API v1

API reference

The MediSlate REST API. All endpoints return JSON and require a bearer token unless noted. Base URL: https://api.medislate.clinic

Authentication
Bearer token in Authorization header.
Rate limits
600 requests / min, per API key.
Compliance
HIPAA-aligned. TLS 1.3 required.

Patients

GET/api/v1/patients
Bearer

List patients with pagination and search.

cURL
curl -X GET https://api.medislate.clinic/api/v1/patients \
  -H "Authorization: Bearer $MDS_KEY" \
  -H "Content-Type: application/json"
Response · 200 OK
{
  "data": [
    {
      "id": "p_1023",
      "name": "Ava Bennett",
      "phone": "+1 415 555 0203",
      "dob": "1990-03-14"
    }
  ],
  "page": 1,
  "total": 128
}
POST/api/v1/patients
Bearer

Register a new patient.

cURL
curl -X POST https://api.medislate.clinic/api/v1/patients \
  -H "Authorization: Bearer $MDS_KEY" \
  -H "Content-Type: application/json" \
  -d '{"name":"Jordan Silva","phone":"+1 415 555 0219","dob":"1988-11-02","gender":"male"}'
Request body
{
  "name": "Jordan Silva",
  "phone": "+1 415 555 0219",
  "dob": "1988-11-02",
  "gender": "male"
}
Response · 200 OK
{
  "id": "p_1129",
  "createdAt": "2026-07-08T10:12:00Z"
}
GET/api/v1/patients/{id}
Bearer

Retrieve a patient by ID.

cURL
curl -X GET https://api.medislate.clinic/api/v1/patients/{id} \
  -H "Authorization: Bearer $MDS_KEY" \
  -H "Content-Type: application/json"
Response · 200 OK
{
  "id": "p_1023",
  "name": "Ava Bennett",
  "phone": "+1 415 555 0203",
  "email": "ava@mail.com",
  "bloodGroup": "O+",
  "allergies": "None"
}
PATCH/api/v1/patients/{id}
Bearer

Update patient details.

cURL
curl -X PATCH https://api.medislate.clinic/api/v1/patients/{id} \
  -H "Authorization: Bearer $MDS_KEY" \
  -H "Content-Type: application/json" \
  -d '{"notes":"Prefers morning appointments."}'
Request body
{
  "notes": "Prefers morning appointments."
}
Response · 200 OK
{
  "updated": true
}
DELETE/api/v1/patients/{id}
Bearer · admin

Delete a patient record.

cURL
curl -X DELETE https://api.medislate.clinic/api/v1/patients/{id} \
  -H "Authorization: Bearer $MDS_KEY" \
  -H "Content-Type: application/json"
Response · 200 OK
{
  "deleted": true
}

Appointments

GET/api/v1/appointments
Bearer

List appointments with filters.

cURL
curl -X GET https://api.medislate.clinic/api/v1/appointments \
  -H "Authorization: Bearer $MDS_KEY" \
  -H "Content-Type: application/json"
Response · 200 OK
{
  "data": [
    {
      "id": "a_9821",
      "patientId": "p_1023",
      "practitionerId": "u_chen",
      "dateTime": "2026-07-09T10:00:00Z",
      "status": "confirmed"
    }
  ]
}
POST/api/v1/appointments
Bearer

Book a new appointment.

cURL
curl -X POST https://api.medislate.clinic/api/v1/appointments \
  -H "Authorization: Bearer $MDS_KEY" \
  -H "Content-Type: application/json" \
  -d '{"patientId":"p_1023","practitionerId":"u_chen","dateTime":"2026-07-09T10:00:00Z","duration":30,"reason":"Follow-up"}'
Request body
{
  "patientId": "p_1023",
  "practitionerId": "u_chen",
  "dateTime": "2026-07-09T10:00:00Z",
  "duration": 30,
  "reason": "Follow-up"
}
Response · 200 OK
{
  "id": "a_9822",
  "status": "booked"
}
PATCH/api/v1/appointments/{id}/status
Bearer

Update appointment status.

cURL
curl -X PATCH https://api.medislate.clinic/api/v1/appointments/{id}/status \
  -H "Authorization: Bearer $MDS_KEY" \
  -H "Content-Type: application/json" \
  -d '{"status":"completed"}'
Request body
{
  "status": "completed"
}
Response · 200 OK
{
  "updated": true
}
DELETE/api/v1/appointments/{id}
Bearer

Cancel and remove an appointment.

cURL
curl -X DELETE https://api.medislate.clinic/api/v1/appointments/{id} \
  -H "Authorization: Bearer $MDS_KEY" \
  -H "Content-Type: application/json"
Response · 200 OK
{
  "deleted": true
}

Staff & auth

POST/api/v1/auth/session
Public

Exchange credentials for a session token.

cURL
curl -X POST https://api.medislate.clinic/api/v1/auth/session \
  -H "Authorization: Bearer $MDS_KEY" \
  -H "Content-Type: application/json" \
  -d '{"email":"maya@medislate.clinic","password":"•••••••"}'
Request body
{
  "email": "maya@medislate.clinic",
  "password": "•••••••"
}
Response · 200 OK
{
  "token": "mds_live_…",
  "user": {
    "id": "u_maya",
    "role": "staff"
  }
}
GET/api/v1/staff
Bearer · admin

List clinic staff (admin only).

cURL
curl -X GET https://api.medislate.clinic/api/v1/staff \
  -H "Authorization: Bearer $MDS_KEY" \
  -H "Content-Type: application/json"
Response · 200 OK
{
  "data": [
    {
      "id": "u_chen",
      "name": "Dr. Amelia Chen",
      "role": "practitioner"
    }
  ]
}
POST/api/v1/backups/run
Bearer · admin

Trigger a manual backup snapshot.

cURL
curl -X POST https://api.medislate.clinic/api/v1/backups/run \
  -H "Authorization: Bearer $MDS_KEY" \
  -H "Content-Type: application/json"
Response · 200 OK
{
  "id": "snap_0422",
  "status": "queued"
}
Ready to build?
Generate an API key from the admin console to start integrating.