Introduction

Base URL: http://localhost:8000

This documentation aims to provide all the information you need to work with our API.

Authenticating requests

To authenticate requests, include an Authorization header with the value "Bearer {ACCESS_TOKEN}".

All authenticated endpoints are marked with a requires authentication badge in the documentation below.

Token based authentication

You can retrieve your access token by calling api/login endpoint.

Access tokens are valid 7 days, then expire. You can obtain new access token with expiring access token by calling /api/token/refresh. You can only refresh still valid tokens, otherwise new request to api/login will be required.

Cookie based authentication

You can also authenticate using cookie-based sessions. Before calling any other endpoints you have to obtain XSRF cookie by hitting /sanctum/csrf-cookie endpoint. In return you receive XSRF-TOKEN cookie, which content you have to attach to each request as X-XSRF-TOKEN header.

Then call /login endpoint. When your authenticated session is created, call any endpoint using X-XSRF-TOKEN header.

Multi-Factor Authorization (MFA)

User can protect its account setting up the MFA as email or one-time passwords (OTP). If mfa_enabled is set to 1 and mfa_method is set to any of email or otp values, user will have to use preferred method as second factor on login.

If mfa_method is email, API will automatically send MFA code to user's email inbox.

Most of API endpoints are secured with additional layer and cannot be properly called without this second-factor authorization done. Instead of endpoint response API will reply with message "MFA is required for this request." and HTTP code 401 Unauthorized. That means user did not successfully authorized itself with second-factor.

Multi-Factor Authorization (MFA) - Remember Session

The user has the option to remember their device, which means they won't have to enter the MFA code for 30 days. If using a Token based authentication, you need to add a header named X-MFA-Session-Token with the value {mfa_token} obtained from the /verify endpoint.

Appendix A. Laravel validation rules

List of validation codes returned for Laravel's built-in validation rules:

Code

Description

MUST_BE_ACCEPTED

The field must be accepted. Value must be one of: 1, true, "yes" or "on".

MUST_BE_ACCEPTED_IF:other:value

The field must be accepted if other field equals to value. Accepted values are the same as in MUST_BE_ACCEPTED.

MUST_BE_ACTIVE_URL

The field must be an active URL address with a valid A or AAAA record according to the dns_get_record PHP function.

MUST_BE_AFTER:date

The field must be a date that is after a specified date.

MUST_BE_AFTER_OR_EQUAL:date

The field must be a date that is after or equal to a specified date.

MUST_CONTAIN_ONLY_LETTERS

The field must contain only letters.

MUST_CONTAIN_ONLY_LETTERS_NUMBERS_DASHES_UNDERSCORES

The field must contain only letters, numbers, dashes and underscores.

MUST_CONTAIN_ONLY_LETTERS_NUMBERS

The field must contain only letters and numbers.

MUST_BE_ARRAY

The field must be an array.

MUST_BE_BEFORE:date

The field must be a date that is before a specified date.

MUST_BE_BEFORE_OR_EQUAL:date

The field must be a date that is before or equal to a specified date.

BETWEEN:NUMBERS:min:max

The field must be a number between min and max.

BETWEEN:FILE_KB:min:max

The field must be a file with a size between min and max KB.

BETWEEN:STRING_LENGTH:min:max

The field must be a string with a length between min and max.

BETWEEN:ARRAY_COUNT:min:max

The field must be an array with between min and max elements.

MUST_BE_BOOLEAN

The field must be a boolean. Accepted values include: true, false, 1, 0, "1" and "0".

MUST_BE_CONFIRMED

The field must have a matching confirmation field named {field}_confirmation.

MUST_BE_CURRENT_PASSWORD

The field must match the authenticated user's current password.

MUST_BE_DATE

The field must be a valid date according to the strtotime PHP function.

MUST_EQUAL_DATE:date

The field must be a date equal to the specified date.

MUST_BE_DATE_FORMAT:format

The field must match the given date format.

MUST_BE_DIFFERENT:other

The field must have a different value than the field named other.

MUST_HAVE_DIGITS:digits

The field must be numeric and contain exactly digits digits.

MUST_HAVE_DIGITS_BETWEEN:min:max

The field must be numeric and contain between min and max digits.

INVALID_IMAGE_DIMENSIONS

The uploaded image has invalid dimensions.

MUST_BE_DISTINCT

The field's values must not contain any duplicates.

MUST_BE_EMAIL

The field must be a valid email address.

MUST_END_WITH:value

The field must end with value.

MUST_EXIST:table.column

The field's value must already exist in the specified database table and column.

MUST_BE_FILE

The field must be a file.

MUST_HAVE_A_VALUE

The field must have a non-empty value.

GREATER_THAN:NUMBER:value

The field must be numeric and greater than value.

GREATER_THAN:FILE_KB:value

The field must be a file with a size greater than value KB.

GREATER_THAN:STRING_LENGTH:value

The field must be a string with a length greater than value.

GREATER_THAN:ARRAY_COUNT:value

The field must be an array with have more than value elements.

GREATER_THAN_OR_EQUALS:NUMBER:value

The field must be numeric and greater than or equal to value.

GREATER_THAN_OR_EQUALS:FILE_KB:value

The field must be a file with a size greater than or equal to value KB.

GREATER_THAN_OR_EQUALS:STRING_LENGTH:value

The field must be a string with a length greater than or equal to value.

GREATER_THAN_OR_EQUALS:ARRAY_COUNT:value

The field must be an array with at least value elements.

MUST_BE_IMAGE

The field must be an image.

MUST_BE_IN:values

The field value must be on of the values list.

MUST_BE_IN_ARRAY:other

The field's value must exist in the other field values.

MUST_BE_INTEGER

The field must be an integer.

MUST_BE_IP_ADDRESS

The field must be a valid IP address.

MUST_BE_IPV4_ADDRESS

The field must be a valid IPv4 address.

MUST_BE_IPV6_ADDRESS

The field must be a valid IPv6 address.

MUST_BE_JSON

The field must contain valid JSON.

LESS_THAN:NUMBER:value

The field must be numeric and less than value.

LESS_THAN:FILE_KB:value

The field must be a file with a size less than value KB.

LESS_THAN:STRING_LENGTH:value

The field must be a string with a length less than value.

LESS_THAN:ARRAY_COUNT:value

The field must be an array with fewer than value elements.

LESS_THAN_OR_EQUALS:NUMBER:value

The field must be numeric and less than or equal to value.

LESS_THAN_OR_EQUALS:FILE_KB:value

The field must be a file with a size less than or equal to value KB.

LESS_THAN_OR_EQUALS:STRING_LENGTH:value

The field must be a string with a length less than or equal to value.

LESS_THAN_OR_EQUALS:ARRAY_COUNT:value

The field must be an array with no more than value elements.

MAXIMUM:NUMBER:value

The field must be numeric and must not exceed the value.

MAXIMUM:FILE_KB:value

The field must be a file with a size no greater than value KB.

MAXIMUM:STRING_LENGTH:value

The field must be a string with a maximum length equal to value.

MAXIMUM:ARRAY_COUNT:value

The field must be an array with no more than value elements.

MUST_BE_MIME_OF:values

The field must be a file with one of the given file extensions, for example: pdf, png, mpeg.
Note that the rule uses file extensions, but Laravel internally verifies the actual MIME type using the file's contents.

MUST_BE_MIMETYPE_OF:values

The field must be a file matching one of the specified MIME types, such as: application/pdf, image/png, video/mpeg.

MINIMUM:NUMBER:min

The field must be numeric and at least value.

MINIMUM:FILE_KB:min

The field must be a file with a size of at least value KB.

MINIMUM:STRING_LENGTH:min

The field must be a string with a minimum length equal to value.

MINIMUM:ARRAY_COUNT:min

The field must be an array with at least value elements.

MUST_BE_MULTIPLE_OF:value

The field must be multiple of value.

MUST_NOT_BE_IN:values

The field's value must not be on of the values list. This is the opposite of MUST_BE_IN rule.

INVALID_FORMAT

The field does not match the given regular expression.

MUST_BE_NUMERIC

The field must be numeric.

MUST_BE_PRESENT

The field must be present, but can be empty.

REQUIRED

The field must be present and not empty.
Field is considered empty if its value is null, an empty string, an empty array or a file input with no file uploaded.

REQUIRED_IF:other:value

The field must be present and not empty if other field is equal to value.

REQUIRED_UNLESS:other:values

The field must be present and not empty unless other field is equal to value.

REQUIRED_WITH:values

The field must be present and not empty if any of the fields in values are present and not empty.

REQUIRED_WITH_ALL:values

The field must be present and not empty if all of the fields in values are present and not empty.

REQUIRED_WITHOUT:values

The field must be present and not empty if any of the fields in values are not present or empty.

REQUIRED_WITHOUT_ALL:values

The field must be present and not empty if all of the fields in values are not present or empty.

PROHIBITED

The field must be empty or not present in the request.

PROHIBITED_IF:other:value

The field must be empty or not present if other field is equal to value.

PROHIBITED_UNLESS:other:value

The field must be empty or not present unless other field is equal to value.

PROHIBITS:other

If the field is present, the other field can't be present at the same time.

MUST_BE_SAME:other

The field must have the same value as the other field.

SIZE:NUMBER:size

The field must be numeric and equal to size.

SIZE:FILE_KB:size

The field must be a file with a size of size KB.

SIZE:STRING_LENGTH:size

The field must be a string with a length equal to size.

SIZE:ARRAY_COUNT:size

The field must be an array with exactly size elements.

MUST_START_WITH:value

The field must start with value.

MUST_BE_STRING

The field must be a string.

MUST_BE_TIMEZONE

The field must be a valid timezone according to the timezone_identifiers_list PHP function.

MUST_BE_UNIQUE:table.column

The field's value must not already exist in the specified database table and column.

FAILED_TO_UPLOAD

File upload failed.

MUST_BE_URL

The field must be a valid URL address.

MUST_BE_UUID

The field must be a valid UUID.

Note that not all of the above rules are currently used in our API, but this is subject to change.
Some of these rules serve the same purpose as other rules. For example, GREATER_THAN_OR_EQUALS:NUMBER:value and MINIMUM:NUMBER:min achieve the same result.
Some of these rules overlap with others by extending their configuration options or enabling stricter validation. For example, there are two similar rules: MUST_BE_URL and MUST_BE_ACTIVE_URL. The first only checks whether the field contains a valid URL format, while the second also verifies that the domain has an existing DNS record.

More detailed information about validation rules can be found in Laravel documentation.

Appendix B. Custom validation rules

List of custom validation rules messages:

Code

Description

RULES:CONFIG_MODES_LIMIT_RULE:EXCEEDED:max

Checks whether the device's config modes limit has been reached. Fails when the number of config modes assigned to the device already equals to max.

RULES:FILE_UPLOADS_MAX_TOTAL_SIZE_RULE:EXCEEDED:max_size

Checks whether the total size of all uploaded files in the request exceeds the specified limit. Fails if the total size is greater than max_size KB.

RULES:IS_TIMESTAMP_RULE:INVALID_VALUE

Checks whether the value is a valid timestamp. Fails if it's not.

RULES:IS_TIMEZONE_RULE:INVALID_VALUE

Checks whether the value is a valid timezone. Fails if it's not. List of valid timezones is available at the /api/timezones endpoint.

RULES:NOT_EXIST_IN_OTHER_REGIONS_RULE:DEVICE_IDENTIFIER_IN_USE

Checks whether the device identifier (serial or Bluetooth ID) is already in use in another region. Fails if it is.

RULES:NOT_EXIST_IN_OTHER_REGIONS_RULE:USER_EMAIL_IN_USE

Checks whether the user's email is already in use in another region. Fails if it is.

RULES:NOT_INFECTED_RULE:FILE_INFECTED_OR_UPLOAD_ISSUE

Checks whether the uploaded file is infected. Fails if the upload fails or AV software reports an issue.

RULES:PATIENT_DEVICE_RULE:NOT_ASSIGNED

Checks the patient-device assignment. Fails if the device is not assigned to the user.

RULES:P2P_SESSION_MEMBER_RULE:NOT_A_MEMBER

Checks whether the current user is the member of the P2P session they are trying to access. Fails if the user is not a session's patient or clinician.

RULES:URL_EXISTS_RULE:EXPECTED_CONTENT_TYPE:content_type
RULES:URL_EXISTS_RULE:NOT_FOUND

Checks whether the specified URL exists and returns an HTTP 200 response.
If content_type was specified, the rule also verifies the returned Content-Type header. If it doesn't match, the error code will include EXPECTED_CONTENT_TYPE:content_type.
Otherwise, it only checks the status code and returns NOT_FOUND if it's not 200.
Fails if HTTP code is not 200 or the Content-Type doesn't match the expected value (if specified).

PASSWORD:MUST_CONTAIN_AT_LEAST_ONE_LOWERCASE

Checks whether the password contains at least one lowercase letter.

PASSWORD:MUST_CONTAIN_AT_LEAST_ONE_UPPERCASE

Checks whether the password contains at least one uppercase letter.

PASSWORD:MUST_CONTAIN_AT_LEAST_ONE_NUMBER

Checks whether the password contains at least one number.

PASSWORD:MUST_CONTAIN_AT_LEAST_ONE_SYMBOL

Checks whether the password contains at least one symbol.

Acadle

Endpoints related to Acadle integration

Acadle SSO

requires authentication

Creates the SSO authorization link. The link expires after 60 seconds, but can be re-generated without any limits.

Example request:

curl --request POST \
    "http://localhost:8000/api/acadle/sso" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/acadle/sso"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "POST",
    headers,
}).then(response => response.json());

Example response (200, OK):


{
    "sso_url": "https://adp.acadle.com/sso/authenticate/callback?ssoToken=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE3MzczNzU3OTksImV4cCI6MTczNzM3NTg1OSwiZmlyc3RuYW1lIjoiVG9tIiwibGFzdG5hbWUiOiJTbWl0aCIsImVtYWlsIjoidGVzdEBleGFtcGxlLmNvbSIsInVzZXJuYW1lIjpudWxsLCJ0aW1lem9uZSI6IlVUQyJ9.VzE2q6V53bdYJM7aB6CWWxDqcxF4gpdiEF80dD9j-5k",
    "sso_expires": 1737375859
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to use Acadle",
    "code": "ACADLE:SSO:INSUFFICIENT_PERMISSION"
}

Example response (403, Survey required):


{
    "message": "Completing the survey is required to proceed to Acadle",
    "code": "ACADLE:SSO:SURVEY_REQUIRED"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Check Acadle survey status

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/acadle/survey/status" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/acadle/survey/status"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200, OK):


{
    "survey_sent": false,
    "survey_id": null
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to use Acadle",
    "code": "ACADLE:SURVEY_STATUS:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Get Acadle survey data

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/acadle/survey" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/acadle/survey"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (201):


{
    "id": 1,
    "user_id": 296,
    "cpo_number": "13",
    "country": "Kiribati",
    "medical_training": "biomedical_engineer",
    "myo_exp_zeus": "0",
    "has_demo_hand_access": 0,
    "wants_demo_hand": 1,
    "myo_exp_covvi": 1,
    "myo_exp_fillauer": 1,
    "myo_exp_ossur": 1,
    "myo_exp_ottobock": 1,
    "myo_exp_steeper": 0,
    "myo_exp_taska": 0,
    "myo_exp_vincent": 1,
    "myo_exp_pattern_recognition": 1,
    "myo_exp_other": "Rerum omnis itaque nobis cum necessitatibus.",
    "partial_hand_protheses": "3",
    "below_elbow_protheses_single_action": "3",
    "below_elbow_protheses_multi_action": "3",
    "above_elbow_protheses": "4",
    "shoulder_protheses": "2",
    "zeus_components_description": "Omnis id at distinctio nisi.",
    "contact_name": "Devonte",
    "contact_surname": "Roberts",
    "company_name": "Kshlerin Inc",
    "street": "273 Mraz Knolls Apt. 339",
    "city": "Austenstad",
    "postal_code": "98300-4233",
    "email": "dernser@bashirian.com",
    "phone": "743-732-0665",
    "phone_country": "tw",
    "device_side": "R",
    "created_at": "2026-06-02T13:56:42.000000Z",
    "updated_at": "2026-06-02T13:56:42.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to use Acadle",
    "code": "ACADLE:SURVEY_RESULTS:INSUFFICIENT_PERMISSION"
}

Example response (404, Survey not found):


{
    "message": "Survey not found",
    "code": "ACADLE:SURVEY_RESULTS:SURVEY_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Response

Response Fields

id integer

Survey ID.

user_id integer

Associated user ID.

cpo_number string

CPO number.

country string

Country code.

medical_training string

Medical training level.

myo_exp_zeus string

Zeus myo experience.

myo_exp_covvi string

Covvi myo experience.

myo_exp_fillauer string

Fillauer myo experience.

myo_exp_ossur string

Ossur myo experience.

myo_exp_ottobock string

Ottobock myo experience.

myo_exp_steeper string

Steeper myo experience.

myo_exp_taska string

Taska myo experience.

myo_exp_vincent string

Vincent myo experience.

myo_exp_pattern_recognition string

Pattern recognition myo experience.

myo_exp_other string

Other myo experience.

has_demo_hand_access boolean

Whether the user has demo hand access.

wants_demo_hand boolean

Whether the user wants a demo hand.

partial_hand_protheses string

Partial hand prostheses experience.

below_elbow_protheses_single_action string

Below elbow single action prostheses experience.

below_elbow_protheses_multi_action string

Below elbow multi-action prostheses experience.

above_elbow_protheses string

Above elbow prostheses experience.

shoulder_protheses string

Shoulder prostheses experience.

zeus_components_description string

Zeus components description.

contact_name string

Contact first name.

contact_surname string

Contact last name.

company_name string

Company name.

street string

Street address.

city string

City.

postal_code string

Postal code.

email string

Contact email.

phone string

Contact phone.

phone_country string

Phone country code.

device_side string

Device side.

Must be one of:

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Get Acadle survey data (SuperAdmin)

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/acadle/survey/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/acadle/survey/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (201):


{
    "id": 2,
    "user_id": 297,
    "cpo_number": "1",
    "country": "Croatia",
    "medical_training": "biomedical_engineer",
    "myo_exp_zeus": "1",
    "has_demo_hand_access": 1,
    "wants_demo_hand": 0,
    "myo_exp_covvi": 0,
    "myo_exp_fillauer": 1,
    "myo_exp_ossur": 0,
    "myo_exp_ottobock": 1,
    "myo_exp_steeper": 0,
    "myo_exp_taska": 0,
    "myo_exp_vincent": 0,
    "myo_exp_pattern_recognition": 0,
    "myo_exp_other": "In sed eius debitis culpa quis nulla ullam aliquid.",
    "partial_hand_protheses": "4",
    "below_elbow_protheses_single_action": "2",
    "below_elbow_protheses_multi_action": "3",
    "above_elbow_protheses": "3",
    "shoulder_protheses": "1",
    "zeus_components_description": "Quidem non unde quod.",
    "contact_name": "Graham",
    "contact_surname": "Reichel",
    "company_name": "Schroeder-Greenfelder",
    "street": "69218 Jerde Spring",
    "city": "West Mercedesside",
    "postal_code": "20687",
    "email": "greenfelder.jaden@kiehn.info",
    "phone": "281.781.0432",
    "phone_country": "tc",
    "device_side": "L",
    "created_at": "2026-06-02T13:56:43.000000Z",
    "updated_at": "2026-06-02T13:56:43.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to use Acadle",
    "code": "ACADLE:SURVEY_RESULTS_ADMIN:INSUFFICIENT_PERMISSION"
}

Example response (404, User not found):


{
    "message": "User not found",
    "code": "ACADLE:SURVEY_RESULTS_ADMIN:USER_NOT_FOUND"
}

Example response (404, Survey not found):


{
    "message": "Survey not found",
    "code": "ACADLE:SURVEY_RESULTS_ADMIN:SURVEY_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Response

Response Fields

id integer

Survey ID.

user_id integer

Associated user ID.

cpo_number string

CPO number.

country string

Country code.

medical_training string

Medical training level.

myo_exp_zeus string

Zeus myo experience.

myo_exp_covvi string

Covvi myo experience.

myo_exp_fillauer string

Fillauer myo experience.

myo_exp_ossur string

Ossur myo experience.

myo_exp_ottobock string

Ottobock myo experience.

myo_exp_steeper string

Steeper myo experience.

myo_exp_taska string

Taska myo experience.

myo_exp_vincent string

Vincent myo experience.

myo_exp_pattern_recognition string

Pattern recognition myo experience.

myo_exp_other string

Other myo experience.

has_demo_hand_access boolean

Whether the user has demo hand access.

wants_demo_hand boolean

Whether the user wants a demo hand.

partial_hand_protheses string

Partial hand prostheses experience.

below_elbow_protheses_single_action string

Below elbow single action prostheses experience.

below_elbow_protheses_multi_action string

Below elbow multi-action prostheses experience.

above_elbow_protheses string

Above elbow prostheses experience.

shoulder_protheses string

Shoulder prostheses experience.

zeus_components_description string

Zeus components description.

contact_name string

Contact first name.

contact_surname string

Contact last name.

company_name string

Company name.

street string

Street address.

city string

City.

postal_code string

Postal code.

email string

Contact email.

phone string

Contact phone.

phone_country string

Phone country code.

device_side string

Device side.

Must be one of:

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

List all Acadle surveys (SuperAdmin)

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/acadle/surveys?search=john" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/acadle/surveys"
);

const params = {
    "search": "john",
};
Object.keys(params)
    .forEach(key => url.searchParams.append(key, params[key]));

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 3,
            "user_id": 298,
            "cpo_number": "9260695",
            "country": "Slovakia (Slovak Republic)",
            "medical_training": "biomedical_engineer",
            "myo_exp_zeus": "1",
            "has_demo_hand_access": 1,
            "wants_demo_hand": 0,
            "myo_exp_covvi": 1,
            "myo_exp_fillauer": 1,
            "myo_exp_ossur": 1,
            "myo_exp_ottobock": 0,
            "myo_exp_steeper": 0,
            "myo_exp_taska": 1,
            "myo_exp_vincent": 1,
            "myo_exp_pattern_recognition": 0,
            "myo_exp_other": "Et laborum impedit atque quia consequuntur iure.",
            "partial_hand_protheses": "5",
            "below_elbow_protheses_single_action": "2",
            "below_elbow_protheses_multi_action": "3",
            "above_elbow_protheses": "2",
            "shoulder_protheses": "3",
            "zeus_components_description": "Cupiditate consequatur autem qui minus suscipit quo recusandae.",
            "contact_name": "Terrill",
            "contact_surname": "Grady",
            "company_name": "Bergnaum-Quitzon",
            "street": "2499 Cristobal Bridge Apt. 168",
            "city": "Lafayettemouth",
            "postal_code": "31756",
            "email": "bins.meda@cronin.com",
            "phone": "1-712-592-5068",
            "phone_country": "pa",
            "device_side": "R",
            "created_at": "2026-06-02T13:56:43.000000Z",
            "updated_at": "2026-06-02T13:56:43.000000Z"
        },
        {
            "id": 4,
            "user_id": 299,
            "cpo_number": "215804581",
            "country": "Korea",
            "medical_training": "physiotherapist",
            "myo_exp_zeus": "0",
            "has_demo_hand_access": 0,
            "wants_demo_hand": 1,
            "myo_exp_covvi": 0,
            "myo_exp_fillauer": 0,
            "myo_exp_ossur": 1,
            "myo_exp_ottobock": 0,
            "myo_exp_steeper": 0,
            "myo_exp_taska": 0,
            "myo_exp_vincent": 0,
            "myo_exp_pattern_recognition": 1,
            "myo_exp_other": "Sint accusantium quasi necessitatibus quia.",
            "partial_hand_protheses": "3",
            "below_elbow_protheses_single_action": "2",
            "below_elbow_protheses_multi_action": "2",
            "above_elbow_protheses": "0",
            "shoulder_protheses": "3",
            "zeus_components_description": "Molestias ex et veniam occaecati veniam facere.",
            "contact_name": "Tessie",
            "contact_surname": "Carter",
            "company_name": "Jacobs, Schulist and Willms",
            "street": "597 Jordan Courts",
            "city": "South Abbie",
            "postal_code": "47279-6947",
            "email": "braeden76@funk.com",
            "phone": "551.334.1991",
            "phone_country": "cv",
            "device_side": "R",
            "created_at": "2026-06-02T13:56:44.000000Z",
            "updated_at": "2026-06-02T13:56:44.000000Z"
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to use Acadle",
    "code": "ACADLE:SURVEYS:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/acadle/surveys

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Query Parameters

search string optional

Filter surveys by searching in: user name, user email, contact name, contact surname, contact email, CPO number. Example: john

perpage integer optional

Elements per page (Default: 20).

page integer optional

Page number (Default: 1).

extend string optional

Comma-separated list of relation extensions (available: user).

sortby string optional

Sort by field (available: date, user_name, user_email, contact_name, contact_surname, country, medical_training, cpo_number). Default: date, desc.

sortdir string optional

Sort direction (available: asc, desc).

