Build dashboards, exports, and custom integrations on top of your clinic data. REST over HTTPS, bearer-token auth, JSON responses. Every response is scoped to your clinic by the API key — there is no cross-clinic access.
dk_… token once — we hash it and never show it again — and pass it as a bearer header on every request.