowercase kebab-case, max 100 chars, must be unique).

tax_idstring
websitestring

Responses

201Successful Response
account_typestringrequired

Account tier. One of: starter, professional, enterprise.

billing_emailstring
contact_emailstring
contact_namestring
contact_phonestring
created_atstring (date-time)required

Organization creation timestamp.

hq_address_line1string
hq_address_line2string
hq_citystring
hq_countrystring
hq_postal_codestring
hq_statestring
idstring (uuid)required

Public UUID of the organization.

internal_notesstring
max_locationsintegerrequired

Maximum number of locations allowed.

namestringrequired

Organization display name.

onboarding_statusstringrequired

Onboarding status. One of: pending, in_progress, completed.

schema_namestringrequired

Tenant database schema name.

slugstringrequired

URL-safe slug (unique).

statusstringrequired

Org status. One of: active, migrating, suspended.

tax_idstring
updated_atstring (date-time)required

Last update timestamp.

versionintegerrequired

Current version for optimistic concurrency -- rejected with 409 if stale.

websitestring
422Validation Error
detailobject[]
curl
curl -X POST "https://api.example.com/api/v1/platform/orgs" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "account_type": "string",
    "admin_user_uuid": "string",
    "billing_email": "string",
    "contact_email": "string",
    "contact_name": "string",
    "name": "string",
    "slug": "string"
  }'
post/api/v1/platform/orgs/{org_uuid}/seed

Seed demo data

Queue realistic demo data seeding for an organization. Populates the org schema with definitions, locations, codes, providers, patients, and appointments. The operation is idempotent -- existing data is skipped, not replaced. Requires ``platform.orgs.seed`` permission.

Parameters

Path Parameters
org_uuidstringrequired

Responses

202Successful Response
cancel_requested_atstring (date-time)
completed_atstring (date-time)
created_atstring (date-time)required
current_messagestring
current_stagestring
errorsstring[]
events_urlstringrequired
heartbeat_atstring (date-time)
job_uuidstring (uuid)required
org_idstring (uuid)required
progress_currentinteger
progress_totalinteger
request_payloadobject
requested_atstring (date-time)required
requested_byinteger
seed_typestringrequired
started_atstring (date-time)
statisticsobject
statusstringrequired
status_urlstringrequired
updated_atstring (date-time)required
worker_idstring
422Validation Error
detailobject[]
curl
curl -X POST "https://api.example.com/api/v1/platform/orgs/{org_uuid}/seed" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"
post/api/v1/platform/orgs/{org_uuid}/suspend

Suspend organization

Suspend an organization (soft-disable). Sets the org status to ``suspended``. A suspended org cannot be accessed by its members. The org can later be hard-deleted. Requires ``platform.orgs.suspend`` permission. Raises 404 if the organization does not exist.

Parameters

Path Parameters
org_uuidstringrequired

Responses

200Successful Response
account_typestringrequired

Account tier. One of: starter, professional, enterprise.

billing_emailstring
contact_emailstring
contact_namestring
contact_phonestring
created_atstring (date-time)required

Organization creation timestamp.

hq_address_line1string
hq_address_line2string
hq_citystring
hq_countrystring
hq_postal_codestring
hq_statestring
idstring (uuid)required

Public UUID of the organization.

internal_notesstring
max_locationsintegerrequired

Maximum number of locations allowed.

namestringrequired

Organization display name.

onboarding_statusstringrequired

Onboarding status. One of: pending, in_progress, completed.

schema_namestringrequired

Tenant database schema name.

slugstringrequired

URL-safe slug (unique).

statusstringrequired

Org status. One of: active, migrating, suspended.

tax_idstring
updated_atstring (date-time)required

Last update timestamp.

versionintegerrequired

Current version for optimistic concurrency -- rejected with 409 if stale.

websitestring
422Validation Error
detailobject[]
curl
curl -X POST "https://api.example.com/api/v1/platform/orgs/{org_uuid}/suspend" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"
patch/api/v1/platform/orgs/{org_uuid}

Update organization

Update an organization's details. Only provided (non-None) fields are applied. Uses optimistic concurrency via ``base_version`` -- returns 409 if the version is stale. Requires ``platform.orgs.update`` permission. Raises 404 if the organization does not exist. Raises 409 on slug conflict or version mismatch.