Response

Response Fields

items object

id integer

Survey ID.

user_id integer

Associated user ID.

cpo_number string

CPO number.

country string

Country code.

medical_training string

Medical training level.

myo_exp_zeus string

Zeus myo experience.

myo_exp_covvi string

Covvi myo experience.

myo_exp_fillauer string

Fillauer myo experience.

myo_exp_ossur string

Ossur myo experience.

myo_exp_ottobock string

Ottobock myo experience.

myo_exp_steeper string

Steeper myo experience.

myo_exp_taska string

Taska myo experience.

myo_exp_vincent string

Vincent myo experience.

myo_exp_pattern_recognition string

Pattern recognition myo experience.

myo_exp_other string

Other myo experience.

has_demo_hand_access boolean

Whether the user has demo hand access.

wants_demo_hand boolean

Whether the user wants a demo hand.

partial_hand_protheses string

Partial hand prostheses experience.

below_elbow_protheses_single_action string

Below elbow single action prostheses experience.

below_elbow_protheses_multi_action string

Below elbow multi-action prostheses experience.

above_elbow_protheses string

Above elbow prostheses experience.

shoulder_protheses string

Shoulder prostheses experience.

zeus_components_description string

Zeus components description.

contact_name string

Contact first name.

contact_surname string

Contact last name.

company_name string

Company name.

street string

Street address.

city string

City.

postal_code string

Postal code.

email string

Contact email.

phone string

Contact phone.

phone_country string

Phone country code.

device_side string

Device side.

Must be one of:

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

paginator object

total integer

Total number of items.

count integer

Number of items on current page.

perpage integer

Items per page.

current_page integer

Current page number.

last_page integer

Last page number.

Send Acadle survey

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/acadle/survey" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"cpo_number\": 7738,
    \"country\": \"Iceland\",
    \"medical_training\": \"clinician\",
    \"myo_exp_zeus\": false,
    \"myo_exp_covvi\": false,
    \"myo_exp_fillauer\": false,
    \"myo_exp_ossur\": false,
    \"myo_exp_ottobock\": false,
    \"myo_exp_steeper\": false,
    \"myo_exp_taska\": false,
    \"myo_exp_vincent\": false,
    \"myo_exp_pattern_recognition\": false,
    \"myo_exp_other\": \"Beatae repudiandae et fugiat doloremque tempora ullam mollitia eveniet.\",
    \"has_demo_hand_access\": false,
    \"wants_demo_hand\": false,
    \"partial_hand_protheses\": \"1-5\",
    \"below_elbow_protheses_single_action\": \"1-5\",
    \"below_elbow_protheses_multi_action\": \"5-10\",
    \"above_elbow_protheses\": \"50+\",
    \"shoulder_protheses\": \"1-5\",
    \"zeus_components_description\": \"Aut reprehenderit sed aut qui.\",
    \"contact_name\": \"Robbie\",
    \"company_name\": \"Kreiger LLC\",
    \"street\": \"517 Celine Cliff Apt. 428\",
    \"city\": \"New Nadiachester\",
    \"postal_code\": \"42847-2064\",
    \"email\": \"edward.doyle@feeney.com\",
    \"phone\": \"+1-520-454-2968\",
    \"phone_country\": \"BD\",
    \"device_side\": \"L\"
}"

const url = new URL(
    "http://localhost:8000/api/acadle/survey"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "cpo_number": 7738,
    "country": "Iceland",
    "medical_training": "clinician",
    "myo_exp_zeus": false,
    "myo_exp_covvi": false,
    "myo_exp_fillauer": false,
    "myo_exp_ossur": false,
    "myo_exp_ottobock": false,
    "myo_exp_steeper": false,
    "myo_exp_taska": false,
    "myo_exp_vincent": false,
    "myo_exp_pattern_recognition": false,
    "myo_exp_other": "Beatae repudiandae et fugiat doloremque tempora ullam mollitia eveniet.",
    "has_demo_hand_access": false,
    "wants_demo_hand": false,
    "partial_hand_protheses": "1-5",
    "below_elbow_protheses_single_action": "1-5",
    "below_elbow_protheses_multi_action": "5-10",
    "above_elbow_protheses": "50+",
    "shoulder_protheses": "1-5",
    "zeus_components_description": "Aut reprehenderit sed aut qui.",
    "contact_name": "Robbie",
    "company_name": "Kreiger LLC",
    "street": "517 Celine Cliff Apt. 428",
    "city": "New Nadiachester",
    "postal_code": "42847-2064",
    "email": "edward.doyle@feeney.com",
    "phone": "+1-520-454-2968",
    "phone_country": "BD",
    "device_side": "L"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (201):


{
    "id": 5,
    "user_id": 300,
    "cpo_number": "5297577",
    "country": "Papua New Guinea",
    "medical_training": "clinician",
    "myo_exp_zeus": "0",
    "has_demo_hand_access": 1,
    "wants_demo_hand": 0,
    "myo_exp_covvi": 0,
    "myo_exp_fillauer": 0,
    "myo_exp_ossur": 1,
    "myo_exp_ottobock": 0,
    "myo_exp_steeper": 1,
    "myo_exp_taska": 0,
    "myo_exp_vincent": 0,
    "myo_exp_pattern_recognition": 1,
    "myo_exp_other": "Incidunt sapiente quia ut deserunt.",
    "partial_hand_protheses": "4",
    "below_elbow_protheses_single_action": "2",
    "below_elbow_protheses_multi_action": "4",
    "above_elbow_protheses": "2",
    "shoulder_protheses": "0",
    "zeus_components_description": "Facere et enim amet nobis doloribus et.",
    "contact_name": "Zelma",
    "contact_surname": "Sporer",
    "company_name": "McDermott-Pollich",
    "street": "779 Jessika Overpass Suite 431",
    "city": "Mohrborough",
    "postal_code": "80373-9328",
    "email": "feil.margarete@kassulke.com",
    "phone": "754-683-0116",
    "phone_country": "ke",
    "device_side": "R",
    "created_at": "2026-06-02T13:56:45.000000Z",
    "updated_at": "2026-06-02T13:56:45.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to use Acadle",
    "code": "ACADLE:SURVEY_SEND:INSUFFICIENT_PERMISSION"
}

Example response (403, Survey already sent):


{
    "message": "Survey already sent",
    "code": "ACADLE:SURVEY_SEND:SURVEY_ALREADY_SENT"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/acadle/survey

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

cpo_number string optional

CPO Number. Example: 7738

country string

Country name. Example: Iceland

medical_training string

Clinician's medical/clinical training. Example: clinician

Must be one of:

clinician
physiotherapist
physician
biomedical_engineer
other
prosthetist

myo_exp_zeus boolean true false

Does clinician have an experience working with Zeus hands. Example: false

myo_exp_covvi boolean true false

Does clinician have an experience working with Covvi hands. Example: false

myo_exp_fillauer boolean true false

Does clinician have an experience working with Fillauer hands. Example: false

myo_exp_ossur boolean true false

Does clinician have an experience working with Ossur hands. Example: false

myo_exp_ottobock boolean true false

Does clinician have an experience working with Ottobock hands. Example: false

myo_exp_steeper boolean true false

Does clinician have an experience working with Steeper hands. Example: false

myo_exp_taska boolean true false

Does clinician have an experience working with Taska hands. Example: false

myo_exp_vincent boolean true false

Does clinician have an experience working with Vincent hands. Example: false

myo_exp_pattern_recognition boolean true false

Does clinician have an experience working with Pattern Recognition. Example: false

myo_exp_other string optional

Does clinician have an experience working with any other hands. MINIMUM:STRING_LENGTH:3. Example: Beatae repudiandae et fugiat doloremque tempora ullam mollitia eveniet.

has_demo_hand_access boolean true false

Does clinician have access to a demo hand. Example: false

wants_demo_hand boolean true false

Does clinician want a demo hand. Example: false

partial_hand_protheses string optional

How many prostheses of type partial hand does clinician make per year. Example: 1-5

below_elbow_protheses_single_action string optional

How many prostheses of type below elbow (single-action) does clinician make per year. Example: 1-5

below_elbow_protheses_multi_action string optional

How many prostheses of type below elbow (multi-action) does clinician make per year. Example: 5-10

above_elbow_protheses string optional

How many prostheses of type above elbow does clinician make per year. Example: 50+

shoulder_protheses string optional

How many prostheses of type shoulder does clinician make per year. Example: 1-5

zeus_components_description string optional

Description which components would clinician like to use with a Zeus hand. MINIMUM:STRING_LENGTH:10. Example: Aut reprehenderit sed aut qui.

contact_name string optional

Contact information: full name. This field is required when wants_demo_hand is true. Example: Robbie

company_name string optional

Contact information: company name. This field is required when wants_demo_hand is true. Example: Kreiger LLC

street string optional

Contact information: street. This field is required when wants_demo_hand is true. Example: 517 Celine Cliff Apt. 428

city string optional

Contact information: city/state. This field is required when wants_demo_hand is true. Example: New Nadiachester

postal_code string optional

Contact information: postal code. This field is required when wants_demo_hand is true. Example: 42847-2064

email string optional

Contact information: email. This field is required when wants_demo_hand is true. MUST_BE_EMAIL. Example: edward.doyle@feeney.com

phone string optional

Contact information: phone. This field is required when wants_demo_hand is true. Example: +1-520-454-2968

phone_country string optional

Contact information: phone country. This field is required when wants_demo_hand is true. SIZE:STRING_LENGTH:2. Example: BD

device_side string optional

The side of the hand. This field is required when wants_demo_hand is true. Example: L

Must be one of:

Response

Response Fields

id integer

Survey ID.

user_id integer

Associated user ID.

cpo_number string

CPO number.

country string

Country code.

medical_training string

Medical training level.

myo_exp_zeus string

Zeus myo experience.

myo_exp_covvi string

Covvi myo experience.

myo_exp_fillauer string

Fillauer myo experience.

myo_exp_ossur string

Ossur myo experience.

myo_exp_ottobock string

Ottobock myo experience.

myo_exp_steeper string

Steeper myo experience.

myo_exp_taska string

Taska myo experience.

myo_exp_vincent string

Vincent myo experience.

myo_exp_pattern_recognition string

Pattern recognition myo experience.

myo_exp_other string

Other myo experience.

has_demo_hand_access boolean

Whether the user has demo hand access.

wants_demo_hand boolean

Whether the user wants a demo hand.

partial_hand_protheses string

Partial hand prostheses experience.

below_elbow_protheses_single_action string

Below elbow single action prostheses experience.

below_elbow_protheses_multi_action string

Below elbow multi-action prostheses experience.

above_elbow_protheses string

Above elbow prostheses experience.

shoulder_protheses string

Shoulder prostheses experience.

zeus_components_description string

Zeus components description.

contact_name string

Contact first name.

contact_surname string

Contact last name.

company_name string

Company name.

street string

Street address.

city string

City.

postal_code string

Postal code.

email string

Contact email.

phone string

Contact phone.

phone_country string

Phone country code.

device_side string

Device side.

Must be one of:

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Activation codes

API endpoints for activation codes

Get activation codes

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/activation-codes" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/activation-codes"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 1,
            "code": "YEVNN8",
            "created_by": 37,
            "used_by": 38,
            "used_at": null,
            "active": 0,
            "created_at": "2026-06-02T13:54:46.000000Z",
            "updated_at": "2026-06-02T13:54:46.000000Z"
        },
        {
            "id": 2,
            "code": "ELLJBU",
            "created_by": 39,
            "used_by": 40,
            "used_at": null,
            "active": 1,
            "created_at": "2026-06-02T13:54:46.000000Z",
            "updated_at": "2026-06-02T13:54:46.000000Z"
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage activation codes",
    "code": "ACTIVATION_CODE:LIST:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/activation-codes

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Query Parameters

perpage integer optional

Elements per page (Default: 20).

page integer optional

Page number (Default: 1).

sortby string optional

Sort by field (available: date). Default: date, desc.

sortdir string optional

Sort direction (available: asc, desc).

Response

Response Fields

items object

id integer

Activation code ID.

code string

Activation code value.

created_by integer

ID of the user who created this code.

used_by integer

ID of the user who used this code.

used_at string

Timestamp when the code was used.

active boolean

Whether the code is active.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

creator object

User who created this code.

user object

User who used this code.

paginator object

total integer

Total number of items.

count integer

Number of items on current page.

perpage integer

Items per page.

current_page integer

Current page number.

last_page integer

Last page number.

Get active activation codes

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/activation-codes/active" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/activation-codes/active"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 3,
            "code": "NKHTVQ",
            "created_by": 41,
            "used_by": 42,
            "used_at": null,
            "active": 0,
            "created_at": "2026-06-02T13:54:47.000000Z",
            "updated_at": "2026-06-02T13:54:47.000000Z"
        },
        {
            "id": 4,
            "code": "UANTHC",
            "created_by": 43,
            "used_by": 44,
            "used_at": null,
            "active": 1,
            "created_at": "2026-06-02T13:54:48.000000Z",
            "updated_at": "2026-06-02T13:54:48.000000Z"
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage activation codes",
    "code": "ACTIVATION_CODE:ACTIVE:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Response

Response Fields

items object

id integer

Activation code ID.

code string

Activation code value.

created_by integer

ID of the user who created this code.

used_by integer

ID of the user who used this code.

used_at string

Timestamp when the code was used.

active boolean

Whether the code is active.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

creator object

User who created this code.

user object

User who used this code.

paginator object

total integer

Total number of items.

count integer

Number of items on current page.

perpage integer

Items per page.

current_page integer

Current page number.

last_page integer

Last page number.

Find activation code

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/activation-codes/find/beatae" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/activation-codes/find/beatae"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "id": 5,
    "code": "VFY64S",
    "created_by": null,
    "used_by": null,
    "used_at": null,
    "active": 1,
    "created_at": "2026-06-02T13:54:48.000000Z",
    "updated_at": "2026-06-02T13:54:48.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage activation codes",
    "code": "ACTIVATION_CODE:FIND:INSUFFICIENT_PERMISSION"
}

Example response (404, Activation code not found):


{
    "message": "Activation code not found",
    "code": "ACTIVATION_CODE:FIND:CODE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Response

Response Fields

id integer

Activation code ID.

code string

Activation code value.

created_by integer

ID of the user who created this code.

used_by integer

ID of the user who used this code.

used_at string

Timestamp when the code was used.

active boolean

Whether the code is active.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

creator object

User who created this code.

user object

User who used this code.

Create activation code

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/activation-codes" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/activation-codes"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "POST",
    headers,
}).then(response => response.json());

Example response (201):


{
    "id": 6,
    "code": "H7397T",
    "created_by": null,
    "used_by": null,
    "used_at": null,
    "active": 0,
    "created_at": "2026-06-02T13:54:48.000000Z",
    "updated_at": "2026-06-02T13:54:48.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage activation codes",
    "code": "ACTIVATION_CODE:CREATE:INSUFFICIENT_PERMISSION"
}

Example response (404, Server error):


{
    "message": "Server error: activation code not created",
    "code": "ACTIVATION_CODE:CREATE:SERVER_ERROR"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Response

Response Fields

id integer

Activation code ID.

code string

Activation code value.

created_by integer

ID of the user who created this code.

used_by integer

ID of the user who used this code.

used_at string

Timestamp when the code was used.

active boolean

Whether the code is active.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

creator object

User who created this code.

user object

User who used this code.

Create activation code (multi-region)

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/activation-codes/11" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/activation-codes/11"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "POST",
    headers,
}).then(response => response.json());

Example response (201):


{
    "id": 7,
    "code": "QFZDXR",
    "created_by": null,
    "used_by": null,
    "used_at": null,
    "active": 0,
    "created_at": "2026-06-02T13:54:48.000000Z",
    "updated_at": "2026-06-02T13:54:48.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage activation codes",
    "code": "ACTIVATION_CODE:CREATE:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Response

Response Fields

id integer

Activation code ID.

code string

Activation code value.

created_by integer

ID of the user who created this code.

used_by integer

ID of the user who used this code.

used_at string

Timestamp when the code was used.

active boolean

Whether the code is active.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

creator object

User who created this code.

user object

User who used this code.

Deactivate activation code

requires authentication

Example request:

curl --request DELETE \
    "http://localhost:8000/api/activation-codes/15" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/activation-codes/15"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "DELETE",
    headers,
}).then(response => response.json());

Example response (202):


{
    "id": 8,
    "code": "YD3ZLM",
    "created_by": null,
    "used_by": null,
    "used_at": null,
    "active": 1,
    "created_at": "2026-06-02T13:54:48.000000Z",
    "updated_at": "2026-06-02T13:54:48.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage activation codes",
    "code": "ACTIVATION_CODE:DEACTIVATE:INSUFFICIENT_PERMISSION"
}

Example response (403, Activation code is not active):


{
    "message": "Cannot deactivate: code is not active",
    "code": "ACTIVATION_CODE:DEACTIVATE:CODE_NOT_ACTIVE"
}

Example response (404, Activation code not found):


{
    "message": "Activation code not found",
    "code": "ACTIVATION_CODE:DEACTIVATE:CODE_NOT_FOUND"
}

Example response (500, Server error):


{
    "message": "Server error: activation code not deactivated",
    "code": "ACTIVATION_CODE:DEACTIVATE:SERVER_ERROR"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Response

Response Fields

id integer

Activation code ID.

code string

Activation code value.

created_by integer

ID of the user who created this code.

used_by integer

ID of the user who used this code.

used_at string

Timestamp when the code was used.

active boolean

Whether the code is active.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

creator object

User who created this code.

user object

User who used this code.

Authentication

API endpoints for managing authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/login" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"email\": \"test@example.com\",
    \"password\": \"secretpassword\"
}"

const url = new URL(
    "http://localhost:8000/api/login"
);

const headers = {
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "email": "test@example.com",
    "password": "secretpassword"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (200, OK):


{
    "access_token": "7|x7de9EgE0xiBNLgHU91DHvhj85HVgTG1bekCssIA",
    "expires": "2021-10-25 17:05:25"
}

Example response (403, Too many attempts):


{
    "message": "Login: too many attempts",
    "code": "GENERAL:TOO_MANY_ATTEMPTS"
}

Example response (422, Invalid credentials):


{
    "message": "The given data was invalid.",
    "errors": {
        "email": [
            "Given credentials not found"
        ]
    },
    "code": "AUTH:LOGIN:INVALID_CREDENTIALS"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Register user

Example request:

curl --request POST \
    "http://localhost:8000/api/register" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"region\": \"us\",
    \"name\": \"Tom Smith\",
    \"email\": \"name@domain.com\",
    \"password\": \"Test123!\",
    \"phone\": \"515.440.9548\",
    \"phone_country\": \"US\",
    \"language\": \"en\",
    \"clinic_name\": \"Bogan-Kuhn\",
    \"clinic_location\": \"East Naomi\",
    \"address1\": \"76396 Daniel Lock\",
    \"address2\": \"North Maggieborough, CA 13325-9278\",
    \"mfa_enabled\": true,
    \"mfa_method\": \"email\",
    \"activation_code\": \"1A2B3C\"
}"

const url = new URL(
    "http://localhost:8000/api/register"
);

const headers = {
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "region": "us",
    "name": "Tom Smith",
    "email": "name@domain.com",
    "password": "Test123!",
    "phone": "515.440.9548",
    "phone_country": "US",
    "language": "en",
    "clinic_name": "Bogan-Kuhn",
    "clinic_location": "East Naomi",
    "address1": "76396 Daniel Lock",
    "address2": "North Maggieborough, CA 13325-9278",
    "mfa_enabled": true,
    "mfa_method": "email",
    "activation_code": "1A2B3C"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (201):


{
    "id": 2,
    "mrn": "A9BAK9M41780408467",
    "name": "Dr. Henri Legros",
    "email": "1780408467carson.hill@example.net",
    "language": "en",
    "phone": "1-779-962-7802",
    "phone_country": "PL",
    "phone_verified_at": null,
    "address1": "224 Mann Park Suite 771",
    "address2": "South Trishaberg, KY 13393",
    "postal_code": "22239-7984",
    "city": "Emmerich-Kunze",
    "country": "LV",
    "clinic_name": "Bogisichview",
    "clinic_location": "58892 Eudora Forge Apt. 295\nEast Angel, SC 57136",
    "image": null,
    "mfa_enabled": 0,
    "mfa_method": null,
    "mfa_verified_to": null,
    "location_id": null,
    "created_by": null,
    "active": 1,
    "notifications_timezone": null,
    "notifications_at": null,
    "created_at": "2026-06-02T13:54:27.000000Z",
    "updated_at": "2026-06-02T13:54:27.000000Z",
    "invitation_status": "accepted",
    "acadle_invitation_status": null,
    "roles": [
        {
            "id": 2,
            "name": "ClinicAdmin"
        }
    ]
}

Example response (403, Too many attempts):


{
    "message": "Register: too many attempts",
    "code": "GENERAL:TOO_MANY_ATTEMPTS"
}

Example response (403, E-mail in use (in another region)):


{
    "message": "E-mail address already in use (in another region)",
    "code": "AUTH:REGISTER:EMAIL_IN_USE"
}

Example response (403, Activation code is incorrect):


{
    "message": "Activation code is incorrect",
    "code": "AUTH:REGISTER:INCORRECT_CODE"
}

Example response (500, Server error):


{
    "message": "Server error: user not created",
    "code": "AUTH:REGISTER:SERVER_ERROR"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/register

Headers

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

region string

User region. Example: us

name string

User name. Example: Tom Smith

email string

User e-mail address. MUST_BE_EMAIL. Example: name@domain.com

password string

User password. Example: Test123!

phone string

User phone number. Example: 515.440.9548

phone_country string

Phone number's country (2 characters). SIZE:STRING_LENGTH:2. Example: US

language string

User language. Example: en

clinic_name string optional

Clinic name. Example: Bogan-Kuhn

clinic_location string optional

Clinic location. Example: East Naomi

address1 string optional

Address line 1. Example: 76396 Daniel Lock

address2 string optional

Address line 2. Example: North Maggieborough, CA 13325-9278

mfa_enabled boolean optional true false

MFA enabled. Example: true

mfa_method string optional

MFA method. Example: email

Must be one of:

email
sms

activation_code string

Activation code. SIZE:STRING_LENGTH:6. Example: 1A2B3C

Response

Response Fields

id integer

User ID.

mrn string

Medical Record Number.

name string

User full name.

email string

User email address.

language string

User preferred language.

phone string

User phone number.

phone_country string

Phone country code.

phone_verified_at string

Phone verification date.

address1 string

Address line 1.

address2 string

Address line 2.

postal_code string

Postal code.

city string

City.

country string

Country code (ISO 3166 Alpha-2).

clinic_name string

Clinic name.

clinic_location string

Clinic location.

image string

User profile image URL.

mfa_enabled boolean

Whether MFA is enabled.

mfa_method string

Preferred MFA method.

mfa_verified_to string

MFA session verified until.

location_id integer

Location ID.

created_by integer

ID of the user who created this account.

active boolean

Whether the user account is active.

notifications_timezone string

Timezone for notifications.

notifications_at string

Preferred notification time.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

invitation_status string

User invitation status.

acadle_invitation_status string

Acadle invitation status.

roles object[]

User roles.

id integer

Role ID.

name string

Role name.

permissions object[]

User permissions.

clinicians object[]

Assigned clinicians.

devices object[]

Assigned devices.

patients object[]

Assigned patients.

invitations object[]

User invitations.

Register mobile user

Example request:

curl --request POST \
    "http://localhost:8000/api/mobile/register" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"region\": \"us\",
    \"name\": \"Tom Smith\",
    \"email\": \"name@domain.com\",
    \"password\": \"Test123!\",
    \"language\": \"en\",
    \"terms_accepted\": true
}"

const url = new URL(
    "http://localhost:8000/api/mobile/register"
);

const headers = {
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "region": "us",
    "name": "Tom Smith",
    "email": "name@domain.com",
    "password": "Test123!",
    "language": "en",
    "terms_accepted": true
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (201):


{
    "id": 3,
    "mrn": "RNQKT2XQ1780408468",
    "name": "Zander Douglas MD",
    "email": "1780408468morar.katrine@example.net",
    "language": "en",
    "phone": "+1-539-650-9863",
    "phone_country": "TO",
    "phone_verified_at": null,
    "address1": "91559 Hassie Terrace Suite 099",
    "address2": "Marksport, LA 45200",
    "postal_code": "70195-4441",
    "city": "Koch, Buckridge and Lebsack",
    "country": "UA",
    "clinic_name": "Zoiebury",
    "clinic_location": "8343 Zita Grove Apt. 758\nWest Oda, GA 79167",
    "image": null,
    "mfa_enabled": 0,
    "mfa_method": null,
    "mfa_verified_to": null,
    "location_id": null,
    "created_by": null,
    "active": 1,
    "notifications_timezone": null,
    "notifications_at": null,
    "created_at": "2026-06-02T13:54:28.000000Z",
    "updated_at": "2026-06-02T13:54:28.000000Z",
    "invitation_status": "accepted",
    "acadle_invitation_status": null,
    "roles": [
        {
            "id": 2,
            "name": "ClinicAdmin"
        }
    ]
}

Example response (403, Too many attempts):


{
    "message": "Register: too many attempts",
    "code": "GENERAL:TOO_MANY_ATTEMPTS"
}

Example response (403, E-mail in use (in another region)):


{
    "message": "E-mail address already in use (in another region)",
    "code": "AUTH:MOBILE_REGISTER:EMAIL_IN_USE"
}

Example response (500, Server error):


{
    "message": "Server error: user not created",
    "code": "AUTH:MOBILE_REGISTER:SERVER_ERROR"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/mobile/register

Headers

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

region string

User region. Example: us

name string

User name. Example: Tom Smith

email string

User e-mail address. MUST_BE_EMAIL. Example: name@domain.com

password string

User password. Example: Test123!

language string optional

User language. Example: en

terms_accepted boolean true false

User accepted terms. Must be accepted. Example: true

Response

Response Fields

id integer

User ID.

mrn string

Medical Record Number.

name string

User full name.

email string

User email address.

language string

User preferred language.

phone string

User phone number.

phone_country string

Phone country code.

phone_verified_at string

Phone verification date.

address1 string

Address line 1.

address2 string

Address line 2.

postal_code string

Postal code.

city string

City.

country string

Country code (ISO 3166 Alpha-2).

clinic_name string

Clinic name.

clinic_location string

Clinic location.

image string

User profile image URL.

mfa_enabled boolean

Whether MFA is enabled.

mfa_method string

Preferred MFA method.

mfa_verified_to string

MFA session verified until.

location_id integer

Location ID.

created_by integer

ID of the user who created this account.

active boolean

Whether the user account is active.

notifications_timezone string

Timezone for notifications.

notifications_at string

Preferred notification time.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

invitation_status string

User invitation status.

acadle_invitation_status string

Acadle invitation status.

roles object[]

User roles.

id integer

Role ID.

name string

Role name.

permissions object[]

User permissions.

clinicians object[]

Assigned clinicians.

devices object[]

Assigned devices.

patients object[]

Assigned patients.

invitations object[]

User invitations.

Request password reset

Request sending password reset email message with token that allows to change the password

Example request:

curl --request POST \
    "http://localhost:8000/api/password/reset" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"email\": \"test@example.com\"
}"

const url = new URL(
    "http://localhost:8000/api/password/reset"
);

const headers = {
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "email": "test@example.com"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (200, OK):


{
    "code": "passwords.sent",
    "message": "Reset password link successfully sent"
}

Example response (400, Throttled request):


{
    "code": "passwords.throttled",
    "message": "You have requested password reset recently"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Verify password reset token

Check if token is valid before using it to reset password

Example request:

curl --request POST \
    "http://localhost:8000/api/password/reset/verify" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"token\": \"158bed12188492617e43ecfcca43f5990b3f5f0383b5083247389482b70af019\",
    \"email\": \"test@example.com\"
}"

const url = new URL(
    "http://localhost:8000/api/password/reset/verify"
);

const headers = {
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "token": "158bed12188492617e43ecfcca43f5990b3f5f0383b5083247389482b70af019",
    "email": "test@example.com"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (200, OK):


{
    "message": "Valid token",
    "code": "AUTH:PASSWORD_RESET_VERIFY:VALID_TOKEN"
}

Example response (400, Invalid token):


{
    "message": "Invalid token",
    "code": "AUTH:PASSWORD_RESET_VERIFY:INVALID_TOKEN"
}

Example response (404, User not found):


{
    "message": "User not found",
    "code": "AUTH:PASSWORD_RESET_VERIFY:USER_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Change password with token

Change user password using password reset token sent to email address

Example request:

curl --request POST \
    "http://localhost:8000/api/password/reset/change" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"token\": \"158bed12188492617e43ecfcca43f5990b3f5f0383b5083247389482b70af019\",
    \"email\": \"test@example.com\",
    \"password\": \"secretpassword\"
}"

const url = new URL(
    "http://localhost:8000/api/password/reset/change"
);

const headers = {
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "token": "158bed12188492617e43ecfcca43f5990b3f5f0383b5083247389482b70af019",
    "email": "test@example.com",
    "password": "secretpassword"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (200, OK):


{
    "code": "passwords.reset",
    "message": "Password changed successfully"
}

Example response (400, Invalid token):


{
    "code": "passwords.token",
    "message": "Invalid token"
}

Example response (404, User not found):


{
    "code": "passwords.user",
    "message": "User not found"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/password/reset/change

Headers

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

token string

Password reset token. Example: 158bed12188492617e43ecfcca43f5990b3f5f0383b5083247389482b70af019

email string

User email. MUST_BE_EMAIL. Example: test@example.com

password string

User new password. Example: secretpassword

Logout current device

requires authentication

Logout and delete current access token

Example request:

curl --request POST \
    "http://localhost:8000/api/logout" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/logout"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "POST",
    headers,
}).then(response => response.json());

Example response (202):

[]

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Logout everywhere

requires authentication

Logout and delete all access tokens owned by account

Example request:

curl --request POST \
    "http://localhost:8000/api/logout/everywhere" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/logout/everywhere"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "POST",
    headers,
}).then(response => response.json());

Example response (202):

[]

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Refresh access token

requires authentication

Refresh the new access token from the expiring token

Example request:

curl --request POST \
    "http://localhost:8000/api/token/refresh" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/token/refresh"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "POST",
    headers,
}).then(response => response.json());

Example response (200, OK):


{
    "access_token": "7|x7de9EgE0xiBNLgHU91DHvhj85HVgTG1bekCssIA",
    "expires": "2021-10-25 17:05:25"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Check MFA status

requires authentication

Check any of available MFA methods. Supported methods: email, sms, otp.

Example request:

curl --request GET \
    --get "http://localhost:8000/api/mfa/status" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/mfa/status"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200, OK):


{
    "enabled": 1,
    "method": "email",
    "phone": 1,
    "otp": 1
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Response

Response Fields

enabled string

Determines if user enabled MFA

method string

Preferred MFA method

phone string

Determines if user has verified phone number and sms channel could be used

otp string

Determines if user has setup OTP with authenticator application

Use recovery code

requires authentication

Use generated recovery code in order to access account in case when other MFA methods couldn't be used. This method only checks if code is valid, implement account access scenario on your own. Sent code is removed and couldn't be used anymore. If remaining_codes counter equals zero, generate a new set.

Example request:

curl --request POST \
    "http://localhost:8000/api/mfa/recovery-code" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"code\": \"ZZASRM6S\"
}"

const url = new URL(
    "http://localhost:8000/api/mfa/recovery-code"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "code": "ZZASRM6S"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (200, OK):


{
    "access_token": "7|x7de9EgE0xiBNLgHU91DHvhj85HVgTG1bekCssIA",
    "expires": "2021-10-25 17:05:25",
    "remaining_codes": 9
}

Example response (401, Invalid code):


{
    "message": "Invalid code",
    "code": "AUTH:USE_RECOVERY_CODE:INVALID_CODE"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Send MFA code

requires authentication

Send multi-factor authentication code via selected channel. Code is valid for 15 minutes.

Example request:

curl --request POST \
    "http://localhost:8000/api/mfa/send" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"channel\": \"email\"
}"

const url = new URL(
    "http://localhost:8000/api/mfa/send"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "channel": "email"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (200, OK):


{
    "message": "Code sent",
    "code": "AUTH:SEND_MFA:SENT"
}

Example response (400, Channel SMS, phone number not verified):


{
    "message": "Phone number is not verified",
    "code": "AUTH:SEND_MFA:PHONE_NUMBER_NOT_VERIFIED"
}

Example response (500, Channel SMS, provider problem):


{
    "message": "Code sending failed",
    "code": "AUTH:SEND_MFA:SERVER_ERROR"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Verify MFA code

requires authentication

Verify multi-factor code obtained from selected channel.

Example request:

curl --request POST \
    "http://localhost:8000/api/mfa/verify" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"channel\": \"email\",
    \"remember_mfa_session\": true,
    \"code\": \"445566\",
    \"machine_key\": \"35282880-244a-4328-9435-2aaf432f3619\"
}"

const url = new URL(
    "http://localhost:8000/api/mfa/verify"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "channel": "email",
    "remember_mfa_session": true,
    "code": "445566",
    "machine_key": "35282880-244a-4328-9435-2aaf432f3619"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (200, OK, token auth):


{
    "access_token": "7|x7de9EgE0xiBNLgHU91DHvhj85HVgTG1bekCssIA",
    "expires": "2021-10-25 17:05:25",
    "mfa_token": "fd63e55c-2a67-44b2-95b9-a771778e9971",
    "mfa_expires": "2023-04-25 21:00:00"
}

Example response (200, OK, cookie auth):


{
    "message": "OK",
    "mfa_token": "fd63e55c-2a67-44b2-95b9-a771778e9971",
    "mfa_expires": "2023-04-25 21:00:00"
}

Example response (401, Invalid code):


{
    "message": "Invalid code",
    "code": "AUTH:VERIFY_MFA:INVALID_CODE"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/mfa/verify

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

channel string

Authentication channel. Example: email

Must be one of:

email
sms

remember_mfa_session boolean optional true false

Do not require MFA code. By default, for 30 days. Example: true

code string

Authentication code. Example: 445566

machine_key string optional

Unique machine identifier. Example: 35282880-244a-4328-9435-2aaf432f3619

Verify phone number

requires authentication

Verify phone number with text message

Example request:

curl --request POST \
    "http://localhost:8000/api/mfa/phone/verify" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"code\": \"445566\"
}"

const url = new URL(
    "http://localhost:8000/api/mfa/phone/verify"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "code": "445566"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (200, OK):


{
    "message": "Phone number verified",
    "code": "AUTH:VERIFY_PHONE:VERIFIED"
}

Example response (401, Invalid code):


{
    "message": "Invalid code",
    "code": "AUTH:VERIFY_PHONE:INVALID_CODE"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Verify MFA OTP

requires authentication

Verify one-time password (OTP). If verification is successful, new access token with additional permissions will be generated.

Example request:

curl --request POST \
    "http://localhost:8000/api/mfa/otp/verify" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"code\": \"445566\"
}"

const url = new URL(
    "http://localhost:8000/api/mfa/otp/verify"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "code": "445566"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (200, OK, token auth):


{
    "access_token": "7|x7de9EgE0xiBNLgHU91DHvhj85HVgTG1bekCssIA",
    "expires": "2021-10-25 17:05:25"
}

Example response (200, OK, cookie auth):


{
    "message": "OK"
}

Example response (401, Invalid code):


{
    "message": "Invalid code",
    "code": "AUTH:VERIFY_MFA_OTP:INVALID_CODE"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Change password

requires authentication

Change authenticated user password

Example request:

curl --request POST \
    "http://localhost:8000/api/password/change" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"old_password\": \"oldpassword\",
    \"new_password\": \"newpassword\"
}"

const url = new URL(
    "http://localhost:8000/api/password/change"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "old_password": "oldpassword",
    "new_password": "newpassword"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (200, OK):


{
    "message": "Password changed successfully",
    "code": "AUTH:PASSWORD_CHANGE:CHANGED"
}

Example response (422, Invalid old password):


{
    "message": "The given data was invalid.",
    "errors": {
        "old_password": [
            "Old password is incorrect"
        ]
    },
    "code": "AUTH:PASSWORD_CHANGE:INVALID_OLD_PASSWORD"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/password/change

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

old_password string

User old password. Example: oldpassword

new_password string

User new password. Example: newpassword

Set MFA status

requires authentication

Set MFA status and preferred method. Supported methods: email, sms, otp.

Example request:

curl --request POST \
    "http://localhost:8000/api/mfa/status" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"enabled\": true,
    \"method\": \"email\"
}"

const url = new URL(
    "http://localhost:8000/api/mfa/status"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "enabled": true,
    "method": "email"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (200, OK):


{
    "enabled": 1,
    "method": "email",
    "phone": 1,
    "otp": 1
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/mfa/status

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

enabled boolean optional true false

Use MFA after login. Example: true

method string optional

Preferred MFA method. Example: email

Must be one of:

email
sms
otp

Generate recovery codes

requires authentication

Generate recovery codes for authenticated user and revoke old ones. User could use these codes in case when couldn't use any of MFA methods (e.g. lost device with OTP app or device is not accessible right now).

Example request:

curl --request GET \
    --get "http://localhost:8000/api/mfa/recovery-codes" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/mfa/recovery-codes"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200, OK):


{
    "recovery_codes": [
        "A3H8PF8P",
        "IZ8CGK2H",
        "DTYENLLT",
        "0RKEZFST",
        "9MPW91BS",
        "S38Z6HS6",
        "UF5ATOKP",
        "HSZXP8EL",
        "ZZASRM6S",
        "07GR4CD1"
    ]
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Setup MFA OTP

requires authentication

Setup multi-factor authentication with one-time passwords (OTP). Use secret on your own or generate QR code with given url. Then user could scan QR code with authentication app (e.g. Microsoft Authenticator, Authy). If secret has been already generated, new secret will override existing one and revoke previous setup.

Example request:

curl --request POST \
    "http://localhost:8000/api/mfa/otp/setup" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/mfa/otp/setup"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "POST",
    headers,
}).then(response => response.json());

Example response (200, OK):


{
    "secret": "VXGJ6JMIAWWDFXYDLKO3VG3RSGTS34BGMVTGQIEHMVVMJ2JBGCSNPQZDV4B6OMDIGI4UKCVCVKVMA7EASLHZEJWW4ZNKLAUTSZYN7EA",
    "url": "otpauth://totp/AetherDigitalTherapy?issuer=AetherDigitalTherapy&secret=VXGJ6JMIAWWDFXYDLKO3VG3RSGTS34BGMVTGQIEHMVVMJ2JBGCSNPQZDV4B6OMDIGI4UKCVCVKVMA7EASLHZEJWW4ZNKLAUTSZYN7EA",
    "recovery_codes": [
        "A3H8PF8P",
        "IZ8CGK2H",
        "DTYENLLT",
        "0RKEZFST",
        "9MPW91BS",
        "S38Z6HS6",
        "UF5ATOKP",
        "HSZXP8EL",
        "ZZASRM6S",
        "07GR4CD1"
    ]
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Login user (SPA)

Authorize user and create cookie-based session. Hit GET /sanctum/csrf-cookie endpoint to retrieve XSRF-TOKEN cookie. Then attach X-XSRF-TOKEN HTTP header to any request to authorize. See more: Laravel Sanctum documentation

Example request:

curl --request POST \
    "http://localhost:8000/login" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"email\": \"test@example.com\",
    \"password\": \"secretpassword\"
}"

const url = new URL(
    "http://localhost:8000/login"
);

const headers = {
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "email": "test@example.com",
    "password": "secretpassword"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (200):


{
    "id": 326,
    "mrn": "9JANAM2H1780408617",
    "name": "Darrion Schimmel DVM",
    "email": "1780408617buford76@example.com",
    "language": "en",
    "phone": "+1-985-952-2478",
    "phone_country": "LB",
    "phone_verified_at": null,
    "address1": "5390 Herman Forest Apt. 769",
    "address2": "New Jordystad, KS 18920-5330",
    "postal_code": "67877",
    "city": "Koch, Erdman and Donnelly",
    "country": "EE",
    "clinic_name": "Williamsonville",
    "clinic_location": "39639 Bartell Turnpike Suite 414\nDarrenstad, GA 07321-2543",
    "image": null,
    "mfa_enabled": 0,
    "mfa_method": null,
    "mfa_verified_to": null,
    "location_id": null,
    "created_by": null,
    "active": 1,
    "notifications_timezone": null,
    "notifications_at": null,
    "created_at": "2026-06-02T13:56:57.000000Z",
    "updated_at": "2026-06-02T13:56:57.000000Z",
    "invitation_status": null,
    "acadle_invitation_status": null,
    "roles": []
}

Example response (403, Too many attempts):


{
    "message": "Login: too many attempts",
    "code": "GENERAL:TOO_MANY_ATTEMPTS"
}

Example response (422, Invalid credentials):


{
    "message": "The given data was invalid.",
    "errors": {
        "email": [
            "Given credentials not found"
        ]
    },
    "code": "AUTH:LOGIN_COOKIE:INVALID_CREDENTIALS"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Response

Response Fields

id integer

User ID.

mrn string

Medical Record Number.

name string

User full name.

email string

User email address.

language string

User preferred language.

phone string

User phone number.

phone_country string

Phone country code.

phone_verified_at string

Phone verification date.

address1 string

Address line 1.

address2 string

Address line 2.

postal_code string

Postal code.

city string

City.

country string

Country code (ISO 3166 Alpha-2).

clinic_name string

Clinic name.

clinic_location string

Clinic location.

image string

User profile image URL.

mfa_enabled boolean

Whether MFA is enabled.

mfa_method string

Preferred MFA method.

mfa_verified_to string

MFA session verified until.

location_id integer

Location ID.

created_by integer

ID of the user who created this account.

active boolean

Whether the user account is active.

notifications_timezone string

Timezone for notifications.

notifications_at string

Preferred notification time.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

invitation_status string

User invitation status.

acadle_invitation_status string

Acadle invitation status.

roles object[]

User roles.

id integer

Role ID.

name string

Role name.

permissions object[]

User permissions.

clinicians object[]

Assigned clinicians.

devices object[]

Assigned devices.

patients object[]

Assigned patients.

invitations object[]

User invitations.

Chat

API endpoints for chat management

Authorize a user

requires authentication

This method authorizes a user using Ably service. Endpoint used only by Ably SDK

Check more details on https://ably.com/docs/auth/token

Example request:

curl --request GET \
    --get "http://localhost:8000/api/chat/authorize-user" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/chat/authorize-user"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (401):

Show headers

cache-control: no-cache, private
content-type: application/json
vary: Origin


{
    "message": "api.responses.general.unauthenticated",
    "code": "GENERAL:UNAUTHENTICATED"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

List all chat rooms

requires authentication

This method retrieves all chat rooms. Possible extend options:

participants - user assigned to chat room
participants.roles - roles assigned to chat participants
owner - the clinician assigned to patient
patient - the patient for whom the chat was created
messages - the messages related to chat room
messages.author - the author of message/li>

Example request:

curl --request GET \
    --get "http://localhost:8000/api/chat/rooms" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/chat/rooms"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 1,
            "owner": null,
            "patient_id": null,
            "encryption_key": "t7gHXwcuYruaZu1oNZkTPMfMZ/UgcITIDWJ9uU3ZrUg=",
            "name": "facilis",
            "friendly_name": "facilis",
            "created_at": "2026-06-02T13:56:38.000000Z",
            "deleted_at": null,
            "updated_at": "2026-06-02T13:56:38.000000Z"
        },
        {
            "id": 2,
            "owner": null,
            "patient_id": null,
            "encryption_key": "3TpHchvKHN3KGit5vNq+zO+nCIPaociCd4JBtBCzpgI=",
            "name": "voluptas",
            "friendly_name": "voluptas",
            "created_at": "2026-06-02T13:56:38.000000Z",
            "deleted_at": null,
            "updated_at": "2026-06-02T13:56:38.000000Z"
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to list chat room",
    "code": "CHAT:LIST_ROOMS:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/chat/rooms

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Query Parameters

perpage integer optional

Elements per page (Default: 20).

page integer optional

Page number (Default: 1).

Response

Response Fields

items object

id integer

Chat room ID.

name string

Chat room name (channel SID).

friendly_name string

Human-readable chat room name.

owner integer

User ID of the room owner.

patient_id integer

Associated patient user ID.

encryption_key string

Encryption key for the chat room.

deleted_at string

Soft delete timestamp.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

messages object[]

Chat room messages.

last_message object

Last message in the chat room.

paginator object

total integer

Total number of items.

count integer

Number of items on current page.

perpage integer

Items per page.

current_page integer

Current page number.

last_page integer

Last page number.

Retrieve a chat room

requires authentication

This method retrieves a single chat room identified by roomId. Possible extend options:

participants - user assigned to chat room
owner - the clinician assigned to patient
patient - the patient for whom the chat was created
messages - the messages related to chat room
messages.author - the author of message/li>

Example request:

curl --request GET \
    --get "http://localhost:8000/api/chat/room/ad" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/chat/room/ad"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "id": 3,
    "owner": null,
    "patient_id": null,
    "encryption_key": "RyfFo8ftni5QFh6SDKpkKSJ9aNYV9/10JGOyTCBPovA=",
    "name": "consectetur",
    "friendly_name": "consectetur",
    "created_at": "2026-06-02T13:56:38.000000Z",
    "deleted_at": null,
    "updated_at": "2026-06-02T13:56:38.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to view chat room",
    "code": "CHAT:GET_ROOM:INSUFFICIENT_PERMISSION"
}

Example response (404, Chat room not found):


{
    "message": "Chat room not found",
    "code": "CHAT:GET_ROOM:ROOM_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Response

Response Fields

id integer

Chat room ID.

name string

Chat room name (channel SID).

friendly_name string

Human-readable chat room name.

owner integer

User ID of the room owner.

patient_id integer

Associated patient user ID.

encryption_key string

Encryption key for the chat room.

deleted_at string

Soft delete timestamp.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

messages object[]

Chat room messages.

last_message object

Last message in the chat room.

Create a new chat room

requires authentication

This method creates a new chat room using the authenticated user's ID, a name for the room, and a list of participants.

    The list of participants should contain the IDs of the users who will be participants in the room.

Example request:

curl --request POST \
    "http://localhost:8000/api/chat/room" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"owner\": 1,
    \"name\": \"my-chat\",
    \"patient_id\": 1,
    \"participants\": [
        \"1\"
    ]
}"

const url = new URL(
    "http://localhost:8000/api/chat/room"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "owner": 1,
    "name": "my-chat",
    "patient_id": 1,
    "participants": [
        "1"
    ]
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (201):


{
    "id": 4,
    "owner": null,
    "patient_id": null,
    "encryption_key": "rCwNdpYPfG7co/vSCTImIuDaJrSWbg4/GC2SNXn7kCk=",
    "name": "in",
    "friendly_name": "in",
    "created_at": "2026-06-02T13:56:38.000000Z",
    "deleted_at": null,
    "updated_at": "2026-06-02T13:56:38.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to view chat room",
    "code": "CHAT:CREATE:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/chat/room

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

owner string

The id of an existing record in the App\Models\User table. Example: 1

name string

Name of chat room. MAXIMUM:STRING_LENGTH:255. Example: my-chat

patient_id string

The id of an existing record in the App\Models\User table. Example: 1

participants string[] optional

Chat room participant. The id of an existing record in the App\Models\User table.