Parameters

Path Parameters
org_uuidstringrequired

Request Body

account_typestring
base_versionintegerrequired

Current version for optimistic concurrency -- rejected with 409 if stale.

billing_emailstring
contact_emailstring
contact_namestring
contact_phonestring
hq_address_line1string
hq_address_line2string
hq_citystring
hq_countrystring
hq_postal_codestring
hq_statestring
internal_notesstring
max_locationsinteger
namestring
onboarding_statusstring
slugstring
tax_idstring
websitestring

Responses

200Successful Response
account_typestringrequired

Account tier. One of: starter, professional, enterprise.

billing_emailstring
contact_emailstring
contact_namestring
contact_phonestring
created_atstring (date-time)required

Organization creation timestamp.

hq_address_line1string
hq_address_line2string
hq_citystring
hq_countrystring
hq_postal_codestring
hq_statestring
idstring (uuid)required

Public UUID of the organization.

internal_notesstring
max_locationsintegerrequired

Maximum number of locations allowed.

namestringrequired

Organization display name.

onboarding_statusstringrequired

Onboarding status. One of: pending, in_progress, completed.

schema_namestringrequired

Tenant database schema name.

slugstringrequired

URL-safe slug (unique).

statusstringrequired

Org status. One of: active, migrating, suspended.

tax_idstring
updated_atstring (date-time)required

Last update timestamp.

versionintegerrequired

Current version for optimistic concurrency -- rejected with 409 if stale.

websitestring
422Validation Error
detailobject[]
curl
curl -X PATCH "https://api.example.com/api/v1/platform/orgs/{org_uuid}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "account_type": "string",
    "base_version": 1,
    "billing_email": "string",
    "contact_email": "string",
    "contact_name": "string"
  }'
delete/api/v1/platform/orgs/{org_uuid}

Delete organization

Hard-delete an organization. The org must be in ``suspended`` status before it can be deleted. This is an irreversible operation. Requires ``platform.orgs.delete`` permission. Raises 404 if the organization does not exist. Raises 409 if the organization is not suspended.

Parameters

Path Parameters
org_uuidstringrequired

Responses

204Successful Response
422Validation Error
detailobject[]
curl
curl -X DELETE "https://api.example.com/api/v1/platform/orgs/{org_uuid}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

Settings

2 endpoints

get/api/v1/platform/settings

Get platform settings

Return the current global platform configuration. Settings are stored in-memory with sensible defaults. Persistence is not yet implemented -- values reset on server restart. Requires ``platform.settings.read`` permission.

Responses

200Successful Response
default_account_typestringrequired

Default account tier for newly created organizations. One of: starter, professional, enterprise.

impersonation_enabledbooleanrequired

Whether platform admin impersonation is allowed globally.

impersonation_ttl_secondsintegerrequired

Maximum duration of an impersonation session in seconds.

max_orgs_per_shardintegerrequired

Maximum number of organizations allowed per database shard.

permission_enforcementstringrequired

Permission enforcement mode. One of: enabled, audit, disabled. 'enabled' enforces all checks; 'audit' logs violations without blocking; 'disabled' skips all permission checks.

curl
curl -X GET "https://api.example.com/api/v1/platform/settings" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"
patch/api/v1/platform/settings

Update platform settings

Update one or more global platform settings. Only provided (non-None) fields are applied. Returns the full settings object after the update. Settings are stored in-memory -- changes are **not persisted** across server restarts. Persistence will be added when a PlatformSettings control-plane model is created. Requires ``platform.settings.update`` permission. Raises 422 if validation fails (invalid enforcement mode, TTL < 60, etc.).

Request Body

default_account_typestring
impersonation_enabledboolean
impersonation_ttl_secondsinteger
max_orgs_per_shardinteger
permission_enforcementstring

Responses

200Successful Response
default_account_typestringrequired

Default account tier for newly created organizations. One of: starter, professional, enterprise.

impersonation_enabledbooleanrequired

Whether platform admin impersonation is allowed globally.

impersonation_ttl_secondsintegerrequired

Maximum duration of an impersonation session in seconds.

max_orgs_per_shardintegerrequired

Maximum number of organizations allowed per database shard.

permission_enforcementstringrequired

Permission enforcement mode. One of: enabled, audit, disabled. 'enabled' enforces all checks; 'audit' logs violations without blocking; 'disabled' skips all permission checks.