Response

Response Fields

id integer

Chat room ID.

name string

Chat room name (channel SID).

friendly_name string

Human-readable chat room name.

owner integer

User ID of the room owner.

patient_id integer

Associated patient user ID.

encryption_key string

Encryption key for the chat room.

deleted_at string

Soft delete timestamp.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

messages object[]

Chat room messages.

last_message object

Last message in the chat room.

Update an existing chat room

requires authentication

This method updates an existing chat room using the authenticated user's ID, a new name for the room, and a list of participants.

    The list of participants should contain the IDs of the users who will be participants in the room.

Example request:

curl --request PUT \
    "http://localhost:8000/api/chat/room/minima" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"owner\": 1,
    \"name\": \"my-chat\",
    \"participants\": [
        \"1\"
    ],
    \"participants_del\": [
        \"1\"
    ]
}"

const url = new URL(
    "http://localhost:8000/api/chat/room/minima"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "owner": 1,
    "name": "my-chat",
    "participants": [
        "1"
    ],
    "participants_del": [
        "1"
    ]
};

fetch(url, {
    method: "PUT",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (202):


{
    "id": 5,
    "owner": null,
    "patient_id": null,
    "encryption_key": "WELEkjti1HyVldLm9NIxnmyuyyebraKnnmackHkWyXw=",
    "name": "cumque",
    "friendly_name": "cumque",
    "created_at": "2026-06-02T13:56:38.000000Z",
    "deleted_at": null,
    "updated_at": "2026-06-02T13:56:38.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to update chat room",
    "code": "CHAT:UPDATE:INSUFFICIENT_PERMISSION"
}

Example response (404, Chat room not found):


{
    "message": "Chat room not found",
    "code": "CHAT:UPDATE:ROOM_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

PUT api/chat/room/{id}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

id string

The ID of the room. Example: minima

Body Parameters

owner string optional

The id of an existing record in the App\Models\User table. Example: 1

name string optional

Name of chat room. MAXIMUM:STRING_LENGTH:255. Example: my-chat

participants string[] optional

Chat room participant. The id of an existing record in the App\Models\User table.

participants_del string[] optional

Chat room participant to be deleted. The id of an existing record in the App\Models\User table.

Response

Response Fields

id integer

Chat room ID.

name string

Chat room name (channel SID).

friendly_name string

Human-readable chat room name.

owner integer

User ID of the room owner.

patient_id integer

Associated patient user ID.

encryption_key string

Encryption key for the chat room.

deleted_at string

Soft delete timestamp.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

messages object[]

Chat room messages.

last_message object

Last message in the chat room.

Chat room archives

requires authentication

Get archived messages for room Possible extend options:

author - this field represent user who send message

Example request:

curl --request GET \
    --get "http://localhost:8000/api/chat/room/nulla/archive" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/chat/room/nulla/archive"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200, OK):


{
    "paginator": {
        "total": 1,
        "count": 1,
        "perpage": 5,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": "651a8e4868d5dc27c0000cc2",
            "channel": "chat.messages.room.44.56bf7d37-4ed6-4db4-947b-d68a1066677c.communication-channel",
            "clientId": "95",
            "msgId": "b8673175-01e6-4b6d-9032-226d3df20637",
            "data": "{\"encryptedMessage\":{\"message\":\"z6z1zNihCjlEePltz+BG8g==\",\"initialVector\":\"7376fcbf0b32fbdcd5c5b62c087b7600\"},\"user\":{\"id\":95,\"name\":\"Bartosz Druga firmaa\",\"email\":\"bartosz+drugafirma@refericon.pl\",\"image\":\"https://aether-dev-bucket.s3.amazonaws.com/users/7T6im01PAj4cahksWHllrL7se2SQ9buquIjGGFtp.jpg\",\"permissions\":[],\"roles\":[{\"id\":2,\"name\":\"Clinician\"}]},\"msgId\":\"b8673175-01e6-4b6d-9032-226d3df20637\",\"recipients\":[{\"delivered\":true,\"msgId\":\"b8673175-01e6-4b6d-9032-226d3df20637\",\"seen\":false,\"clientId\":\"95\"},{\"delivered\":true,\"msgId\":\"b8673175-01e6-4b6d-9032-226d3df20637\",\"seen\":false,\"clientId\":\"44\"},{\"delivered\":true,\"msgId\":\"b8673175-01e6-4b6d-9032-226d3df20637\",\"seen\":false,\"clientId\":\"1250\"},{\"delivered\":true,\"msgId\":\"b8673175-01e6-4b6d-9032-226d3df20637\",\"seen\":false,\"clientId\":\"3067\"}]}",
            "name": "message",
            "recipients": [
                {
                    "delivered": true,
                    "msgId": "b8673175-01e6-4b6d-9032-226d3df20637",
                    "seen": true,
                    "clientId": "95"
                },
                {
                    "delivered": true,
                    "msgId": "b8673175-01e6-4b6d-9032-226d3df20637",
                    "seen": false,
                    "clientId": "44"
                },
                {
                    "delivered": true,
                    "msgId": "b8673175-01e6-4b6d-9032-226d3df20637",
                    "seen": false,
                    "clientId": "1250"
                },
                {
                    "delivered": true,
                    "msgId": "b8673175-01e6-4b6d-9032-226d3df20637",
                    "seen": false,
                    "clientId": "3067"
                }
            ],
            "timestamp": 1696239176715,
            "created_at": "2023-10-02 09:32:56"
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to view archived messages",
    "code": "CHAT:GET_ARCHIVES:INSUFFICIENT_PERMISSION"
}

Example response (404, Chat room not found):


{
    "message": "Chat room not found",
    "code": "CHAT:GET_ARCHIVES:ROOM_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/chat/room/{id}/archive

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

id string

The ID of the room. Example: nulla

Query Parameters

perpage integer optional

Elements per page (Default: 20).

page integer optional

Page number (Default: 1).

extend string optional

Comma-separated list of relation extensions (available: author).

sortby string optional

Sort by field (available: timestamp). Default: timestamp, desc.

sortdir string optional

Sort direction (available: asc, desc).

Unread messages

requires authentication

Get unread messaged for chat room. Possible extend options:

author - this field represent user who send message

Example request:

curl --request GET \
    --get "http://localhost:8000/api/chat/messages/unread?room=8" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/chat/messages/unread"
);

const params = {
    "room": "8",
};
Object.keys(params)
    .forEach(key => url.searchParams.append(key, params[key]));

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200, OK):


{
    "paginator": {
        "total": 1,
        "count": 1,
        "perpage": 5,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": "651a8e4868d5dc27c0000cc2",
            "channel": "chat.messages.room.44.56bf7d37-4ed6-4db4-947b-d68a1066677c.communication-channel",
            "clientId": "95",
            "msgId": "b8673175-01e6-4b6d-9032-226d3df20637",
            "data": "{\"encryptedMessage\":{\"message\":\"z6z1zNihCjlEePltz+BG8g==\",\"initialVector\":\"7376fcbf0b32fbdcd5c5b62c087b7600\"},\"user\":{\"id\":95,\"name\":\"Bartosz Druga firmaa\",\"email\":\"bartosz+drugafirma@refericon.pl\",\"image\":\"https://aether-dev-bucket.s3.amazonaws.com/users/7T6im01PAj4cahksWHllrL7se2SQ9buquIjGGFtp.jpg\",\"permissions\":[],\"roles\":[{\"id\":2,\"name\":\"Clinician\"}]},\"msgId\":\"b8673175-01e6-4b6d-9032-226d3df20637\",\"recipients\":[{\"delivered\":true,\"msgId\":\"b8673175-01e6-4b6d-9032-226d3df20637\",\"seen\":false,\"clientId\":\"95\"},{\"delivered\":true,\"msgId\":\"b8673175-01e6-4b6d-9032-226d3df20637\",\"seen\":false,\"clientId\":\"44\"},{\"delivered\":true,\"msgId\":\"b8673175-01e6-4b6d-9032-226d3df20637\",\"seen\":false,\"clientId\":\"1250\"},{\"delivered\":true,\"msgId\":\"b8673175-01e6-4b6d-9032-226d3df20637\",\"seen\":false,\"clientId\":\"3067\"}]}",
            "name": "message",
            "recipients": [
                {
                    "delivered": true,
                    "msgId": "b8673175-01e6-4b6d-9032-226d3df20637",
                    "seen": true,
                    "clientId": "95"
                },
                {
                    "delivered": true,
                    "msgId": "b8673175-01e6-4b6d-9032-226d3df20637",
                    "seen": false,
                    "clientId": "44"
                },
                {
                    "delivered": true,
                    "msgId": "b8673175-01e6-4b6d-9032-226d3df20637",
                    "seen": false,
                    "clientId": "1250"
                },
                {
                    "delivered": true,
                    "msgId": "b8673175-01e6-4b6d-9032-226d3df20637",
                    "seen": false,
                    "clientId": "3067"
                }
            ],
            "timestamp": 1696239176715,
            "created_at": "2023-10-02 09:32:56"
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to view unread messages list",
    "code": "CHAT:UNREAD_MESSAGES:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/chat/messages/unread

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Query Parameters

room integer optional

Filter unread messages by room. Provide single ID (room=1), array of IDs (room[]=1&room[]=2) or comma-separated list of IDs (room=1,2). Example: 8

perpage integer optional

Elements per page (Default: 20).

page integer optional

Page number (Default: 1).

Delete chat message

requires authentication

Example request:

curl --request DELETE \
    "http://localhost:8000/api/chat/messages/10?msgId=cum" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/chat/messages/10"
);

const params = {
    "msgId": "cum",
};
Object.keys(params)
    .forEach(key => url.searchParams.append(key, params[key]));

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "DELETE",
    headers,
}).then(response => response.json());

Example response (202, OK):


{
    "paginator": {
        "total": 1,
        "count": 1,
        "perpage": 5,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": "651a8e4868d5dc27c0000cc2",
            "channel": "chat.messages.room.44.56bf7d37-4ed6-4db4-947b-d68a1066677c.communication-channel",
            "clientId": "95",
            "msgId": "b8673175-01e6-4b6d-9032-226d3df20637",
            "data": "{\"encryptedMessage\":{\"message\":\"z6z1zNihCjlEePltz+BG8g==\",\"initialVector\":\"7376fcbf0b32fbdcd5c5b62c087b7600\"},\"user\":{\"id\":95,\"name\":\"Bartosz Druga firmaa\",\"email\":\"bartosz+drugafirma@refericon.pl\",\"image\":\"https://aether-dev-bucket.s3.amazonaws.com/users/7T6im01PAj4cahksWHllrL7se2SQ9buquIjGGFtp.jpg\",\"permissions\":[],\"roles\":[{\"id\":2,\"name\":\"Clinician\"}]},\"msgId\":\"b8673175-01e6-4b6d-9032-226d3df20637\",\"recipients\":[{\"delivered\":true,\"msgId\":\"b8673175-01e6-4b6d-9032-226d3df20637\",\"seen\":false,\"clientId\":\"95\"},{\"delivered\":true,\"msgId\":\"b8673175-01e6-4b6d-9032-226d3df20637\",\"seen\":false,\"clientId\":\"44\"},{\"delivered\":true,\"msgId\":\"b8673175-01e6-4b6d-9032-226d3df20637\",\"seen\":false,\"clientId\":\"1250\"},{\"delivered\":true,\"msgId\":\"b8673175-01e6-4b6d-9032-226d3df20637\",\"seen\":false,\"clientId\":\"3067\"}]}",
            "name": "message",
            "recipients": [
                {
                    "delivered": true,
                    "msgId": "b8673175-01e6-4b6d-9032-226d3df20637",
                    "seen": true,
                    "clientId": "95"
                },
                {
                    "delivered": true,
                    "msgId": "b8673175-01e6-4b6d-9032-226d3df20637",
                    "seen": false,
                    "clientId": "44"
                },
                {
                    "delivered": true,
                    "msgId": "b8673175-01e6-4b6d-9032-226d3df20637",
                    "seen": false,
                    "clientId": "1250"
                },
                {
                    "delivered": true,
                    "msgId": "b8673175-01e6-4b6d-9032-226d3df20637",
                    "seen": false,
                    "clientId": "3067"
                }
            ],
            "timestamp": 1696239176715,
            "created_at": "2023-10-02 09:32:56"
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to delete message",
    "code": "CHAT:DELETE_MESSAGE:INSUFFICIENT_PERMISSION"
}

Example response (404, Message not found):


{
    "message": "Chat message not found",
    "code": "CHAT:DELETE_MESSAGE:MESSAGE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

DELETE api/chat/messages/{msgId}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

msgId integer

Example: 10

Query Parameters

msgId string

Message ID. Example: cum

Get tickets list for chat room

requires authentication

Possible extend options:

sender - the user who created ticket
recipient - the user who was ticket recipient
messages - message allocated to ticket
messages.attachments - list of attachments assigned to message and ticket
messages.sender - the user who wrote the message

Example request:

curl --request GET \
    --get "http://localhost:8000/api/chat/tickets/at?status=nisi&sender=8&recipient=11" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/chat/tickets/at"
);

const params = {
    "status": "nisi",
    "sender": "8",
    "recipient": "11",
};
Object.keys(params)
    .forEach(key => url.searchParams.append(key, params[key]));

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 87,
            "sender_id": 288,
            "recipient_id": 289,
            "device_id": null,
            "meeting_date": "2026-06-02 13:56:38",
            "meeting_type": "online_meeting",
            "contact_email": "mcclure.angel@hotmail.com",
            "status": "new",
            "created_at": "2026-06-02T13:56:39.000000Z",
            "updated_at": "2026-06-02T13:56:39.000000Z",
            "sender": {
                "id": 288,
                "mrn": "Y48U8F8Q1780408598",
                "name": "Dr. Alysson Heller III",
                "email": "1780408598roconnell@example.org",
                "language": "en",
                "phone": "415.500.9323",
                "phone_country": "SH",
                "phone_verified_at": null,
                "address1": "182 Trycia Circle",
                "address2": "South Janville, IN 40204-9601",
                "postal_code": "80967",
                "city": "Torphy Group",
                "country": "LT",
                "clinic_name": "West Ophelia",
                "clinic_location": "44421 Little Circle Apt. 396\nNorth Cedrickburgh, KS 32174",
                "image": null,
                "mfa_enabled": 0,
                "mfa_method": null,
                "mfa_verified_to": null,
                "location_id": null,
                "created_by": null,
                "active": 1,
                "notifications_timezone": null,
                "notifications_at": null,
                "created_at": "2026-06-02T13:56:38.000000Z",
                "updated_at": "2026-06-02T13:56:38.000000Z",
                "invitation_status": null,
                "acadle_invitation_status": null,
                "roles": []
            },
            "recipient": {
                "id": 289,
                "mrn": "RQFVPZZC1780408598",
                "name": "Elmo Harber I",
                "email": "1780408598lesly61@example.com",
                "language": "en",
                "phone": "(678) 357-3174",
                "phone_country": "EH",
                "phone_verified_at": null,
                "address1": "209 Lue Villages Suite 498",
                "address2": "West Jamalshire, MS 31933-5723",
                "postal_code": "17377-4558",
                "city": "Bashirian and Sons",
                "country": "IT",
                "clinic_name": "Lakinchester",
                "clinic_location": "75609 Gusikowski Plains Suite 186\nRusselhaven, AL 16465",
                "image": null,
                "mfa_enabled": 0,
                "mfa_method": null,
                "mfa_verified_to": null,
                "location_id": null,
                "created_by": null,
                "active": 1,
                "notifications_timezone": null,
                "notifications_at": null,
                "created_at": "2026-06-02T13:56:38.000000Z",
                "updated_at": "2026-06-02T13:56:38.000000Z",
                "invitation_status": null,
                "acadle_invitation_status": null,
                "roles": []
            },
            "device": null,
            "messages": []
        },
        {
            "id": 88,
            "sender_id": 290,
            "recipient_id": 291,
            "device_id": null,
            "meeting_date": "2026-06-02 13:56:39",
            "meeting_type": "online_meeting",
            "contact_email": "ayana95@hermiston.net",
            "status": "new",
            "created_at": "2026-06-02T13:56:39.000000Z",
            "updated_at": "2026-06-02T13:56:39.000000Z",
            "sender": {
                "id": 290,
                "mrn": "FJNALRFJ1780408599",
                "name": "Clara Weber",
                "email": "1780408599gglover@example.com",
                "language": "en",
                "phone": "+1.947.369.3594",
                "phone_country": "LK",
                "phone_verified_at": null,
                "address1": "2605 Dicki Ville Suite 375",
                "address2": "South Aaronport, AL 18481-1851",
                "postal_code": "70458-7164",
                "city": "Bartell, Dickinson and McKenzie",
                "country": "BG",
                "clinic_name": "Kundeborough",
                "clinic_location": "702 Ruthie Trafficway\nMcDermottside, NE 34625-1505",
                "image": null,
                "mfa_enabled": 0,
                "mfa_method": null,
                "mfa_verified_to": null,
                "location_id": null,
                "created_by": null,
                "active": 1,
                "notifications_timezone": null,
                "notifications_at": null,
                "created_at": "2026-06-02T13:56:39.000000Z",
                "updated_at": "2026-06-02T13:56:39.000000Z",
                "invitation_status": null,
                "acadle_invitation_status": null,
                "roles": []
            },
            "recipient": {
                "id": 291,
                "mrn": "KQGJ7WJ61780408599",
                "name": "Mrs. Madaline Quigley",
                "email": "1780408599corbin81@example.com",
                "language": "en",
                "phone": "+1 (754) 563-8758",
                "phone_country": "ME",
                "phone_verified_at": null,
                "address1": "366 Rashad Extensions Apt. 332",
                "address2": "Lake Mariannefort, VT 13577",
                "postal_code": "51440-3528",
                "city": "Flatley, Abernathy and Robel",
                "country": "LT",
                "clinic_name": "Murazikberg",
                "clinic_location": "7387 Rico Rapids\nGodfreyport, NV 27691-2078",
                "image": null,
                "mfa_enabled": 0,
                "mfa_method": null,
                "mfa_verified_to": null,
                "location_id": null,
                "created_by": null,
                "active": 1,
                "notifications_timezone": null,
                "notifications_at": null,
                "created_at": "2026-06-02T13:56:39.000000Z",
                "updated_at": "2026-06-02T13:56:39.000000Z",
                "invitation_status": null,
                "acadle_invitation_status": null,
                "roles": []
            },
            "device": null,
            "messages": []
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to view chat room tickets",
    "code": "CHAT:LIST_TICKETS:INSUFFICIENT_PERMISSION"
}

Example response (404, Chat room not found):


{
    "message": "Chat room not found",
    "code": "CHAT:LIST_TICKETS:ROOM_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/chat/tickets/{roomId}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

roomId string

Example: at

Query Parameters

status string optional

Filter tickets by status (available: new,in_progress,closed,reopened. Example: nisi

sender integer optional

Filter tickets by sender. Example: 8

recipient integer optional

Filter tickets by recipient. Example: 11

perpage integer optional

Elements per page (Default: 20).

page integer optional

Page number (Default: 1).

extend string optional

Comma-separated list of relation extensions (available: sender, recipient, messages, messages.attachments, messages.sender).

sortby string optional

Sort by field (available: date). Default: date, desc.

sortdir string optional

Sort direction (available: asc, desc).

Response

Response Fields

items object

id integer

Support ticket ID.

sender_id integer

ID of the user who created the ticket.

recipient_id integer

ID of the recipient user.

device_id integer

Associated device ID.

meeting_date string

Scheduled meeting date.

meeting_type string

Meeting type.

Must be one of:

online
in-person

contact_email string

Contact email address.

status string

Ticket status.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

sender object

User who created the ticket.

recipient object

Recipient user.

device object

Associated device.

messages object[]

Ticket messages.

paginator object

total integer

Total number of items.

count integer

Number of items on current page.

perpage integer

Items per page.

current_page integer

Current page number.

last_page integer

Last page number.

List of available patients for chat

requires authentication

Possible extend options:

clinician - clinician assigned to this user
devices - products assigned to user
roles - user roles

Example request:

curl --request GET \
    --get "http://localhost:8000/api/chat/available-patients" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/chat/available-patients"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 292,
            "mrn": "HFRWSMJ91780408600",
            "name": "Ms. Gerry Friesen",
            "email": "1780408600rhiannon19@example.net",
            "language": "en",
            "phone": "+1-463-663-7050",
            "phone_country": "MQ",
            "phone_verified_at": null,
            "address1": "526 Bartell Trafficway",
            "address2": "Port Berenice, IA 53520-2297",
            "postal_code": "91468",
            "city": "Rowe-Littel",
            "country": "UA",
            "clinic_name": "Schoenborough",
            "clinic_location": "78282 Kuhic Estates\nNew Rebekah, NM 15607-2338",
            "image": null,
            "mfa_enabled": 0,
            "mfa_method": null,
            "mfa_verified_to": null,
            "location_id": null,
            "created_by": null,
            "active": 1,
            "notifications_timezone": null,
            "notifications_at": null,
            "created_at": "2026-06-02T13:56:40.000000Z",
            "updated_at": "2026-06-02T13:56:40.000000Z",
            "invitation_status": null,
            "acadle_invitation_status": null,
            "devices": [
                {
                    "id": 141,
                    "serial": "a4e81151-a977-36a9-b510-3a483e62b8f1",
                    "bluetooth_id": "363bd7d5-32c8-3f5b-8cea-383d43879df6",
                    "company_id": null,
                    "model_id": null,
                    "amputee_id": 292,
                    "clinician_id": null,
                    "firmware_version_id": null,
                    "pcb_version_id": null,
                    "reverse_magnets": 0,
                    "is_electrode": 0,
                    "active": 1,
                    "last_activity_at": "0000-00-00 00:00:00",
                    "created_at": "2026-06-02T13:56:40.000000Z",
                    "updated_at": "2026-06-02T13:56:40.000000Z"
                }
            ],
            "roles": [
                {
                    "id": 5,
                    "name": "Amputee"
                }
            ]
        },
        {
            "id": 293,
            "mrn": "V5GZD44F1780408600",
            "name": "Lon Harris MD",
            "email": "1780408600ukemmer@example.com",
            "language": "en",
            "phone": "+1 (765) 267-7271",
            "phone_country": "AO",
            "phone_verified_at": null,
            "address1": "53770 Meggie Forges Apt. 021",
            "address2": "Braunside, NY 99539-1725",
            "postal_code": "88552-3964",
            "city": "Rogahn Inc",
            "country": "LV",
            "clinic_name": "West Modesta",
            "clinic_location": "51503 Raven Divide Suite 027\nNew Burdettefurt, NV 18883",
            "image": null,
            "mfa_enabled": 0,
            "mfa_method": null,
            "mfa_verified_to": null,
            "location_id": null,
            "created_by": null,
            "active": 1,
            "notifications_timezone": null,
            "notifications_at": null,
            "created_at": "2026-06-02T13:56:40.000000Z",
            "updated_at": "2026-06-02T13:56:40.000000Z",
            "invitation_status": "accepted",
            "acadle_invitation_status": null,
            "devices": [
                {
                    "id": 142,
                    "serial": "d822640c-fecb-33a9-aa7e-d74f1fc73af3",
                    "bluetooth_id": "11b0acd7-689d-3814-bf4f-651fcaf15c17",
                    "company_id": null,
                    "model_id": null,
                    "amputee_id": 293,
                    "clinician_id": null,
                    "firmware_version_id": null,
                    "pcb_version_id": null,
                    "reverse_magnets": 0,
                    "is_electrode": 0,
                    "active": 1,
                    "last_activity_at": "0000-00-00 00:00:00",
                    "created_at": "2026-06-02T13:56:40.000000Z",
                    "updated_at": "2026-06-02T13:56:40.000000Z"
                }
            ],
            "roles": [
                {
                    "id": 3,
                    "name": "Clinician"
                }
            ]
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to list available patients",
    "code": "CHAT:LIST_PATIENTS:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/chat/available-patients

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Query Parameters

perpage integer optional

Elements per page (Default: 20).

page integer optional

Page number (Default: 1).

Response

Response Fields

items object

id integer

User ID.

mrn string

Medical Record Number.

name string

User full name.

email string

User email address.

language string

User preferred language.

phone string

User phone number.

phone_country string

Phone country code.

phone_verified_at string

Phone verification date.

address1 string

Address line 1.

address2 string

Address line 2.

postal_code string

Postal code.

city string

City.

country string

Country code (ISO 3166 Alpha-2).

clinic_name string

Clinic name.

clinic_location string

Clinic location.

image string

User profile image URL.

mfa_enabled boolean

Whether MFA is enabled.

mfa_method string

Preferred MFA method.

mfa_verified_to string

MFA session verified until.

location_id integer

Location ID.

created_by integer

ID of the user who created this account.

active boolean

Whether the user account is active.

notifications_timezone string

Timezone for notifications.

notifications_at string

Preferred notification time.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

invitation_status string

User invitation status.

acadle_invitation_status string

Acadle invitation status.

roles object[]

User roles.

id integer

Role ID.

name string

Role name.

permissions object[]

User permissions.

clinicians object[]

Assigned clinicians.

devices object[]

Assigned devices.

patients object[]

Assigned patients.

invitations object[]

User invitations.

paginator object

total integer

Total number of items.

count integer

Number of items on current page.

perpage integer

Items per page.

current_page integer

Current page number.

last_page integer

Last page number.

List of available participants for chat

requires authentication

Possible extend options:

roles - user roles
permissions - user permissions

Example request:

curl --request GET \
    --get "http://localhost:8000/api/chat/room/1/available-participants" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/chat/room/1/available-participants"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 294,
            "mrn": "RP93WWV71780408600",
            "name": "Orlo King III",
            "email": "1780408600leonard10@example.com",
            "language": "en",
            "phone": "(650) 200-5889",
            "phone_country": "MH",
            "phone_verified_at": null,
            "address1": "9700 Juwan Crossing Apt. 933",
            "address2": "Stehrbury, ME 41153",
            "postal_code": "66688",
            "city": "Bins Inc",
            "country": "EE",
            "clinic_name": "North Tad",
            "clinic_location": "196 Jessyca Village Suite 347\nNew Veldashire, AR 44443-4007",
            "image": null,
            "mfa_enabled": 0,
            "mfa_method": null,
            "mfa_verified_to": null,
            "location_id": null,
            "created_by": null,
            "active": 1,
            "notifications_timezone": null,
            "notifications_at": null,
            "created_at": "2026-06-02T13:56:41.000000Z",
            "updated_at": "2026-06-02T13:56:41.000000Z",
            "invitation_status": "accepted",
            "acadle_invitation_status": null,
            "roles": [
                {
                    "id": 2,
                    "name": "ClinicAdmin"
                }
            ]
        },
        {
            "id": 295,
            "mrn": "GSTH6GEY1780408601",
            "name": "Prof. Wendell Hackett",
            "email": "1780408601kieran.schulist@example.org",
            "language": "en",
            "phone": "320-566-8455",
            "phone_country": "CR",
            "phone_verified_at": null,
            "address1": "149 Rippin Way",
            "address2": "Bednarland, OR 89725-1714",
            "postal_code": "53286-3403",
            "city": "Moore-Farrell",
            "country": "IT",
            "clinic_name": "New Wyattville",
            "clinic_location": "9149 Torp Passage\nLake Ludwig, WV 96656-7026",
            "image": null,
            "mfa_enabled": 0,
            "mfa_method": null,
            "mfa_verified_to": null,
            "location_id": null,
            "created_by": null,
            "active": 1,
            "notifications_timezone": null,
            "notifications_at": null,
            "created_at": "2026-06-02T13:56:41.000000Z",
            "updated_at": "2026-06-02T13:56:41.000000Z",
            "invitation_status": null,
            "acadle_invitation_status": null,
            "roles": [
                {
                    "id": 1,
                    "name": "SuperAdmin"
                }
            ]
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to list available participants",
    "code": "CHAT:LIST_PARTICIPANTS:INSUFFICIENT_PERMISSION"
}

Example response (404, Chat room not found):


{
    "message": "Chat room not found",
    "code": "CHAT:LIST_PARTICIPANTS:ROOM_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/chat/room/{id}/available-participants

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

id integer

Chat room ID. Example: 1

Query Parameters

perpage integer optional

Elements per page (Default: 20).

page integer optional

Page number (Default: 1).

extend string optional

Comma-separated list of relation extensions (available: roles, permissions).

Response

Response Fields

items object

id integer

User ID.

mrn string

Medical Record Number.

name string

User full name.

email string

User email address.

language string

User preferred language.

phone string

User phone number.

phone_country string

Phone country code.

phone_verified_at string

Phone verification date.

address1 string

Address line 1.

address2 string

Address line 2.

postal_code string

Postal code.

city string

City.

country string

Country code (ISO 3166 Alpha-2).

clinic_name string

Clinic name.

clinic_location string

Clinic location.

image string

User profile image URL.

mfa_enabled boolean

Whether MFA is enabled.

mfa_method string

Preferred MFA method.

mfa_verified_to string

MFA session verified until.

location_id integer

Location ID.

created_by integer

ID of the user who created this account.

active boolean

Whether the user account is active.

notifications_timezone string

Timezone for notifications.

notifications_at string

Preferred notification time.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

invitation_status string

User invitation status.

acadle_invitation_status string

Acadle invitation status.

roles object[]

User roles.

id integer

Role ID.

name string

Role name.

permissions object[]

User permissions.

clinicians object[]

Assigned clinicians.

devices object[]

Assigned devices.

patients object[]

Assigned patients.

invitations object[]

User invitations.

paginator object

total integer

Total number of items.

count integer

Number of items on current page.

perpage integer

Items per page.

current_page integer

Current page number.

last_page integer

Last page number.

Config

API endpoints for device config management

Get device config

requires authentication

Definitions:

config - current config entries
config history entry - set of changes in config, updated during the session
config history change - single change made to config (part of config history entry)

Example request:

curl --request GET \
    --get "http://localhost:8000/api/device/1/config?_format=sit" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/device/1/config"
);

const params = {
    "_format": "sit",
};
Object.keys(params)
    .forEach(key => url.searchParams.append(key, params[key]));

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200, Normal/compact response):


{
    "common": {
        "gripPairsConfig": [
            1,
            4,
            2,
            3,
            6,
            7,
            9,
            8
        ],
        "controlConfig": [
            0,
            1,
            0,
            0,
            0
        ],
        "emgThresholds": [
            0,
            0,
            0,
            0,
            0,
            0,
            0,
            0,
            0,
            0
        ],
        "interval": [
            100
        ],
        "gripSequentialConfig": [
            1,
            2,
            4,
            3,
            0,
            255,
            6,
            7,
            9,
            8,
            255,
            255
        ]
    },
    "modes": [
        {
            "id": 100,
            "name": "Mode 1",
            "slot": 0,
            "config": {
                "interval": [
                    300
                ],
                "fingerStrength": [
                    1,
                    100
                ],
                "autoGrasp": [
                    0,
                    100
                ],
                "emgSpike": [
                    0,
                    300
                ]
            }
        },
        {
            "id": 101,
            "name": "Mode 2",
            "slot": 1,
            "config": {
                "interval": [
                    400
                ],
                "fingerStrength": [
                    1,
                    100
                ],
                "autoGrasp": [
                    0,
                    100
                ],
                "emgSpike": [
                    0,
                    300
                ]
            }
        },
        {
            "id": 102,
            "name": "Mode 3",
            "slot": 2,
            "config": {
                "interval": [
                    500
                ],
                "fingerStrength": [
                    1,
                    100
                ],
                "autoGrasp": [
                    0,
                    100
                ],
                "emgSpike": [
                    0,
                    300
                ]
            }
        }
    ]
}

Example response (200):


[
    {
        "id": 1,
        "device_id": 14,
        "mode_id": 1,
        "key": "rerum",
        "value": "soluta",
        "created_at": "2026-06-02T13:54:48.000000Z",
        "updated_at": "2026-06-02T13:54:48.000000Z",
        "mode": {
            "id": 1,
            "device_id": 15,
            "slot": null,
            "name": "Totam sed reiciendis rem maiores qui.",
            "active": 0,
            "created_at": "2026-06-02T13:54:48.000000Z",
            "updated_at": "2026-06-02T13:54:48.000000Z"
        }
    },
    {
        "id": 2,
        "device_id": 16,
        "mode_id": 2,
        "key": "quam",
        "value": "architecto",
        "created_at": "2026-06-02T13:54:48.000000Z",
        "updated_at": "2026-06-02T13:54:48.000000Z",
        "mode": {
            "id": 2,
            "device_id": 17,
            "slot": null,
            "name": "Qui magni quia beatae ut repellat quam recusandae repellat.",
            "active": 0,
            "created_at": "2026-06-02T13:54:48.000000Z",
            "updated_at": "2026-06-02T13:54:48.000000Z"
        }
    }
]

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to view device config",
    "code": "CONFIG:GET:INSUFFICIENT_PERMISSION"
}

Example response (404, Device not found):


{
    "message": "Device not found",
    "code": "CONFIG:GET:DEVICE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/device/{deviceId}/config

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

deviceId integer

Device ID. Example: 1

Query Parameters

_format string optional

Config format. Pass collection to receive config as resource collection. Example: sit

Response

Response Fields

id integer

Config entry ID.

device_id integer

Associated device ID.

mode_id integer

Associated config mode ID.

key string

Config key.

value string

Config value.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

mode object

Associated config mode.

Update device config

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/device/1/config" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"name\": \"Remote session 2022-05-30\",
    \"common\": \"{\\\"gripPairsConfig\\\": [1, 4, 2, 3, 6, 7, 9, 8], \\\"controlConfig\\\": [0, 1, 0, 0, 0], \\\"gripSequentialConfig\\\": [1, 2, 4, 3, 0, 255, 6, 7, 9, 8, 255, 255]\",
    \"updateNote\": true,
    \"modes\": [
        {
            \"id\": 1,
            \"config\": \"{\\\"gripPairsConfig\\\": [1, 4, 2, 3, 6, 7, 9, 8], \\\"controlConfig\\\": [0, 1, 0, 0, 0], \\\"gripSequentialConfig\\\": [1, 2, 4, 3, 0, 255, 6, 7, 9, 8, 255, 255]\"
        }
    ]
}"

const url = new URL(
    "http://localhost:8000/api/device/1/config"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "name": "Remote session 2022-05-30",
    "common": "{\"gripPairsConfig\": [1, 4, 2, 3, 6, 7, 9, 8], \"controlConfig\": [0, 1, 0, 0, 0], \"gripSequentialConfig\": [1, 2, 4, 3, 0, 255, 6, 7, 9, 8, 255, 255]",
    "updateNote": true,
    "modes": [
        {
            "id": 1,
            "config": "{\"gripPairsConfig\": [1, 4, 2, 3, 6, 7, 9, 8], \"controlConfig\": [0, 1, 0, 0, 0], \"gripSequentialConfig\": [1, 2, 4, 3, 0, 255, 6, 7, 9, 8, 255, 255]"
        }
    ]
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (200, OK):


{
    "common": {
        "gripPairsConfig": [
            1,
            4,
            2,
            3,
            6,
            7,
            9,
            8
        ],
        "controlConfig": [
            0,
            1,
            0,
            0,
            0
        ],
        "emgThresholds": [
            0,
            0,
            0,
            0,
            0,
            0,
            0,
            0,
            0,
            0
        ],
        "interval": [
            100
        ],
        "gripSequentialConfig": [
            1,
            2,
            4,
            3,
            0,
            255,
            6,
            7,
            9,
            8,
            255,
            255
        ]
    },
    "modes": [
        {
            "id": 100,
            "name": "Mode 1",
            "slot": 0,
            "config": {
                "interval": [
                    300
                ],
                "fingerStrength": [
                    1,
                    100
                ],
                "autoGrasp": [
                    0,
                    100
                ],
                "emgSpike": [
                    0,
                    300
                ]
            }
        },
        {
            "id": 101,
            "name": "Mode 2",
            "slot": 1,
            "config": {
                "interval": [
                    400
                ],
                "fingerStrength": [
                    1,
                    100
                ],
                "autoGrasp": [
                    0,
                    100
                ],
                "emgSpike": [
                    0,
                    300
                ]
            }
        },
        {
            "id": 102,
            "name": "Mode 3",
            "slot": 2,
            "config": {
                "interval": [
                    500
                ],
                "fingerStrength": [
                    1,
                    100
                ],
                "autoGrasp": [
                    0,
                    100
                ],
                "emgSpike": [
                    0,
                    300
                ]
            }
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to update device config",
    "code": "CONFIG:UPDATE:INSUFFICIENT_PERMISSION"
}

Example response (404, Device not found):


{
    "message": "Device not found",
    "code": "CONFIG:UPDATE:DEVICE_NOT_FOUND"
}

Example response (422, Invalid config):


{
    "message": "Config has some problems and cannot be saved.",
    "errors": {
        "modes": {
            "mode_3": "Config mode 3 does not belong to device 12."
        },
        "values": {
            "common.inputSite": "Invalid value [\"11\"] for key inputSite - contains string values.",
            "common.gripsPositions.1.initial": "Invalid value [200,\"100\",\"100\",\"100\",\"100\"] for key gripsPositions.1.initial - contains string values.",
            "mode_1.inputSite": "Invalid value [\"11\"] for key inputSite - contains string values.",
            "mode_1.gripsPositions.0.initial": "Invalid value [\"200\",\"100\",\"100\",\"100\",\"100\"] for key gripsPositions.1.initial - contains string values."
        }
    },
    "code": "CONFIG:UPDATE:INVALID_CONFIG"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/device/{deviceId}/config

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

deviceId integer

Device ID. Example: 1

Body Parameters

name string optional

Config history entry name (session name). Example: Remote session 2022-05-30

common string optional

Common config as JSON string. MUST_BE_JSON. Example: {"gripPairsConfig": [1, 4, 2, 3, 6, 7, 9, 8], "controlConfig": [0, 1, 0, 0, 0], "gripSequentialConfig": [1, 2, 4, 3, 0, 255, 6, 7, 9, 8, 255, 255]

updateNote boolean optional true false

Add config history note with content equal to name parameter. Example: true

modes object[] optional

id string optional

Config mode ID. The id of an existing record in the App\Models\ConfigMode table. Example: 1

config string optional

Config specific for mode as JSON string. MUST_BE_JSON. Example: {"gripPairsConfig": [1, 4, 2, 3, 6, 7, 9, 8], "controlConfig": [0, 1, 0, 0, 0], "gripSequentialConfig": [1, 2, 4, 3, 0, 255, 6, 7, 9, 8, 255, 255]

Get device config history

requires authentication

For amputees only restore points are returned.

Example request:

curl --request GET \
    --get "http://localhost:8000/api/device/1/config/history?restore_point=1&factory_reset_point=1&date_from=1642003200&date_to=1642003200" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"restore_point\": true,
    \"factory_reset_point\": false
}"

const url = new URL(
    "http://localhost:8000/api/device/1/config/history"
);

const params = {
    "restore_point": "1",
    "factory_reset_point": "1",
    "date_from": "1642003200",
    "date_to": "1642003200",
};
Object.keys(params)
    .forEach(key => url.searchParams.append(key, params[key]));

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "restore_point": true,
    "factory_reset_point": false
};

fetch(url, {
    method: "GET",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (200, Normal/compact response):


{
    "common": {
        "gripPairsConfig": [
            1,
            4,
            2,
            3,
            6,
            7,
            9,
            8
        ],
        "controlConfig": [
            0,
            1,
            0,
            0,
            0
        ],
        "emgThresholds": [
            0,
            0,
            0,
            0,
            0,
            0,
            0,
            0,
            0,
            0
        ],
        "interval": [
            100
        ],
        "gripSequentialConfig": [
            1,
            2,
            4,
            3,
            0,
            255,
            6,
            7,
            9,
            8,
            255,
            255
        ]
    },
    "modes": [
        {
            "id": 100,
            "name": "Mode 1",
            "slot": 0,
            "config": {
                "interval": [
                    300
                ],
                "fingerStrength": [
                    1,
                    100
                ],
                "autoGrasp": [
                    0,
                    100
                ],
                "emgSpike": [
                    0,
                    300
                ]
            }
        },
        {
            "id": 101,
            "name": "Mode 2",
            "slot": 1,
            "config": {
                "interval": [
                    400
                ],
                "fingerStrength": [
                    1,
                    100
                ],
                "autoGrasp": [
                    0,
                    100
                ],
                "emgSpike": [
                    0,
                    300
                ]
            }
        },
        {
            "id": 102,
            "name": "Mode 3",
            "slot": 2,
            "config": {
                "interval": [
                    500
                ],
                "fingerStrength": [
                    1,
                    100
                ],
                "autoGrasp": [
                    0,
                    100
                ],
                "emgSpike": [
                    0,
                    300
                ]
            }
        }
    ]
}

Example response (200):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 1,
            "user_id": null,
            "device_id": 18,
            "index": null,
            "name": "Corporis repellendus fugiat et expedita ipsa aut sequi qui.",
            "config": "{\"common\":{\"fingerStrength\":[1,200],\"gripPositions\":{\"_\":0,\"0\":{\"initial\":[45,46,13,3,23],\"limit\":[51,57,92,63,71]},\"1\":{\"initial\":[35,41,6,31,44],\"limit\":[89,80,41,65,48]},\"2\":{\"initial\":[72,25,56,26,61],\"limit\":[94,91,64,37,91]},\"3\":{\"initial\":[12,18,14,4,71],\"limit\":[70,46,85,21,75]},\"4\":{\"initial\":[9,58,55,18,6],\"limit\":[67,64,81,85,29]},\"5\":{\"initial\":[53,48,3,40,47],\"limit\":[91,86,81,58,83]},\"6\":{\"initial\":[14,29,12,11,29],\"limit\":[19,49,37,61,55]},\"7\":{\"initial\":[38,37,83,23,78],\"limit\":[66,91,89,94,91]},\"8\":{\"initial\":[2,74,27,27,32],\"limit\":[72,94,80,66,68]},\"9\":{\"initial\":[9,5,18,24,27],\"limit\":[57,92,94,69,81]},\"10\":{\"initial\":[52,6,42,44,10],\"limit\":[53,6,76,52,53]},\"11\":{\"initial\":[15,52,8,5,14],\"limit\":[38,57,39,24,22]},\"12\":{\"initial\":[36,40,29,43,21],\"limit\":[76,54,63,85,41]},\"13\":{\"initial\":[4,51,58,87,4],\"limit\":[61,59,87,94,35]}},\"inputSite\":[1]},\"modes\":[{\"id\":3,\"name\":\"Et nihil quibusdam quaerat recusandae.\",\"slot\":0,\"config\":{\"autoGrasp\":[0,100],\"coContractionTimings\":[300,100],\"controlMode\":[0],\"emgGains\":[100,100],\"emgSpike\":[1,300],\"emgThresholds\":[60,40,80,90,90,80,100,40,40,40],\"gripPairsConfig\":[11,1,13,8,10,9,3,12],\"gripSequentialConfig\":[12,4,10,9,255,7,1,6,3,8,255,2],\"gripSwitchingMode\":[3],\"holdOpen\":[2500,2500],\"pulseTimings\":[790,880,240,650],\"softGrip\":[1],\"speedControlStrategy\":[0]}},{\"id\":4,\"name\":\"Voluptas ducimus omnis sequi harum dolorem est aut.\",\"slot\":1,\"config\":{\"autoGrasp\":[1,100],\"coContractionTimings\":[300,200],\"controlMode\":[0],\"emgGains\":[100,100],\"emgSpike\":[1,300],\"emgThresholds\":[80,30,40,0,30,40,50,50,40,80],\"gripPairsConfig\":[12,13,4,6,8,7,11,2],\"gripSequentialConfig\":[6,5,1,255,4,255,13,255,7,3,10,255],\"gripSwitchingMode\":[1],\"holdOpen\":[2000,2000],\"pulseTimings\":[730,670,100,360],\"softGrip\":[1],\"speedControlStrategy\":[1]}},{\"id\":5,\"name\":\"Nam id placeat est optio.\",\"slot\":2,\"config\":{\"autoGrasp\":[0,0],\"coContractionTimings\":[500,300],\"controlMode\":[1],\"emgGains\":[100,100],\"emgSpike\":[0,300],\"emgThresholds\":[80,70,20,80,20,40,70,80,70,40],\"gripPairsConfig\":[13,9,12,1,2,10,6,8],\"gripSequentialConfig\":[13,10,4,6,8,12,5,255,1,2,9,11],\"gripSwitchingMode\":[1],\"holdOpen\":[1500,1500],\"pulseTimings\":[900,120,770,480],\"softGrip\":[1],\"speedControlStrategy\":[0]}}]}",
            "restore_point": 1,
            "factory_reset_point": 0,
            "changed_by": 46,
            "firmware_version_id": null,
            "created_at": "2026-06-02T13:54:49.000000Z",
            "updated_at": "2026-06-02T13:54:49.000000Z",
            "author": {
                "id": 46,
                "mrn": "KZDP8LMZ1780408489",
                "name": "Nathen Schuppe",
                "email": "1780408489schoen.tevin@example.org",
                "language": "en",
                "phone": "662-283-5538",
                "phone_country": "TK",
                "phone_verified_at": null,
                "address1": "8813 Hilpert Trace",
                "address2": "Glovertown, NE 05519-8690",
                "postal_code": "42225-0786",
                "city": "Wyman-Wyman",
                "country": "PT",
                "clinic_name": "Kozeyville",
                "clinic_location": "583 Thad Summit\nIcieberg, DE 10335-1401",
                "image": null,
                "mfa_enabled": 0,
                "mfa_method": null,
                "mfa_verified_to": null,
                "location_id": null,
                "created_by": null,
                "active": 1,
                "notifications_timezone": null,
                "notifications_at": null,
                "created_at": "2026-06-02T13:54:49.000000Z",
                "updated_at": "2026-06-02T13:54:49.000000Z",
                "invitation_status": null,
                "acadle_invitation_status": null,
                "roles": []
            },
            "entries": [
                {
                    "id": 1,
                    "config_history_id": 1,
                    "config_id": 3,
                    "old_value": "iste",
                    "new_value": "sit",
                    "created_at": "2026-06-02T13:54:50.000000Z",
                    "updated_at": "2026-06-02T13:54:50.000000Z",
                    "config_entry": {
                        "id": 3,
                        "device_id": 26,
                        "mode_id": null,
                        "key": "ut",
                        "value": "voluptas",
                        "created_at": "2026-06-02T13:54:50.000000Z",
                        "updated_at": "2026-06-02T13:54:50.000000Z"
                    }
                }
            ]
        },
        {
            "id": 3,
            "user_id": null,
            "device_id": 27,
            "index": null,
            "name": "Consequatur inventore eius hic ratione laborum vitae dolores.",
            "config": "{\"common\":{\"fingerStrength\":[1,300],\"gripPositions\":{\"_\":0,\"0\":{\"initial\":[81,11,23,49,39],\"limit\":[84,86,72,50,81]},\"1\":{\"initial\":[33,23,4,50,32],\"limit\":[92,25,15,68,75]},\"2\":{\"initial\":[16,46,26,71,11],\"limit\":[77,56,79,75,60]},\"3\":{\"initial\":[11,38,59,18,30],\"limit\":[94,39,65,66,60]},\"4\":{\"initial\":[33,39,29,73,57],\"limit\":[37,69,86,82,84]},\"5\":{\"initial\":[34,22,26,60,47],\"limit\":[59,76,29,64,51]},\"6\":{\"initial\":[19,58,52,51,83],\"limit\":[34,70,55,72,86]},\"7\":{\"initial\":[13,36,51,32,8],\"limit\":[56,76,94,71,90]},\"8\":{\"initial\":[58,8,62,70,12],\"limit\":[76,17,88,89,74]},\"9\":{\"initial\":[31,10,54,2,43],\"limit\":[80,46,74,34,63]},\"10\":{\"initial\":[6,82,51,64,32],\"limit\":[70,88,84,87,56]},\"11\":{\"initial\":[65,38,67,80,28],\"limit\":[82,68,81,86,94]},\"12\":{\"initial\":[24,83,19,57,8],\"limit\":[90,86,93,94,71]},\"13\":{\"initial\":[57,3,31,2,77],\"limit\":[80,75,51,58,78]}},\"inputSite\":[0]},\"modes\":[{\"id\":9,\"name\":\"Dolores quibusdam deserunt voluptatem amet et.\",\"slot\":0,\"config\":{\"autoGrasp\":[1,100],\"coContractionTimings\":[300,300],\"controlMode\":[1],\"emgGains\":[100,100],\"emgSpike\":[0,300],\"emgThresholds\":[90,80,30,10,10,90,20,20,90,10],\"gripPairsConfig\":[9,11,13,8,2,5,3,4],\"gripSequentialConfig\":[255,255,11,4,255,1,255,255,255,255,255,9],\"gripSwitchingMode\":[2],\"holdOpen\":[2000,2500],\"pulseTimings\":[280,240,450,200],\"softGrip\":[0],\"speedControlStrategy\":[1]}},{\"id\":10,\"name\":\"Est dolorum nesciunt quia voluptatem placeat laudantium.\",\"slot\":1,\"config\":{\"autoGrasp\":[0,0],\"coContractionTimings\":[300,200],\"controlMode\":[1],\"emgGains\":[100,100],\"emgSpike\":[0,300],\"emgThresholds\":[0,90,50,100,60,0,90,90,0,90],\"gripPairsConfig\":[8,5,11,3,1,7,9,4],\"gripSequentialConfig\":[1,12,255,7,255,5,6,255,8,255,4,3],\"gripSwitchingMode\":[1],\"holdOpen\":[2000,2500],\"pulseTimings\":[770,630,70,290],\"softGrip\":[0],\"speedControlStrategy\":[0]}},{\"id\":11,\"name\":\"Illo fugiat debitis ut eum maiores.\",\"slot\":2,\"config\":{\"autoGrasp\":[1,100],\"coContractionTimings\":[400,100],\"controlMode\":[0],\"emgGains\":[100,100],\"emgSpike\":[0,300],\"emgThresholds\":[100,90,80,60,100,70,60,0,10,40],\"gripPairsConfig\":[1,8,2,12,13,7,3,9],\"gripSequentialConfig\":[6,2,12,8,255,10,3,7,9,1,4,5],\"gripSwitchingMode\":[1],\"holdOpen\":[2000,2000],\"pulseTimings\":[770,110,920,600],\"softGrip\":[0],\"speedControlStrategy\":[1]}}]}",
            "restore_point": 1,
            "factory_reset_point": 0,
            "changed_by": 49,
            "firmware_version_id": null,
            "created_at": "2026-06-02T13:54:51.000000Z",
            "updated_at": "2026-06-02T13:54:51.000000Z",
            "author": {
                "id": 49,
                "mrn": "TNYJNSC41780408490",
                "name": "Lauren Kozey",
                "email": "1780408490ghoeger@example.com",
                "language": "en",
                "phone": "+1 (830) 402-7885",
                "phone_country": "AM",
                "phone_verified_at": null,
                "address1": "71899 Fritsch Lodge",
                "address2": "Port Jaiden, MI 18882-2442",
                "postal_code": "92198",
                "city": "Hintz-Windler",
                "country": "SE",
                "clinic_name": "North Gardnerville",
                "clinic_location": "40026 Romaine Garden\nKiarraton, IA 31302",
                "image": null,
                "mfa_enabled": 0,
                "mfa_method": null,
                "mfa_verified_to": null,
                "location_id": null,
                "created_by": null,
                "active": 1,
                "notifications_timezone": null,
                "notifications_at": null,
                "created_at": "2026-06-02T13:54:50.000000Z",
                "updated_at": "2026-06-02T13:54:50.000000Z",
                "invitation_status": null,
                "acadle_invitation_status": null,
                "roles": []
            },
            "entries": [
                {
                    "id": 2,
                    "config_history_id": 3,
                    "config_id": 4,
                    "old_value": "atque",
                    "new_value": "perferendis",
                    "created_at": "2026-06-02T13:54:51.000000Z",
                    "updated_at": "2026-06-02T13:54:51.000000Z",
                    "config_entry": {
                        "id": 4,
                        "device_id": 35,
                        "mode_id": null,
                        "key": "aliquid",
                        "value": "qui",
                        "created_at": "2026-06-02T13:54:51.000000Z",
                        "updated_at": "2026-06-02T13:54:51.000000Z"
                    }
                }
            ]
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to view device config",
    "code": "CONFIG:HISTORY:INSUFFICIENT_PERMISSION"
}