422Validation Error
detailobject[]
curl
curl -X PATCH "https://api.example.com/api/v1/platform/settings" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "default_account_type": "string",
    "impersonation_enabled": null,
    "impersonation_ttl_seconds": 1,
    "max_orgs_per_shard": 1,
    "permission_enforcement": "string"
  }'

User Management

5 endpoints

get/api/v1/platform/users

Search all users

Search all users in the platform with optional filters. Returns a paginated list of users with basic profile info and active/invited org membership count. Requires ``platform.users.list`` permission.

Parameters

Query Parameters
searchstring

Filter by email or display name (case-insensitive substring match).

statusstring

Filter by user status. One of: active, suspended, deactivated.

pageinteger

Page number (1-based).

Default: 1

page_sizeinteger

Items per page (max 100).

Default: 25

Responses

200Successful Response
itemsobject[]required

List of user items.

totalintegerrequired

Total number of users matching the query.

422Validation Error
detailobject[]
curl
curl -X GET "https://api.example.com/api/v1/platform/users" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"
get/api/v1/platform/users/{user_uuid}

Get user detail with org memberships

Get detailed info for a user including all org memberships. Requires ``platform.users.read`` permission. Raises 404 if the user is not found.

Parameters

Path Parameters
user_uuidstringrequired

Responses

200Successful Response
created_atstring (date-time)required

Account creation timestamp.

display_namestringrequired

Display name.

emailstringrequired

Email address.

has_platform_accessbooleanrequired

Whether the user has platform admin access.

idstring (uuid)required

Public UUID of the user.

last_login_atstring (date-time)
org_membershipsobject[]

List of org memberships for this user.

statusstringrequired

User account status. One of: active, suspended, deactivated.

422Validation Error
detailobject[]
curl
curl -X GET "https://api.example.com/api/v1/platform/users/{user_uuid}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"
post/api/v1/platform/users/{user_uuid}/deactivate

Deactivate a user globally

Globally deactivate a user. Suspends all org memberships, suspends assignments, blocks the user in the auth provider, adds them to the session blocklist, and invalidates permission caches. Requires ``platform.users.deactivate`` permission. Raises 404 if the user is not found. Raises 422 if the user is already deactivated.

Parameters

Path Parameters
user_uuidstringrequired

Responses

204Successful Response
422Validation Error
detailobject[]
curl
curl -X POST "https://api.example.com/api/v1/platform/users/{user_uuid}/deactivate" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"
post/api/v1/platform/users/{user_uuid}/reactivate

Reactivate a deactivated or suspended user

Reactivate a previously deactivated or suspended user. Restores all suspended org memberships, restores assignments, unblocks the user in the auth provider, removes them from the session blocklist, and invalidates permission caches. Requires ``platform.users.reactivate`` permission. Raises 404 if the user is not found. Raises 422 if the user is already active.

Parameters

Path Parameters
user_uuidstringrequired

Responses

204Successful Response
422Validation Error
detailobject[]
curl
curl -X POST "https://api.example.com/api/v1/platform/users/{user_uuid}/reactivate" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"
patch/api/v1/platform/users/{user_uuid}

Edit user profile

Update a user's profile fields (display_name, email). Only provided fields are updated. Requires ``platform.users.update`` permission. Raises 404 if the user is not found.

Parameters

Path Parameters
user_uuidstringrequired

Request Body

display_namestring
emailstring

Responses

200Successful Response
created_atstring (date-time)required

Account creation timestamp.

display_namestringrequired

Display name.

emailstringrequired

Email address.

has_platform_accessbooleanrequired

Whether the user has platform admin access.

idstring (uuid)required

Public UUID of the user.

last_login_atstring (date-time)
statusstringrequired

User account status. One of: active, suspended, deactivated.

422Validation Error
detailobject[]
curl
curl -X PATCH "https://api.example.com/api/v1/platform/users/{user_uuid}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "display_name": "string",
    "email": "string"
  }'

Shards

6 endpoints

get/api/v1/platform/shards

List shards

Return a paginated list of shards, optionally filtered by active status.