Example response (404, Device not found):


{
    "message": "Device not found",
    "code": "CONFIG:HISTORY:DEVICE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/device/{deviceId}/config/history

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

deviceId integer

Device ID. Example: 1

Query Parameters

restore_point boolean optional true false

Filter config entries by restore point status. Example: 1

factory_reset_point boolean optional true false

Filter config entries by factory reset point status. Example: 1

date_from integer optional

Filter config entries from date (timestamp). Example: 1642003200

date_to integer optional

Filter config entries to date (timestamp). Example: 1642003200

perpage integer optional

Elements per page (Default: 20).

page integer optional

Page number (Default: 1).

extend string optional

Comma-separated list of relation extensions (available: author, entries).

sortby string optional

Sort by field (available: date). Default: date, desc.

sortdir string optional

Sort direction (available: asc, desc).

Body Parameters

restore_point boolean optional true false

Example: true

factory_reset_point boolean optional true false

Example: false

date_from string optional

date_to string optional

Response

Response Fields

items object

id integer

Config history entry ID.

device_id integer

Associated device ID.

index integer

Config history index.

name string

Config snapshot name.

config string

Serialized config data.

restore_point boolean

Whether this entry is a restore point.

factory_reset_point boolean

Whether this entry is a factory reset point.

changed_by integer

ID of the user who made the change.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

author object

User who made the change.

entries object[]

Individual config history entries.

notes object[]

Notes attached to this history entry.

paginator object

total integer

Total number of items.

count integer

Number of items on current page.

perpage integer

Items per page.

current_page integer

Current page number.

last_page integer

Last page number.

Get device config history entry

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/device/1/config/history/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/device/1/config/history/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "id": 5,
    "user_id": null,
    "device_id": 36,
    "index": null,
    "name": "Dolorum ut consequatur aut.",
    "config": "{\"common\":{\"fingerStrength\":[1,300],\"gripPositions\":{\"_\":0,\"0\":{\"initial\":[21,39,63,85,31],\"limit\":[53,71,65,94,94]},\"1\":{\"initial\":[16,29,39,59,10],\"limit\":[74,73,95,94,20]},\"2\":{\"initial\":[57,63,38,25,67],\"limit\":[81,87,46,63,78]},\"3\":{\"initial\":[59,18,31,36,37],\"limit\":[95,49,83,78,84]},\"4\":{\"initial\":[25,29,45,50,2],\"limit\":[64,82,49,90,46]},\"5\":{\"initial\":[70,60,33,31,4],\"limit\":[75,62,85,57,30]},\"6\":{\"initial\":[31,36,43,25,64],\"limit\":[50,73,60,72,71]},\"7\":{\"initial\":[49,71,39,41,15],\"limit\":[95,87,41,59,29]},\"8\":{\"initial\":[16,48,48,66,20],\"limit\":[44,67,49,82,84]},\"9\":{\"initial\":[61,69,9,32,63],\"limit\":[72,88,48,78,71]},\"10\":{\"initial\":[18,22,23,55,86],\"limit\":[59,83,55,57,90]},\"11\":{\"initial\":[64,6,10,42,50],\"limit\":[75,79,72,51,70]},\"12\":{\"initial\":[35,8,66,3,31],\"limit\":[83,75,68,45,45]},\"13\":{\"initial\":[39,47,54,49,53],\"limit\":[89,59,92,78,92]}},\"inputSite\":[0]},\"modes\":[{\"id\":15,\"name\":\"Adipisci est dolores voluptas sit qui.\",\"slot\":0,\"config\":{\"autoGrasp\":[1,100],\"coContractionTimings\":[500,400],\"controlMode\":[1],\"emgGains\":[100,100],\"emgSpike\":[1,300],\"emgThresholds\":[0,70,80,70,80,70,100,60,30,10],\"gripPairsConfig\":[6,4,10,1,7,13,5,8],\"gripSequentialConfig\":[255,255,3,12,255,10,8,11,255,5,255,255],\"gripSwitchingMode\":[2],\"holdOpen\":[2000,2500],\"pulseTimings\":[40,150,170,690],\"softGrip\":[0],\"speedControlStrategy\":[1]}},{\"id\":16,\"name\":\"Beatae alias dolor quia optio ab voluptates.\",\"slot\":1,\"config\":{\"autoGrasp\":[0,0],\"coContractionTimings\":[300,200],\"controlMode\":[1],\"emgGains\":[100,100],\"emgSpike\":[1,300],\"emgThresholds\":[10,70,40,10,20,40,70,60,70,40],\"gripPairsConfig\":[5,10,4,7,11,1,3,9],\"gripSequentialConfig\":[3,4,13,7,9,255,255,8,5,6,255,11],\"gripSwitchingMode\":[3],\"holdOpen\":[1500,1500],\"pulseTimings\":[940,100,540,800],\"softGrip\":[0],\"speedControlStrategy\":[0]}},{\"id\":17,\"name\":\"Dolores doloremque odit sapiente debitis.\",\"slot\":2,\"config\":{\"autoGrasp\":[0,100],\"coContractionTimings\":[500,300],\"controlMode\":[1],\"emgGains\":[100,100],\"emgSpike\":[1,300],\"emgThresholds\":[30,100,20,60,20,20,90,90,50,30],\"gripPairsConfig\":[8,2,3,9,12,6,11,7],\"gripSequentialConfig\":[9,255,8,255,7,13,255,6,255,3,1,255],\"gripSwitchingMode\":[2],\"holdOpen\":[2000,2500],\"pulseTimings\":[420,130,710,580],\"softGrip\":[0],\"speedControlStrategy\":[0]}}]}",
    "restore_point": 1,
    "factory_reset_point": 0,
    "changed_by": 51,
    "firmware_version_id": null,
    "created_at": "2026-06-02T13:54:52.000000Z",
    "updated_at": "2026-06-02T13:54:52.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to view device config",
    "code": "CONFIG:HISTORY_ENTRY:INSUFFICIENT_PERMISSION"
}

Example response (404, Device not found):


{
    "message": "Device not found",
    "code": "CONFIG:HISTORY_ENTRY:DEVICE_NOT_FOUND"
}

Example response (404, Config history entry not found):


{
    "message": "Config history entry not found",
    "code": "CONFIG:HISTORY_ENTRY:HISTORY_ENTRY_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/device/{deviceId}/config/history/{configId}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

deviceId integer

Device ID. Example: 1

configId integer

Config history entry ID. Example: 1

Query Parameters

extend string optional

Comma-separated list of relation extensions (available: author, entries).

Response

Response Fields

id integer

Config history entry ID.

device_id integer

Associated device ID.

index integer

Config history index.

name string

Config snapshot name.

config string

Serialized config data.

restore_point boolean

Whether this entry is a restore point.

factory_reset_point boolean

Whether this entry is a factory reset point.

changed_by integer

ID of the user who made the change.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

author object

User who made the change.

entries object[]

Individual config history entries.

notes object[]

Notes attached to this history entry.

Update config history

requires authentication

Returns updated config history in response.

Example request:

curl --request POST \
    "http://localhost:8000/api/device/1/config/history/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"name\": \"Remote session 2022-05-30\",
    \"restore_point\": true,
    \"factory_reset_point\": false
}"

const url = new URL(
    "http://localhost:8000/api/device/1/config/history/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "name": "Remote session 2022-05-30",
    "restore_point": true,
    "factory_reset_point": false
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (202):


{
    "id": 6,
    "user_id": null,
    "device_id": 40,
    "index": null,
    "name": "Et odio eos expedita consequatur voluptas accusantium dicta optio.",
    "config": "{\"common\":{\"fingerStrength\":[1,100],\"gripPositions\":{\"_\":0,\"0\":{\"initial\":[55,62,5,40,56],\"limit\":[87,82,88,48,57]},\"1\":{\"initial\":[40,21,76,50,3],\"limit\":[47,95,92,63,9]},\"2\":{\"initial\":[71,6,38,74,3],\"limit\":[86,33,86,89,70]},\"3\":{\"initial\":[8,5,55,6,7],\"limit\":[86,60,65,64,94]},\"4\":{\"initial\":[1,62,56,36,13],\"limit\":[52,89,70,89,69]},\"5\":{\"initial\":[75,59,2,48,11],\"limit\":[94,89,95,53,19]},\"6\":{\"initial\":[21,71,28,29,61],\"limit\":[27,87,95,90,87]},\"7\":{\"initial\":[23,10,1,18,55],\"limit\":[56,24,92,59,77]},\"8\":{\"initial\":[9,33,65,38,4],\"limit\":[35,60,74,53,66]},\"9\":{\"initial\":[18,72,53,23,25],\"limit\":[74,89,53,70,64]},\"10\":{\"initial\":[6,12,33,2,18],\"limit\":[52,22,65,5,23]},\"11\":{\"initial\":[52,44,20,19,29],\"limit\":[60,80,71,57,79]},\"12\":{\"initial\":[26,42,53,1,23],\"limit\":[28,84,88,18,67]},\"13\":{\"initial\":[28,24,1,34,33],\"limit\":[38,43,61,78,50]}},\"inputSite\":[1]},\"modes\":[{\"id\":18,\"name\":\"Amet odit distinctio totam sit aut.\",\"slot\":0,\"config\":{\"autoGrasp\":[1,0],\"coContractionTimings\":[300,100],\"controlMode\":[0],\"emgGains\":[100,100],\"emgSpike\":[0,300],\"emgThresholds\":[50,100,100,40,20,70,70,30,80,60],\"gripPairsConfig\":[3,7,11,13,5,10,8,4],\"gripSequentialConfig\":[8,10,9,255,255,6,1,255,255,2,4,11],\"gripSwitchingMode\":[1],\"holdOpen\":[2000,2000],\"pulseTimings\":[500,300,850,80],\"softGrip\":[0],\"speedControlStrategy\":[0]}},{\"id\":19,\"name\":\"Rerum iure unde nihil.\",\"slot\":1,\"config\":{\"autoGrasp\":[0,100],\"coContractionTimings\":[500,100],\"controlMode\":[0],\"emgGains\":[100,100],\"emgSpike\":[0,300],\"emgThresholds\":[40,60,30,0,80,20,100,30,90,90],\"gripPairsConfig\":[7,3,5,11,4,9,2,12],\"gripSequentialConfig\":[4,8,13,1,255,255,12,255,10,255,11,6],\"gripSwitchingMode\":[1],\"holdOpen\":[2000,2500],\"pulseTimings\":[920,910,980,70],\"softGrip\":[0],\"speedControlStrategy\":[1]}},{\"id\":20,\"name\":\"Voluptatibus et eos est fuga.\",\"slot\":2,\"config\":{\"autoGrasp\":[1,0],\"coContractionTimings\":[500,300],\"controlMode\":[0],\"emgGains\":[100,100],\"emgSpike\":[1,300],\"emgThresholds\":[0,70,70,30,40,30,100,80,100,70],\"gripPairsConfig\":[13,10,11,5,7,3,8,6],\"gripSequentialConfig\":[12,11,9,255,7,255,255,10,1,255,5,255],\"gripSwitchingMode\":[3],\"holdOpen\":[1500,2500],\"pulseTimings\":[670,910,830,930],\"softGrip\":[0],\"speedControlStrategy\":[0]}}]}",
    "restore_point": 1,
    "factory_reset_point": 0,
    "changed_by": 52,
    "firmware_version_id": null,
    "created_at": "2026-06-02T13:54:52.000000Z",
    "updated_at": "2026-06-02T13:54:52.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to update device config",
    "code": "CONFIG:HISTORY_UPDATE:INSUFFICIENT_PERMISSION"
}

Example response (403, Factory reset point already exists):


{
    "message": "Factory reset point does not exist",
    "code": "CONFIG:HISTORY_UPDATE:FACTORY_RESET_POINT_ALREADY_EXISTS"
}

Example response (404, Device not found):


{
    "message": "Device not found",
    "code": "CONFIG:HISTORY_UPDATE:DEVICE_NOT_FOUND"
}

Example response (404, Config history entry not found):


{
    "message": "Config history entry not found",
    "code": "CONFIG:HISTORY_UPDATE:HISTORY_ENTRY_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/device/{deviceId}/config/history/{configId}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

deviceId integer

Device ID. Example: 1

configId integer

Config history entry ID. Example: 1

Body Parameters

name string optional

Config history entry name. Example: Remote session 2022-05-30

restore_point boolean optional true false

Restore point status. Example: true

factory_reset_point boolean optional true false

Point of factory reset. Example: false

Response

Response Fields

id integer

Config history entry ID.

device_id integer

Associated device ID.

index integer

Config history index.

name string

Config snapshot name.

config string

Serialized config data.

restore_point boolean

Whether this entry is a restore point.

factory_reset_point boolean

Whether this entry is a factory reset point.

changed_by integer

ID of the user who made the change.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

author object

User who made the change.

entries object[]

Individual config history entries.

notes object[]

Notes attached to this history entry.

Undo single config history change

requires authentication

Returns updated config in response.

Example request:

curl --request DELETE \
    "http://localhost:8000/api/device/1/config/history/undo/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/device/1/config/history/undo/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "DELETE",
    headers,
}).then(response => response.json());

Example response (202, Normal/compact response):


{
    "common": {
        "gripPairsConfig": [
            1,
            4,
            2,
            3,
            6,
            7,
            9,
            8
        ],
        "controlConfig": [
            0,
            1,
            0,
            0,
            0
        ],
        "emgThresholds": [
            0,
            0,
            0,
            0,
            0,
            0,
            0,
            0,
            0,
            0
        ],
        "interval": [
            100
        ],
        "gripSequentialConfig": [
            1,
            2,
            4,
            3,
            0,
            255,
            6,
            7,
            9,
            8,
            255,
            255
        ]
    },
    "modes": [
        {
            "id": 100,
            "name": "Mode 1",
            "slot": 0,
            "config": {
                "interval": [
                    300
                ],
                "fingerStrength": [
                    1,
                    100
                ],
                "autoGrasp": [
                    0,
                    100
                ],
                "emgSpike": [
                    0,
                    300
                ]
            }
        },
        {
            "id": 101,
            "name": "Mode 2",
            "slot": 1,
            "config": {
                "interval": [
                    400
                ],
                "fingerStrength": [
                    1,
                    100
                ],
                "autoGrasp": [
                    0,
                    100
                ],
                "emgSpike": [
                    0,
                    300
                ]
            }
        },
        {
            "id": 102,
            "name": "Mode 3",
            "slot": 2,
            "config": {
                "interval": [
                    500
                ],
                "fingerStrength": [
                    1,
                    100
                ],
                "autoGrasp": [
                    0,
                    100
                ],
                "emgSpike": [
                    0,
                    300
                ]
            }
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to update device config",
    "code": "CONFIG:UNDO:INSUFFICIENT_PERMISSION"
}

Example response (404, Device not found):


{
    "message": "Device not found",
    "code": "CONFIG:UNDO:DEVICE_NOT_FOUND"
}

Example response (404, Config history entry not found):


{
    "message": "Config history entry not found",
    "code": "CONFIG:UNDO:HISTORY_ENTRY_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

DELETE api/device/{deviceId}/config/history/undo/{configId}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

deviceId integer

Device ID. Example: 1

configId integer

Config history entry ID. Example: 1

Restore config history entry

requires authentication

Restores config from given config history entry (all changes). Sends support ticket if patient is assigned to device, returns config instead.

Example request:

curl --request POST \
    "http://localhost:8000/api/device/1/config/restore/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/device/1/config/restore/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "POST",
    headers,
}).then(response => response.json());

Example response (200, Patient not assigned, returns config):


{
    "common": {
        "gripPairsConfig": [
            1,
            4,
            2,
            3,
            6,
            7,
            9,
            8
        ],
        "controlConfig": [
            0,
            1,
            0,
            0,
            0
        ],
        "emgThresholds": [
            0,
            0,
            0,
            0,
            0,
            0,
            0,
            0,
            0,
            0
        ],
        "interval": [
            100
        ],
        "gripSequentialConfig": [
            1,
            2,
            4,
            3,
            0,
            255,
            6,
            7,
            9,
            8,
            255,
            255
        ]
    },
    "modes": [
        {
            "id": 100,
            "name": "Mode 1",
            "slot": 0,
            "config": {
                "interval": [
                    300
                ],
                "fingerStrength": [
                    1,
                    100
                ],
                "autoGrasp": [
                    0,
                    100
                ],
                "emgSpike": [
                    0,
                    300
                ]
            }
        },
        {
            "id": 101,
            "name": "Mode 2",
            "slot": 1,
            "config": {
                "interval": [
                    400
                ],
                "fingerStrength": [
                    1,
                    100
                ],
                "autoGrasp": [
                    0,
                    100
                ],
                "emgSpike": [
                    0,
                    300
                ]
            }
        },
        {
            "id": 102,
            "name": "Mode 3",
            "slot": 2,
            "config": {
                "interval": [
                    500
                ],
                "fingerStrength": [
                    1,
                    100
                ],
                "autoGrasp": [
                    0,
                    100
                ],
                "emgSpike": [
                    0,
                    300
                ]
            }
        }
    ]
}

Example response (202):


{
    "id": 1,
    "sender_id": 53,
    "recipient_id": 54,
    "device_id": null,
    "meeting_date": "2026-06-02 13:54:53",
    "meeting_type": "online_meeting",
    "contact_email": "kennith06@ohara.com",
    "status": "new",
    "created_at": "2026-06-02T13:54:53.000000Z",
    "updated_at": "2026-06-02T13:54:53.000000Z",
    "sender": {
        "id": 53,
        "mrn": "HCDKM7M41780408492",
        "name": "Mr. Jalon Skiles II",
        "email": "1780408492aurelia.wuckert@example.org",
        "language": "en",
        "phone": "380-272-1530",
        "phone_country": "AE",
        "phone_verified_at": null,
        "address1": "55874 Jessica Cove Suite 737",
        "address2": "South Giovanni, MN 43158-3673",
        "postal_code": "77778",
        "city": "Marquardt-Hahn",
        "country": "DK",
        "clinic_name": "West Magnoliafort",
        "clinic_location": "227 Spinka Lake Apt. 113\nSchmelerside, PA 26093",
        "image": null,
        "mfa_enabled": 0,
        "mfa_method": null,
        "mfa_verified_to": null,
        "location_id": null,
        "created_by": null,
        "active": 1,
        "notifications_timezone": null,
        "notifications_at": null,
        "created_at": "2026-06-02T13:54:52.000000Z",
        "updated_at": "2026-06-02T13:54:52.000000Z",
        "invitation_status": null,
        "acadle_invitation_status": null,
        "roles": []
    },
    "recipient": {
        "id": 54,
        "mrn": "V6FDP2TE1780408493",
        "name": "Prof. Wava Walker DDS",
        "email": "1780408493raynor.brianne@example.org",
        "language": "en",
        "phone": "952-904-1920",
        "phone_country": "GG",
        "phone_verified_at": null,
        "address1": "20080 Crooks Branch Apt. 563",
        "address2": "North Dedrickside, CO 87320",
        "postal_code": "63549-7680",
        "city": "Schowalter, Erdman and Hintz",
        "country": "IT",
        "clinic_name": "Ashtonborough",
        "clinic_location": "7425 Roob Via\nMartineside, IN 76440",
        "image": null,
        "mfa_enabled": 0,
        "mfa_method": null,
        "mfa_verified_to": null,
        "location_id": null,
        "created_by": null,
        "active": 1,
        "notifications_timezone": null,
        "notifications_at": null,
        "created_at": "2026-06-02T13:54:53.000000Z",
        "updated_at": "2026-06-02T13:54:53.000000Z",
        "invitation_status": null,
        "acadle_invitation_status": null,
        "roles": []
    },
    "device": null,
    "messages": [
        {
            "id": 1,
            "ticket_id": 1,
            "sender_id": 55,
            "title": "Mrs.",
            "content": "Voluptatum consequuntur qui totam incidunt earum praesentium.",
            "is_read": false,
            "created_at": "2026-06-02T13:54:54.000000Z",
            "updated_at": "2026-06-02T13:54:54.000000Z"
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to update device config",
    "code": "CONFIG:RESTORE:INSUFFICIENT_PERMISSION"
}

Example response (404, Device not found):


{
    "message": "Device not found",
    "code": "CONFIG:RESTORE:DEVICE_NOT_FOUND"
}

Example response (404, Config history entry not found):


{
    "message": "Config history entry not found",
    "code": "CONFIG:RESTORE:HISTORY_ENTRY_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/device/{deviceId}/config/restore/{configId}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

deviceId integer

Device ID. Example: 1

configId integer

Config history entry ID. Example: 1

Response

Response Fields

id integer

Support ticket ID.

sender_id integer

ID of the user who created the ticket.

recipient_id integer

ID of the recipient user.

device_id integer

Associated device ID.

meeting_date string

Scheduled meeting date.

meeting_type string

Meeting type.

Must be one of:

online
in-person

contact_email string

Contact email address.

status string

Ticket status.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

sender object

User who created the ticket.

recipient object

Recipient user.

device object

Associated device.

messages object[]

Ticket messages.

Restore to factory reset point

requires authentication

Restores config from the device's factory reset point. Sends a support ticket if the patient is assigned to the device. Returns the array that contains:

config - The factory reset config. It might be updated with current config entries when the restored config does not contain a key or its value is false, but the key is available in the current config, has a non-false value, and is required by the config schema.
not_modified - The part of the current config that contains keys which were ignored (because they’re on the ignore list, such as custom grips settings), or were not updated with values from the factory reset config (because the values are the same in both configs, or missing in the factory reset config but present and non-false in the current config). These are included in the config to ensure their values remain unchanged and are not replaced with defaults.
ticket - Support ticket entity, if patient is assigned, null otherwise.

Example request:

curl --request POST \
    "http://localhost:8000/api/device/1/config/restore-factory-reset" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/device/1/config/restore-factory-reset"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "POST",
    headers,
}).then(response => response.json());

Example response (200, OK):


{
    "config": {
        "common": {
            "inputSite": [
                1
            ],
            "generalHandSettings": false,
            "batteryBeep": [
                1,
                0
            ],
            "emgGains": false,
            "autoGrasp": false
        },
        "modes": [
            {
                "id": 1,
                "name": "Mode 0",
                "slot": 0,
                "config": {
                    "gripPairsConfig": false,
                    "emgThresholds": false,
                    "emgSpike": false,
                    "controlMode": false
                }
            },
            {
                "id": 1530,
                "name": "Mode 1",
                "slot": 1,
                "config": {
                    "gripPairsConfig": false,
                    "emgThresholds": false,
                    "emgSpike": false,
                    "controlMode": false
                }
            },
            {
                "id": 1531,
                "name": "Mode 2",
                "slot": 2,
                "config": {
                    "gripPairsConfig": false,
                    "emgThresholds": false,
                    "emgSpike": false,
                    "controlMode": false
                }
            }
        ]
    },
    "not_modified": {
        "common": {
            "inputSite": [
                1
            ],
            "batteryBeep": [
                1,
                0
            ],
            "generalHandSettings": [
                1,
                2,
                3,
                4
            ]
        },
        "modes": [
            {
                "userFeedbackType": false,
                "buzzingVolumeSettings": false
            },
            {
                "userFeedbackType": false,
                "buzzingVolumeSettings": false
            },
            {
                "userFeedbackType": false,
                "buzzingVolumeSettings": false
            }
        ]
    },
    "ticket": {
        "id": 1,
        "sender_id": 1,
        "recipient_id": 2,
        "device_id": 1,
        "meeting_date": "2025-07-22T15:00:00.000000Z",
        "meeting_type": "none",
        "contact_email": null,
        "status": "new",
        "created_at": "2025-07-22T15:00:00.000000Z",
        "updated_at": "2025-07-22T15:00:00.000000Z",
        "messages": [
            {
                "id": 1,
                "ticket_id": 1,
                "sender_id": 1,
                "title": "New config update",
                "content": "",
                "is_read": false,
                "created_at": "2025-07-22T15:00:00.000000Z",
                "updated_at": "2025-07-22T15:00:00.000000Z",
                "attachments": [
                    {
                        "id": 6629,
                        "ticket_id": 12973,
                        "ticket_message_id": 6517,
                        "type": "json",
                        "title": "Current config",
                        "attachment": "{\"common\":{},\"modes\":[{\"id\":1,\"name\":\"Mode 0\",\"slot\":0,\"config\":{}},{\"id\":2,\"name\":\"Mode 1\",\"slot\":1,\"config\":{}},{\"id\":3,\"name\":\"Mode 2\",\"slot\":2,\"config\":{}}]}",
                        "created_at": "2025-07-22T15:00:00.000000Z",
                        "updated_at": "2025-07-22T15:00:00.000000Z"
                    },
                    {
                        "id": 6630,
                        "ticket_id": 12973,
                        "ticket_message_id": 6517,
                        "type": "json",
                        "title": "New config",
                        "attachment": "{\"common\":{},\"modes\":[{\"id\":1,\"name\":\"Mode 0\",\"slot\":0,\"config\":{}},{\"id\":2,\"name\":\"Mode 1\",\"slot\":1,\"config\":{}},{\"id\":3,\"name\":\"Mode 2\",\"slot\":2,\"config\":{}}]}",
                        "created_at": "2025-07-22T15:00:00.000000Z",
                        "updated_at": "2025-07-22T15:00:00.000000Z"
                    }
                ]
            }
        ]
    }
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to update device config",
    "code": "CONFIG:RESTORE_FACTORY_RESET:INSUFFICIENT_PERMISSION"
}

Example response (403, Config history entry not found):


{
    "message": "Config history entry not found",
    "code": "CONFIG:RESTORE_FACTORY_RESET:NO_RESTORE_POINT"
}

Example response (404, Device not found):


{
    "message": "Device not found",
    "code": "CONFIG:RESTORE_FACTORY_RESET:DEVICE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Send test config

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/device/1/config/send" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"description\": \"Fixed problem with grips.\",
    \"p2p_session\": 1,
    \"updateConfig\": false,
    \"common\": \"{\\\"gripPairsConfig\\\": [1, 4, 2, 3, 6, 7, 9, 8], \\\"controlConfig\\\": [0, 1, 0, 0, 0], \\\"gripSequentialConfig\\\": [1, 2, 4, 3, 0, 255, 6, 7, 9, 8, 255, 255]\",
    \"modes\": [
        {
            \"id\": 1,
            \"config\": \"{\\\"gripPairsConfig\\\": [1, 4, 2, 3, 6, 7, 9, 8], \\\"controlConfig\\\": [0, 1, 0, 0, 0], \\\"gripSequentialConfig\\\": [1, 2, 4, 3, 0, 255, 6, 7, 9, 8, 255, 255]\"
        }
    ]
}"

const url = new URL(
    "http://localhost:8000/api/device/1/config/send"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "description": "Fixed problem with grips.",
    "p2p_session": 1,
    "updateConfig": false,
    "common": "{\"gripPairsConfig\": [1, 4, 2, 3, 6, 7, 9, 8], \"controlConfig\": [0, 1, 0, 0, 0], \"gripSequentialConfig\": [1, 2, 4, 3, 0, 255, 6, 7, 9, 8, 255, 255]",
    "modes": [
        {
            "id": 1,
            "config": "{\"gripPairsConfig\": [1, 4, 2, 3, 6, 7, 9, 8], \"controlConfig\": [0, 1, 0, 0, 0], \"gripSequentialConfig\": [1, 2, 4, 3, 0, 255, 6, 7, 9, 8, 255, 255]"
        }
    ]
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (201):


{
    "id": 7,
    "sender_id": 64,
    "recipient_id": 65,
    "device_id": null,
    "meeting_date": "2026-06-02 13:54:58",
    "meeting_type": "online_meeting",
    "contact_email": "harris.gloria@pagac.biz",
    "status": "new",
    "created_at": "2026-06-02T13:54:58.000000Z",
    "updated_at": "2026-06-02T13:54:58.000000Z",
    "sender": {
        "id": 64,
        "mrn": "FZCHU22K1780408497",
        "name": "Eino Reynolds",
        "email": "1780408497craig36@example.net",
        "language": "en",
        "phone": "586-327-9099",
        "phone_country": "SX",
        "phone_verified_at": null,
        "address1": "6459 Milford Green Suite 911",
        "address2": "Kleintown, IN 72019",
        "postal_code": "55991",
        "city": "Flatley-Hartmann",
        "country": "SK",
        "clinic_name": "Nolanshire",
        "clinic_location": "94785 Shany Viaduct Suite 870\nGreenfelderhaven, DE 93012-3797",
        "image": null,
        "mfa_enabled": 0,
        "mfa_method": null,
        "mfa_verified_to": null,
        "location_id": null,
        "created_by": null,
        "active": 1,
        "notifications_timezone": null,
        "notifications_at": null,
        "created_at": "2026-06-02T13:54:57.000000Z",
        "updated_at": "2026-06-02T13:54:57.000000Z",
        "invitation_status": null,
        "acadle_invitation_status": null,
        "roles": []
    },
    "recipient": {
        "id": 65,
        "mrn": "JM5VFFBF1780408498",
        "name": "Adele Yost II",
        "email": "1780408498kschaden@example.net",
        "language": "en",
        "phone": "1-856-364-9358",
        "phone_country": "IR",
        "phone_verified_at": null,
        "address1": "8485 Tremblay Road",
        "address2": "New Eulalia, PA 68398-3270",
        "postal_code": "67366",
        "city": "Miller, Ullrich and Kassulke",
        "country": "BG",
        "clinic_name": "South Americo",
        "clinic_location": "18803 DuBuque Flat\nAufderharside, VA 07209-2778",
        "image": null,
        "mfa_enabled": 0,
        "mfa_method": null,
        "mfa_verified_to": null,
        "location_id": null,
        "created_by": null,
        "active": 1,
        "notifications_timezone": null,
        "notifications_at": null,
        "created_at": "2026-06-02T13:54:58.000000Z",
        "updated_at": "2026-06-02T13:54:58.000000Z",
        "invitation_status": null,
        "acadle_invitation_status": null,
        "roles": []
    },
    "device": null,
    "messages": [
        {
            "id": 4,
            "ticket_id": 7,
            "sender_id": 66,
            "title": "Ms.",
            "content": "Est veritatis recusandae dignissimos illum.",
            "is_read": false,
            "created_at": "2026-06-02T13:54:59.000000Z",
            "updated_at": "2026-06-02T13:54:59.000000Z"
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to update device config",
    "code": "CONFIG:SEND:INSUFFICIENT_PERMISSION"
}

Example response (404, Device not found):


{
    "message": "Device not found",
    "code": "CONFIG:SEND:DEVICE_NOT_FOUND"
}

Example response (422, Device does not have an amputee assigned):


{
    "message": "Device does not have an amputee assigned",
    "code": "CONFIG:SEND:NO_PATIENT"
}

Example response (422, Invalid P2P session):


{
    "message": "Invalid P2P session",
    "code": "CONFIG:SEND:INVALID_P2P_SESSION"
}

Example response (422, Invalid config):


{
    "message": "Config has some problems and cannot be saved.",
    "errors": {
        "modes": {
            "mode_3": "Config mode 3 does not belong to device 12."
        },
        "values": {
            "common.inputSite": "Invalid value [\"11\"] for key inputSite - contains string values.",
            "common.gripsPositions.1.initial": "Invalid value [200,\"100\",\"100\",\"100\",\"100\"] for key gripsPositions.1.initial - contains string values.",
            "mode_1.inputSite": "Invalid value [\"11\"] for key inputSite - contains string values.",
            "mode_1.gripsPositions.0.initial": "Invalid value [\"200\",\"100\",\"100\",\"100\",\"100\"] for key gripsPositions.1.initial - contains string values."
        }
    },
    "code": "CONFIG:SEND:INVALID_CONFIG"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/device/{deviceId}/config/send

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

deviceId integer

Device ID. Example: 1

Body Parameters

description string optional

Config description to add in message notification. Example: Fixed problem with grips.

p2p_session integer optional

P2P Session ID. If config was prepared during P2P session, pass its ID, if not, pass null. The id of an existing record in the App\Models\P2PSession table. Example: 1

updateConfig boolean optional true false

Determines if device config should be updated. Example: false

common string optional

modes object[] optional

id string optional

Config mode ID. The id of an existing record in the App\Models\ConfigMode table. Example: 1

config string optional

Response

Response Fields

id integer

Support ticket ID.

sender_id integer

ID of the user who created the ticket.

recipient_id integer

ID of the recipient user.

device_id integer

Associated device ID.

meeting_date string

Scheduled meeting date.

meeting_type string

Meeting type.

Must be one of:

online
in-person

contact_email string

Contact email address.

status string

Ticket status.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

sender object

User who created the ticket.

recipient object

Recipient user.

device object

Associated device.

messages object[]

Ticket messages.

Convert config

requires authentication

Convert config JSON to match given Firmware Version. Keys are moved between common config and modes.

Example request:

curl --request POST \
    "http://localhost:8000/api/config/convert" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"config\": \"[\\\"dolorem\\\",\\\"unde\\\"]\",
    \"firmware\": 1
}"

const url = new URL(
    "http://localhost:8000/api/config/convert"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "config": "[\"dolorem\",\"unde\"]",
    "firmware": 1
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (200, OK):


{
    "common": {
        "gripPairsConfig": [
            1,
            4,
            2,
            3,
            6,
            7,
            9,
            8
        ],
        "controlConfig": [
            0,
            1,
            0,
            0,
            0
        ],
        "emgThresholds": [
            0,
            0,
            0,
            0,
            0,
            0,
            0,
            0,
            0,
            0
        ],
        "interval": [
            100
        ],
        "gripSequentialConfig": [
            1,
            2,
            4,
            3,
            0,
            255,
            6,
            7,
            9,
            8,
            255,
            255
        ]
    },
    "modes": [
        {
            "id": 100,
            "name": "Mode 1",
            "slot": 0,
            "config": {
                "interval": [
                    300
                ],
                "fingerStrength": [
                    1,
                    100
                ],
                "autoGrasp": [
                    0,
                    100
                ],
                "emgSpike": [
                    0,
                    300
                ]
            }
        },
        {
            "id": 101,
            "name": "Mode 2",
            "slot": 1,
            "config": {
                "interval": [
                    400
                ],
                "fingerStrength": [
                    1,
                    100
                ],
                "autoGrasp": [
                    0,
                    100
                ],
                "emgSpike": [
                    0,
                    300
                ]
            }
        },
        {
            "id": 102,
            "name": "Mode 3",
            "slot": 2,
            "config": {
                "interval": [
                    500
                ],
                "fingerStrength": [
                    1,
                    100
                ],
                "autoGrasp": [
                    0,
                    100
                ],
                "emgSpike": [
                    0,
                    300
                ]
            }
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to update device config",
    "code": "CONFIG:CONVERT:INSUFFICIENT_PERMISSION"
}

Example response (404, Firmware version not found):


{
    "message": "Firmware version not found",
    "code": "CONFIG:CONVERT:FIRMWARE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/config/convert

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

config string

Full config JSON. MUST_BE_JSON. Example: ["dolorem","unde"]

firmware string

Firmware Version ID to which config should be adjusted. The id of an existing record in the App\Models\FirmwareVersion table. Example: 1

Config Demo

API endpoints for managing config demos

List config demos

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/device/1/config/demos?accepted=7" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/device/1/config/demos"
);

const params = {
    "accepted": "7",
};
Object.keys(params)
    .forEach(key => url.searchParams.append(key, params[key]));

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 1,
            "user_id": null,
            "device_id": 72,
            "message_id": 8,
            "config": "Enim dolore ut repudiandae quas a qui odit.",
            "is_accepted": 1,
            "notes": "Similique earum quod magnam magnam dolores maiores vitae.",
            "created_at": "2026-06-02T13:55:08.000000Z",
            "updated_at": "2026-06-02T13:55:08.000000Z",
            "message": {
                "id": 8,
                "ticket_id": 15,
                "sender_id": 87,
                "title": "Prof.",
                "content": "Eius dignissimos nesciunt quo aperiam odio nulla ullam.",
                "is_read": false,
                "created_at": "2026-06-02T13:55:08.000000Z",
                "updated_at": "2026-06-02T13:55:08.000000Z"
            }
        },
        {
            "id": 2,
            "user_id": null,
            "device_id": 73,
            "message_id": 10,
            "config": "Autem aliquid repellat fuga at maiores earum.",
            "is_accepted": 0,
            "notes": "Reprehenderit dolores et vitae ex et et inventore.",
            "created_at": "2026-06-02T13:55:10.000000Z",
            "updated_at": "2026-06-02T13:55:10.000000Z",
            "message": {
                "id": 10,
                "ticket_id": 18,
                "sender_id": 92,
                "title": "Dr.",
                "content": "Et aut id adipisci quo consequatur aperiam officiis.",
                "is_read": false,
                "created_at": "2026-06-02T13:55:10.000000Z",
                "updated_at": "2026-06-02T13:55:10.000000Z"
            }
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to access config demos",
    "code": "CONFIG_DEMO:LIST:INSUFFICIENT_PERMISSION"
}

Example response (404, Device not found):


{
    "message": "Device not found",
    "code": "CONFIG_DEMO:LIST:DEVICE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/device/{deviceId}/config/demos

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

deviceId integer

Device ID. Example: 1

Query Parameters

accepted integer optional

Filter config demos by accepted status. If not specified, all entries will be returned. Pass -1 to get entries not accepted or rejected yet. The value must be one of -1, 0 or 1. Example: 7

perpage integer optional

Elements per page (Default: 20).

page integer optional

Page number (Default: 1).

extend string optional

Comma-separated list of relation extensions (available: message, message.ticket, message.attachments).

Update config demo

requires authentication

Example request:

curl --request PUT \
    "http://localhost:8000/api/device/1/config/demos/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"is_accepted\": false,
    \"notes\": \"Something is still not working\"
}"

const url = new URL(
    "http://localhost:8000/api/device/1/config/demos/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "is_accepted": false,
    "notes": "Something is still not working"
};

fetch(url, {
    method: "PUT",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (202):


{
    "id": 3,
    "user_id": null,
    "device_id": 74,
    "message_id": 11,
    "config": "Molestias impedit id eveniet harum.",
    "is_accepted": 1,
    "notes": "Eum sunt illum quasi eius sapiente sed.",
    "created_at": "2026-06-02T13:55:12.000000Z",
    "updated_at": "2026-06-02T13:55:12.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to access config demos",
    "code": "CONFIG_DEMO:UPDATE:INSUFFICIENT_PERMISSION"
}

Example response (404, Device not found):


{
    "message": "Device not found",
    "code": "CONFIG_DEMO:UPDATE:DEVICE_NOT_FOUND"
}

Example response (404, Config demo not found):


{
    "message": "Config demo not found",
    "code": "CONFIG_DEMO:UPDATE:DEMO_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

PUT api/device/{deviceId}/config/demos/{demoId}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

deviceId integer

Device ID. Example: 1

demoId integer

Config demo ID. Example: 1

Body Parameters

is_accepted boolean optional true false

Determines if demo config was accepted by patient. Example: false

notes string optional

Patient notes about tested config. Example: Something is still not working

Config Modes

API endpoints for managing config modes

List config modes

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/device/1/config-modes" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/device/1/config-modes"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


[
    {
        "id": 72,
        "device_id": 103,
        "slot": null,
        "name": "Aut minima quo quia ipsa beatae sed.",
        "active": 1,
        "created_at": "2026-06-02T13:55:16.000000Z",
        "updated_at": "2026-06-02T13:55:16.000000Z",
        "device": {
            "id": 103,
            "serial": "e05873f7-cdf7-3412-a955-ea8e4d04121a",
            "bluetooth_id": "836dbf00-a16c-3cf6-9eb8-c3eba678c4c9",
            "company_id": null,
            "model_id": null,
            "amputee_id": 105,
            "clinician_id": null,
            "firmware_version_id": null,
            "pcb_version_id": null,
            "reverse_magnets": 0,
            "is_electrode": 0,
            "active": 1,
            "last_activity_at": "0000-00-00 00:00:00",
            "created_at": "2026-06-02T13:55:16.000000Z",
            "updated_at": "2026-06-02T13:55:16.000000Z",
            "amputee": {
                "id": 105,
                "mrn": "3JTXY6AX1780408516",
                "name": "Breana Schroeder",
                "email": "1780408516ncrona@example.com",
                "language": "en",
                "phone": "860-581-4853",
                "phone_country": "PN",
                "phone_verified_at": null,
                "address1": "55482 Faye Mountains Suite 105",
                "address2": "Lake Lonfurt, ID 59534-9395",
                "postal_code": "53783",
                "city": "Gutkowski-McClure",
                "country": "BG",
                "clinic_name": "North Vella",
                "clinic_location": "63806 Simeon Prairie\nPort Chasitymouth, AZ 07537",
                "image": null,
                "mfa_enabled": 0,
                "mfa_method": null,
                "mfa_verified_to": null,
                "location_id": null,
                "created_by": null,
                "active": 1,
                "notifications_timezone": null,
                "notifications_at": null,
                "created_at": "2026-06-02T13:55:16.000000Z",
                "updated_at": "2026-06-02T13:55:16.000000Z",
                "invitation_status": null,
                "acadle_invitation_status": null,
                "roles": []
            }
        }
    },
    {
        "id": 73,
        "device_id": 105,
        "slot": null,
        "name": "Laboriosam esse praesentium tenetur.",
        "active": 0,
        "created_at": "2026-06-02T13:55:17.000000Z",
        "updated_at": "2026-06-02T13:55:17.000000Z",
        "config": {}
    }
]

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to list config modes",
    "code": "CONFIG_MODES:LIST:INSUFFICIENT_PERMISSION"
}

Example response (404, Device not found):


{
    "message": "Device not found",
    "code": "CONFIG_MODES:LIST:DEVICE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Response

Response Fields

id integer

Config mode ID.

device_id integer

Associated device ID.

slot integer

Mode slot index (0, 1 or 2).

name string

Mode name.

active boolean

Whether the mode is active.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Get config mode

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/device/1/config-modes/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/device/1/config-modes/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "id": 74,
    "device_id": 106,
    "slot": null,
    "name": "Et culpa recusandae aut et dolorem voluptas praesentium.",
    "active": 1,
    "created_at": "2026-06-02T13:55:17.000000Z",
    "updated_at": "2026-06-02T13:55:17.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to list config modes",
    "code": "CONFIG_MODES:GET:INSUFFICIENT_PERMISSION"
}

Example response (404, Device not found):


{
    "message": "Device not found",
    "code": "CONFIG_MODES:GET:DEVICE_NOT_FOUND"
}

Example response (404, Config mode not found):


{
    "message": "Config mode not found",
    "code": "CONFIG_MODES:GET:MODE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/device/{deviceId}/config-modes/{modeId}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

deviceId integer

Device ID. Example: 1

modeId integer

Config mode ID. Example: 1

Response

Response Fields

id integer

Config mode ID.

device_id integer

Associated device ID.

slot integer

Mode slot index (0, 1 or 2).

name string

Mode name.

active boolean

Whether the mode is active.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Create config mode

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/device/1/config-modes" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"slot\": 0,
    \"name\": \"Sport mode\",
    \"active\": true
}"

const url = new URL(
    "http://localhost:8000/api/device/1/config-modes"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "slot": 0,
    "name": "Sport mode",
    "active": true
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (201):


{
    "id": 75,
    "device_id": 107,
    "slot": null,
    "name": "Non autem reiciendis reprehenderit in laboriosam delectus quaerat.",
    "active": 1,
    "created_at": "2026-06-02T13:55:17.000000Z",
    "updated_at": "2026-06-02T13:55:17.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to create config modes",
    "code": "CONFIG_MODES:CREATE:INSUFFICIENT_PERMISSION"
}

Example response (404, Device not found):


{
    "message": "Device not found",
    "code": "CONFIG_MODES:CREATE:DEVICE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/device/{deviceId}/config-modes

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

deviceId integer

Device ID. Example: 1

Body Parameters

slot integer optional

Mode index on device. Example: 0

Must be one of:

name string

Name of mode. Example: Sport mode

active boolean optional true false

Active status. Default: 1. Example: true

Response

Response Fields

id integer

Config mode ID.

device_id integer

Associated device ID.

slot integer

Mode slot index (0, 1 or 2).

name string

Mode name.

active boolean

Whether the mode is active.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Update config mode

requires authentication

Example request:

curl --request PUT \
    "http://localhost:8000/api/device/1/config-modes/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"slot\": 0,
    \"name\": \"Sport mode\",
    \"active\": true
}"

const url = new URL(
    "http://localhost:8000/api/device/1/config-modes/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "slot": 0,
    "name": "Sport mode",
    "active": true
};

fetch(url, {
    method: "PUT",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (202):


{
    "id": 76,
    "device_id": 108,
    "slot": null,
    "name": "Nisi ducimus incidunt eaque quasi eaque.",
    "active": 0,
    "created_at": "2026-06-02T13:55:17.000000Z",
    "updated_at": "2026-06-02T13:55:17.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to update config mode",
    "code": "CONFIG_MODES:UPDATE:INSUFFICIENT_PERMISSION"
}

Example response (404, Device not found):


{
    "message": "Device not found",
    "code": "CONFIG_MODES:UPDATE:DEVICE_NOT_FOUND"
}

Example response (404, Config mode not found):


{
    "message": "Config mode not found",
    "code": "CONFIG_MODES:UPDATE:MODE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

PUT api/device/{deviceId}/config-modes/{modeId}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

deviceId integer

Device ID. Example: 1

modeId integer

Config mode ID. Example: 1

Body Parameters

slot integer optional

Mode index on device. Example: 0

Must be one of:

name string optional

Name of mode. Example: Sport mode

active boolean optional true false

Active status. Default: 1. Example: true

Response

Response Fields

id integer

Config mode ID.

device_id integer

Associated device ID.

slot integer

Mode slot index (0, 1 or 2).

name string

Mode name.

active boolean

Whether the mode is active.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Copy device config from template

requires authentication

Copy config template into selected config mode. Sends support ticket if patient is assigned to device, returns config instead.