Parameters

Query Parameters
pageinteger

Page number (1-based).

Default: 1

page_sizeinteger

Items per page.

Default: 20

is_activeboolean

Filter by active status.

Responses

200Successful Response
itemsobject[]required
pageintegerrequired
page_sizeintegerrequired
totalintegerrequired
422Validation Error
detailobject[]
curl
curl -X GET "https://api.example.com/api/v1/platform/shards" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"
get/api/v1/platform/shards/{shard_uuid}

Get shard

Return details for a single shard. Raises 404 if the shard does not exist.

Parameters

Path Parameters
shard_uuidstringrequired

Responses

200Successful Response
created_atstring (date-time)required
idstring (uuid)required
is_activebooleanrequired
max_orgsintegerrequired
namestringrequired
regionstringrequired
versionintegerrequired
422Validation Error
detailobject[]
curl
curl -X GET "https://api.example.com/api/v1/platform/shards/{shard_uuid}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"
get/api/v1/platform/shards/{shard_uuid}/capacity

Get shard capacity

Return capacity metrics for a shard (current org count, max orgs, utilization). Raises 404 if the shard does not exist.

Parameters

Path Parameters
shard_uuidstringrequired

Responses

200Successful Response
available_slotsintegerrequired
current_orgsintegerrequired
max_orgsintegerrequired
shard_idstringrequired
utilization_percentnumberrequired
422Validation Error
detailobject[]
curl
curl -X GET "https://api.example.com/api/v1/platform/shards/{shard_uuid}/capacity" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"
post/api/v1/platform/shards

Create shard

Provision a new database shard. Raises 422 if validation fails (e.g. invalid max_orgs).

Request Body

dsnstringrequired
is_activeboolean
max_orgsinteger
namestringrequired
regionstring

Responses

201Successful Response
created_atstring (date-time)required
idstring (uuid)required
is_activebooleanrequired
max_orgsintegerrequired
namestringrequired
regionstringrequired
versionintegerrequired
422Validation Error
detailobject[]
curl
curl -X POST "https://api.example.com/api/v1/platform/shards" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "dsn": "string",
    "is_active": true,
    "max_orgs": 100,
    "name": "string",
    "region": ""
  }'
post/api/v1/platform/shards/{shard_uuid}/archive

Archive shard

Soft-delete a shard by marking it as archived. Raises 404 if the shard does not exist.

Parameters

Path Parameters
shard_uuidstringrequired

Responses

200Successful Response
created_atstring (date-time)required
idstring (uuid)required
is_activebooleanrequired
max_orgsintegerrequired
namestringrequired
regionstringrequired
versionintegerrequired
422Validation Error
detailobject[]
curl
curl -X POST "https://api.example.com/api/v1/platform/shards/{shard_uuid}/archive" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"
patch/api/v1/platform/shards/{shard_uuid}

Update shard

Update a shard's configuration. Raises 404 if the shard does not exist. Raises 409 if ``base_version`` is stale. Raises 422 if validation fails.

Parameters

Path Parameters
shard_uuidstringrequired

Request Body

base_versionintegerrequired
dsnstring
is_activeboolean
max_orgsinteger
namestring
regionstring

Responses

200Successful Response
created_atstring (date-time)required
idstring (uuid)required
is_activebooleanrequired
max_orgsintegerrequired
namestringrequired
regionstringrequired
versionintegerrequired
422Validation Error
detailobject[]
curl
curl -X PATCH "https://api.example.com/api/v1/platform/shards/{shard_uuid}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "base_version": 1,
    "dsn": "string",
    "is_active": null,
    "max_orgs": 1,
    "name": "string"
  }'

Partners

5 endpoints

get/api/v1/platform/partners

List partners

Return a paginated list of partners, optionally filtered by status or type.

Parameters

Query Parameters
pageinteger

Page number (1-based).

Default: 1

page_sizeinteger

Items per page.

Default: 20

statusstring

Filter by partner status.

partner_typestring

Filter by partner type.

Responses

200Successful Response
itemsobject[]required
pageintegerrequired
page_sizeintegerrequired
totalintegerrequired
422Validation Error
detailobject[]
curl
curl -X GET "https://api.example.com/api/v1/platform/partners" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"
get/api/v1/platform/partners/{partner_uuid}

Get partner

Return details for a single partner. Raises 404 if the partner does not exist.

Parameters

Path Parameters
partner_uuidstringrequired

Responses

200Successful Response
contact_emailstring
contact_namestring
contact_phonestring
created_atstring (date-time)required
descriptionstring
display_namestring
extra_dataobjectrequired
idstring (uuid)required
logo_urlstring
namestringrequired
partner_typestringrequired
slugstringrequired
statusstringrequired
updated_atstring (date-time)required
versionintegerrequired
websitestring
422Validation Error
detailobject[]
curl
curl -X GET "https://api.example.com/api/v1/platform/partners/{partner_uuid}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"
post/api/v1/platform/partners

Create partner

Register a new partner integration. Raises 422 if validation fails (e.g. invalid slug or partner_type).

Request Body

contact_emailstring
contact_namestring
contact_phonestring
descriptionstring
display_namestring
extra_dataobject
internal_notesstring
logo_urlstring
namestringrequired
partner_typestring
slugstringrequired
websitestring

Responses

201Successful Response
contact_emailstring
contact_namestring
contact_phonestring
created_atstring (date-time)required
descriptionstring
display_namestring
extra_dataobjectrequired
idstring (uuid)required
logo_urlstring
namestringrequired
partner_typestringrequired
slugstringrequired
statusstringrequired
updated_atstring (date-time)required
versionintegerrequired
websitestring
422Validation Error
detailobject[]
curl
curl -X POST "https://api.example.com/api/v1/platform/partners" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "contact_email": "string",
    "contact_name": "string",
    "contact_phone": "string",
    "description": "string",
    "display_name": "string",
    "name": "string",
    "slug": "string"
  }'
post/api/v1/platform/partners/{partner_uuid}/archive

Archive partner

Soft-delete a partner by marking it as archived. Raises 404 if the partner does not exist.

Parameters

Path Parameters
partner_uuidstringrequired

Responses

200Successful Response
contact_emailstring
contact_namestring
contact_phonestring
created_atstring (date-time)required
descriptionstring
display_namestring
extra_dataobjectrequired
idstring (uuid)required
logo_urlstring
namestringrequired
partner_typestringrequired
slugstringrequired
statusstringrequired
updated_atstring (date-time)required
versionintegerrequired
websitestring
422Validation Error
detailobject[]
curl
curl -X POST "https://api.example.com/api/v1/platform/partners/{partner_uuid}/archive" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"
patch/api/v1/platform/partners/{partner_uuid}

Update partner

Update a partner's attributes. Raises 404 if the partner does not exist. Raises 409 if ``base_version`` is stale. Raises 422 if validation fails.

Parameters

Path Parameters
partner_uuidstringrequired

Request Body

base_versionintegerrequired
contact_emailstring
contact_namestring
contact_phonestring
descriptionstring
display_namestring
extra_dataobject
internal_notesstring
logo_urlstring
namestring
partner_typestring
slugstring
statusstring
websitestring

Responses

200Successful Response
contact_emailstring
contact_namestring
contact_phonestring
created_atstring (date-time)required
descriptionstring
display_namestring
extra_dataobjectrequired
idstring (uuid)required
logo_urlstring
namestringrequired
partner_typestringrequired
slugstringrequired
statusstringrequired
updated_atstring (date-time)required
versionintegerrequired
websitestring
422Validation Error
detailobject[]
curl
curl -X PATCH "https://api.example.com/api/v1/platform/partners/{partner_uuid}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "base_version": 1,
    "contact_email": "string",
    "contact_name": "string",
    "contact_phone": "string",
    "description": "string"
  }'

Users

1 endpoint

delete/api/v1/platform/users/{user_id}

Globally Deactivate User

Globally deactivate a user across all organizations.

Parameters

Path Parameters
user_idstringrequired

Responses

204Successful Response
422Validation Error
detailobject[]
curl
curl -X DELETE "https://api.example.com/api/v1/platform/users/{user_id}" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"