Example request:

curl --request POST \
    "http://localhost:8000/api/device/1/config-modes/1/from-template/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/device/1/config-modes/1/from-template/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "POST",
    headers,
}).then(response => response.json());

Example response (200, Patient not assigned, returns config):


{
    "common": {
        "gripPairsConfig": [
            1,
            4,
            2,
            3,
            6,
            7,
            9,
            8
        ],
        "controlConfig": [
            0,
            1,
            0,
            0,
            0
        ],
        "emgThresholds": [
            0,
            0,
            0,
            0,
            0,
            0,
            0,
            0,
            0,
            0
        ],
        "interval": [
            100
        ],
        "gripSequentialConfig": [
            1,
            2,
            4,
            3,
            0,
            255,
            6,
            7,
            9,
            8,
            255,
            255
        ]
    },
    "modes": [
        {
            "id": 100,
            "name": "Mode 1",
            "slot": 0,
            "config": {
                "interval": [
                    300
                ],
                "fingerStrength": [
                    1,
                    100
                ],
                "autoGrasp": [
                    0,
                    100
                ],
                "emgSpike": [
                    0,
                    300
                ]
            }
        },
        {
            "id": 101,
            "name": "Mode 2",
            "slot": 1,
            "config": {
                "interval": [
                    400
                ],
                "fingerStrength": [
                    1,
                    100
                ],
                "autoGrasp": [
                    0,
                    100
                ],
                "emgSpike": [
                    0,
                    300
                ]
            }
        },
        {
            "id": 102,
            "name": "Mode 3",
            "slot": 2,
            "config": {
                "interval": [
                    500
                ],
                "fingerStrength": [
                    1,
                    100
                ],
                "autoGrasp": [
                    0,
                    100
                ],
                "emgSpike": [
                    0,
                    300
                ]
            }
        }
    ]
}

Example response (202):


{
    "id": 21,
    "sender_id": 107,
    "recipient_id": 108,
    "device_id": null,
    "meeting_date": "2026-06-02 13:55:17",
    "meeting_type": "online_meeting",
    "contact_email": "aurore.metz@gulgowski.org",
    "status": "new",
    "created_at": "2026-06-02T13:55:18.000000Z",
    "updated_at": "2026-06-02T13:55:18.000000Z",
    "sender": {
        "id": 107,
        "mrn": "8KXTS6WX1780408517",
        "name": "Miss Mercedes Walsh",
        "email": "1780408517ahaley@example.net",
        "language": "en",
        "phone": "+1.989.989.5622",
        "phone_country": "TT",
        "phone_verified_at": null,
        "address1": "4786 Effertz Lock Suite 471",
        "address2": "Nicolasberg, OK 24857-1806",
        "postal_code": "77225",
        "city": "McLaughlin-Dickinson",
        "country": "IT",
        "clinic_name": "Beerhaven",
        "clinic_location": "355 Predovic Neck\nNorth Myrna, SC 12205",
        "image": null,
        "mfa_enabled": 0,
        "mfa_method": null,
        "mfa_verified_to": null,
        "location_id": null,
        "created_by": null,
        "active": 1,
        "notifications_timezone": null,
        "notifications_at": null,
        "created_at": "2026-06-02T13:55:17.000000Z",
        "updated_at": "2026-06-02T13:55:17.000000Z",
        "invitation_status": null,
        "acadle_invitation_status": null,
        "roles": []
    },
    "recipient": {
        "id": 108,
        "mrn": "MWG5TSUH1780408517",
        "name": "Dr. Lempi McKenzie IV",
        "email": "1780408517aspinka@example.org",
        "language": "en",
        "phone": "+1.283.550.1094",
        "phone_country": "SH",
        "phone_verified_at": null,
        "address1": "9358 Bethel Creek",
        "address2": "Shieldsview, CO 50778",
        "postal_code": "12701",
        "city": "Heller-Johns",
        "country": "LV",
        "clinic_name": "West Pierreburgh",
        "clinic_location": "115 Davis Plains\nJulietfort, WV 86202-9083",
        "image": null,
        "mfa_enabled": 0,
        "mfa_method": null,
        "mfa_verified_to": null,
        "location_id": null,
        "created_by": null,
        "active": 1,
        "notifications_timezone": null,
        "notifications_at": null,
        "created_at": "2026-06-02T13:55:17.000000Z",
        "updated_at": "2026-06-02T13:55:17.000000Z",
        "invitation_status": null,
        "acadle_invitation_status": null,
        "roles": []
    },
    "device": null,
    "messages": [
        {
            "id": 12,
            "ticket_id": 21,
            "sender_id": 109,
            "title": "Dr.",
            "content": "Perferendis quae est tenetur quam rerum ipsum distinctio.",
            "is_read": false,
            "created_at": "2026-06-02T13:55:19.000000Z",
            "updated_at": "2026-06-02T13:55:19.000000Z"
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to update config mode",
    "code": "CONFIG_MODES:COPY_TEMPLATE:INSUFFICIENT_PERMISSION"
}

Example response (404, Device not found):


{
    "message": "Device not found",
    "code": "CONFIG_MODES:COPY_TEMPLATE:DEVICE_NOT_FOUND"
}

Example response (404, Config mode not found):


{
    "message": "Config mode not found",
    "code": "CONFIG_MODES:COPY_TEMPLATE:MODE_NOT_FOUND"
}

Example response (404, Config template not found):


{
    "message": "Config template not found",
    "code": "CONFIG_MODES:COPY_TEMPLATE:TEMPLATE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/device/{deviceId}/config-modes/{modeId}/from-template/{templateId}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

deviceId integer

Device ID. Example: 1

modeId integer

Config mode ID. Example: 1

templateId integer

Config template ID. Example: 1

Response

Response Fields

id integer

Support ticket ID.

sender_id integer

ID of the user who created the ticket.

recipient_id integer

ID of the recipient user.

device_id integer

Associated device ID.

meeting_date string

Scheduled meeting date.

meeting_type string

Meeting type.

Must be one of:

online
in-person

contact_email string

Contact email address.

status string

Ticket status.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

sender object

User who created the ticket.

recipient object

Recipient user.

device object

Associated device.

messages object[]

Ticket messages.

Config Notes

API endpoints for config history notes

Get config entry notes list

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/device/1/config/1/notes?user=1&type=public" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/device/1/config/1/notes"
);

const params = {
    "user": "1",
    "type": "public",
};
Object.keys(params)
    .forEach(key => url.searchParams.append(key, params[key]));

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 1,
            "config_history_id": 7,
            "user_id": 76,
            "note": "Quam labore ea ratione qui.",
            "type": "public",
            "created_at": "2026-06-02T13:55:03.000000Z",
            "updated_at": "2026-06-02T13:55:03.000000Z",
            "author": {
                "id": 76,
                "mrn": "2GXE2KM21780408503",
                "name": "Jarret Satterfield",
                "email": "1780408503mikayla43@example.net",
                "language": "en",
                "phone": "(541) 890-2843",
                "phone_country": "ME",
                "phone_verified_at": null,
                "address1": "7451 Bins Heights Apt. 081",
                "address2": "North Abdiel, NJ 90531",
                "postal_code": "06349",
                "city": "Thompson Group",
                "country": "HR",
                "clinic_name": "Libbyborough",
                "clinic_location": "592 Kovacek Rest Apt. 017\nWest Stantonport, NH 68038-7304",
                "image": null,
                "mfa_enabled": 0,
                "mfa_method": null,
                "mfa_verified_to": null,
                "location_id": null,
                "created_by": null,
                "active": 1,
                "notifications_timezone": null,
                "notifications_at": null,
                "created_at": "2026-06-02T13:55:03.000000Z",
                "updated_at": "2026-06-02T13:55:03.000000Z",
                "invitation_status": null,
                "acadle_invitation_status": null,
                "roles": []
            }
        },
        {
            "id": 2,
            "config_history_id": 8,
            "user_id": 78,
            "note": "Et hic illum sit perferendis ullam.",
            "type": "public",
            "created_at": "2026-06-02T13:55:04.000000Z",
            "updated_at": "2026-06-02T13:55:04.000000Z",
            "author": {
                "id": 78,
                "mrn": "RKNNUL3C1780408504",
                "name": "Austyn Lesch",
                "email": "1780408504wilford.fisher@example.com",
                "language": "en",
                "phone": "1-281-572-2452",
                "phone_country": "AG",
                "phone_verified_at": null,
                "address1": "556 Lesly Stream",
                "address2": "Beaumouth, MO 22720-2339",
                "postal_code": "03855",
                "city": "Hessel-Lesch",
                "country": "SK",
                "clinic_name": "North Eudoratown",
                "clinic_location": "84050 Brycen Keys Suite 792\nNorth June, WI 36480-6705",
                "image": null,
                "mfa_enabled": 0,
                "mfa_method": null,
                "mfa_verified_to": null,
                "location_id": null,
                "created_by": null,
                "active": 1,
                "notifications_timezone": null,
                "notifications_at": null,
                "created_at": "2026-06-02T13:55:04.000000Z",
                "updated_at": "2026-06-02T13:55:04.000000Z",
                "invitation_status": null,
                "acadle_invitation_status": null,
                "roles": []
            }
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to access config notes",
    "code": "CONFIG_NOTES:LIST:INSUFFICIENT_PERMISSION"
}

Example response (404, Device not found):


{
    "message": "Device not found",
    "code": "CONFIG_NOTES:LIST:DEVICE_NOT_FOUND"
}

Example response (404, Config history entry not found):


{
    "message": "Config history entry not found",
    "code": "CONFIG_NOTES:LIST:HISTORY_ENTRY_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/device/{deviceId}/config/{configId}/notes

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

deviceId integer

Device ID. Example: 1

configId integer

Config history entry ID. Example: 1

Query Parameters

user integer optional

Filter notes by user. Example: 1

type string optional

Filter notes by type (available: public and private) Example: public

perpage integer optional

Elements per page (Default: 20).

page integer optional

Page number (Default: 1).

extend string optional

Comma-separated list of relation extensions (available: author).

sortby string optional

Sort by field (available: date). Default: date, desc.

sortdir string optional

Sort direction (available: asc, desc).

Response

Response Fields

items object

id integer

Note ID.

config_history_id integer

Associated config history entry ID.

user_id integer

ID of the user who wrote the note.

note string

Note content.

type string

Note visibility.

Must be one of:

public
private

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

author object

User who wrote the note.

paginator object

total integer

Total number of items.

count integer

Number of items on current page.

perpage integer

Items per page.

current_page integer

Current page number.

last_page integer

Last page number.

Get config entry note

requires authentication

Returns single config history entry note in response.

Example request:

curl --request GET \
    --get "http://localhost:8000/api/device/1/config/1/notes/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/device/1/config/1/notes/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "id": 3,
    "config_history_id": 9,
    "user_id": 80,
    "note": "Commodi aut velit possimus in perspiciatis perferendis nihil.",
    "type": "public",
    "created_at": "2026-06-02T13:55:05.000000Z",
    "updated_at": "2026-06-02T13:55:05.000000Z",
    "author": {
        "id": 80,
        "mrn": "EPKEL9H91780408504",
        "name": "Cali Legros DDS",
        "email": "1780408504krajcik.nicolette@example.net",
        "language": "en",
        "phone": "(747) 584-0971",
        "phone_country": "BG",
        "phone_verified_at": null,
        "address1": "4432 Cornelius Oval Suite 617",
        "address2": "Effertzmouth, HI 20534-3526",
        "postal_code": "86063-0463",
        "city": "Braun Group",
        "country": "PT",
        "clinic_name": "West Flossie",
        "clinic_location": "71588 Walter Summit Suite 339\nNew Graciela, NM 13554",
        "image": null,
        "mfa_enabled": 0,
        "mfa_method": null,
        "mfa_verified_to": null,
        "location_id": null,
        "created_by": null,
        "active": 1,
        "notifications_timezone": null,
        "notifications_at": null,
        "created_at": "2026-06-02T13:55:04.000000Z",
        "updated_at": "2026-06-02T13:55:04.000000Z",
        "invitation_status": null,
        "acadle_invitation_status": null,
        "roles": []
    }
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to access config notes",
    "code": "CONFIG_NOTES:GET_ENTRY:INSUFFICIENT_PERMISSION"
}

Example response (404, Device not found):


{
    "message": "Device not found",
    "code": "CONFIG_NOTES:GET_ENTRY:DEVICE_NOT_FOUND"
}

Example response (404, Config history entry not found):


{
    "message": "Config history entry not found",
    "code": "CONFIG_NOTES:GET_ENTRY:HISTORY_ENTRY_NOT_FOUND"
}

Example response (404, Config history note not found):


{
    "message": "Config history note not found",
    "code": "CONFIG_NOTES:GET_ENTRY:HISTORY_NOTE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/device/{deviceId}/config/{configId}/notes/{noteId}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

deviceId integer

Device ID. Example: 1

configId integer

Config history entry ID. Example: 1

noteId integer

Device config entry note ID. Example: 1

Query Parameters

extend string optional

Comma-separated list of relation extensions (available: author).

Response

Response Fields

id integer

Note ID.

config_history_id integer

Associated config history entry ID.

user_id integer

ID of the user who wrote the note.

note string

Note content.

type string

Note visibility.

Must be one of:

public
private

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

author object

User who wrote the note.

Create config entry note

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/device/1/config/1/notes" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"note\": \"Blanditiis nostrum aperiam nulla facilis magni.\",
    \"type\": \"public\"
}"

const url = new URL(
    "http://localhost:8000/api/device/1/config/1/notes"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "note": "Blanditiis nostrum aperiam nulla facilis magni.",
    "type": "public"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (200):


{
    "id": 4,
    "config_history_id": 10,
    "user_id": 82,
    "note": "Corporis qui facere eum.",
    "type": "public",
    "created_at": "2026-06-02T13:55:06.000000Z",
    "updated_at": "2026-06-02T13:55:06.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to add config notes",
    "code": "CONFIG_NOTES:CREATE:INSUFFICIENT_PERMISSION"
}

Example response (404, Device not found):


{
    "message": "Device not found",
    "code": "CONFIG_NOTES:CREATE:DEVICE_NOT_FOUND"
}

Example response (404, Config history entry not found):


{
    "message": "Config history entry not found",
    "code": "CONFIG_NOTES:CREATE:HISTORY_ENTRY_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/device/{deviceId}/config/{configId}/notes

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

deviceId integer

Device ID. Example: 1

configId integer

Config history entry ID. Example: 1

Body Parameters

note string optional

Note text. Example: Blanditiis nostrum aperiam nulla facilis magni.

type string optional

Type of the note. Default: public. Example: public

Must be one of:

public
private

Response

Response Fields

id integer

Note ID.

config_history_id integer

Associated config history entry ID.

user_id integer

ID of the user who wrote the note.

note string

Note content.

type string

Note visibility.

Must be one of:

public
private

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

author object

User who wrote the note.

Delete config note

requires authentication

Example request:

curl --request DELETE \
    "http://localhost:8000/api/device/1/config/1/notes/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/device/1/config/1/notes/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "DELETE",
    headers,
}).then(response => response.json());

Example response (202, OK):


{
    "message": "Config history note deleted",
    "code": "CONFIG_NOTES:DELETE:DELETED"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to delete config notes",
    "code": "CONFIG_NOTES:DELETE:INSUFFICIENT_PERMISSION"
}

Example response (404, Device not found):


{
    "message": "Device not found",
    "code": "CONFIG_NOTES:DELETE:DEVICE_NOT_FOUND"
}

Example response (404, Config history entry not found):


{
    "message": "Config history entry not found",
    "code": "CONFIG_NOTES:DELETE:HISTORY_ENTRY_NOT_FOUND"
}

Example response (404, Config history note not found):


{
    "message": "Config history note not found",
    "code": "CONFIG_NOTES:DELETE:HISTORY_NOTE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

DELETE api/device/{deviceId}/config/{configId}/notes/{noteId}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

deviceId integer

Device ID. Example: 1

configId integer

Config history entry ID. Example: 1

noteId integer

Device config entry note ID. Example: 1

Config Schema

API endpoints for config schema management

Get config schema

requires authentication

Returns list of config schema entries for given firmware version.

Example request:

curl --request GET \
    --get "http://localhost:8000/api/versions/firmware/1/schema?filter=modes" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/versions/firmware/1/schema"
);

const params = {
    "filter": "modes",
};
Object.keys(params)
    .forEach(key => url.searchParams.append(key, params[key]));

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


[
    {
        "id": 1,
        "firmware_id": 7,
        "key": "molestiae",
        "is_common": 1,
        "created_at": "2026-06-02T13:56:22.000000Z",
        "updated_at": "2026-06-02T13:56:22.000000Z"
    },
    {
        "id": 2,
        "firmware_id": 9,
        "key": "impedit",
        "is_common": 0,
        "created_at": "2026-06-02T13:56:22.000000Z",
        "updated_at": "2026-06-02T13:56:22.000000Z"
    }
]

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to view config schema",
    "code": "CONFIG_SCHEMA:GET:INSUFFICIENT_PERMISSION"
}

Example response (404, Firmware version not found):


{
    "message": "Firmware version not found",
    "code": "CONFIG_SCHEMA:GET:FIRMWARE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/versions/firmware/{firmwareId}/schema

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

firmwareId integer

Firmware version ID. Example: 1

Query Parameters

filter string optional

Filter entries by type (available: common, modes). By default all entries all returned. Example: modes

Response

Response Fields

id integer

Config schema ID.

firmware_id integer

Associated firmware version ID.

key string

Config schema key.

is_common boolean

Whether this key is shared across all modes.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

firmware object

Associated firmware version.

Add config schema

requires authentication

Add one or many config schema entries. Each entry is one key in config. Body of this request is simple array of objects:


            [
                {"key": "key_name", "is_common": 1},
                {"key": "another_name", "is_common": 0},
                ...
            ]

Example request:

curl --request POST \
    "http://localhost:8000/api/versions/firmware/sed/schema" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "[
    {
        \"key\": \"gripsPosition.0.initial\",
        \"is_common\": 1
    }
]"

const url = new URL(
    "http://localhost:8000/api/versions/firmware/sed/schema"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = [
    {
        "key": "gripsPosition.0.initial",
        "is_common": 1
    }
];

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (200):


[
    {
        "id": 3,
        "firmware_id": 11,
        "key": "aliquid",
        "is_common": 0,
        "created_at": "2026-06-02T13:56:22.000000Z",
        "updated_at": "2026-06-02T13:56:22.000000Z"
    },
    {
        "id": 4,
        "firmware_id": 13,
        "key": "aliquid",
        "is_common": 0,
        "created_at": "2026-06-02T13:56:22.000000Z",
        "updated_at": "2026-06-02T13:56:22.000000Z"
    }
]

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage config schema",
    "code": "CONFIG_SCHEMA:ADD:INSUFFICIENT_PERMISSION"
}

Example response (404, Firmware version not found):


{
    "message": "Firmware version not found",
    "code": "CONFIG_SCHEMA:ADD:FIRMWARE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/versions/firmware/{firmwareId}/schema

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

firmwareId string

Example: sed

Body Parameters

The request body is an array (object[]`). Each item has the following properties:

key string optional

Config key. Example: gripsPosition.0.initial

is_common integer optional

Information if the key belongs to common config (1) or to modes (0). Default: 1. Example: 1

Response

Response Fields

id integer

Config schema ID.

firmware_id integer

Associated firmware version ID.

key string

Config schema key.

is_common boolean

Whether this key is shared across all modes.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

firmware object

Associated firmware version.

Delete config schema

requires authentication

Example request:

curl --request DELETE \
    "http://localhost:8000/api/versions/firmware/1/schema/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/versions/firmware/1/schema/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "DELETE",
    headers,
}).then(response => response.json());

Example response (202, OK):


{
    "message": "Config schema entry deleted",
    "code": "CONFIG_SCHEMA:DELETE:DELETED"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage config schema",
    "code": "CONFIG_SCHEMA:DELETE:INSUFFICIENT_PERMISSION"
}

Example response (404, Firmware version not found):


{
    "message": "Firmware version not found",
    "code": "CONFIG_SCHEMA:DELETE:FIRMWARE_NOT_FOUND"
}

Example response (404, Config schema entry not found):


{
    "message": "Config schema entry not found",
    "code": "CONFIG_SCHEMA:DELETE:SCHEMA_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

DELETE api/versions/firmware/{firmwareId}/schema/{schemaId}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

firmwareId integer

Firmware version ID. Example: 1

schemaId integer

Config schema ID. Example: 1

Config Templates

API endpoints for managing config templates

Get config templates list

requires authentication

Entries where author is present are private and owned by its author. Entries where author is null should be considered as global templates prepared by Aether team.

Example request:

curl --request GET \
    --get "http://localhost:8000/api/config/templates?search=sport&author=1&scope=me" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/config/templates"
);

const params = {
    "search": "sport",
    "author": "1",
    "scope": "me",
};
Object.keys(params)
    .forEach(key => url.searchParams.append(key, params[key]));

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 1,
            "name": "Ad minima eos qui.",
            "description": "Exercitationem illo a repellendus aut rem adipisci vel vel.",
            "author_id": 96,
            "company_id": null,
            "config": "{\"autoGrasp\":[1,0],\"coContractionTimings\":[300,300],\"controlMode\":[1],\"emgGains\":[100,100],\"emgSpike\":[0,300],\"emgThresholds\":[20,90,0,100,100,100,40,70,80,10],\"gripPairsConfig\":[5,2,3,9,8,6,10,11],\"gripSequentialConfig\":[3,255,12,255,8,13,7,6,2,255,9,4],\"gripSwitchingMode\":[2],\"holdOpen\":[2000,2500],\"pulseTimings\":[690,790,510,240],\"softGrip\":[0],\"speedControlStrategy\":[0]}",
            "created_at": "2026-06-02T13:55:12.000000Z",
            "updated_at": "2026-06-02T13:55:12.000000Z",
            "author": {
                "id": 96,
                "mrn": "CB4F658H1780408512",
                "name": "Valentine Block",
                "email": "1780408512rkulas@example.net",
                "language": "en",
                "phone": "(352) 496-0842",
                "phone_country": "NR",
                "phone_verified_at": null,
                "address1": "675 Raoul Village",
                "address2": "Lianaberg, DE 68523-5917",
                "postal_code": "55750",
                "city": "Hammes, Jacobs and Ziemann",
                "country": "NO",
                "clinic_name": "Balistreriville",
                "clinic_location": "877 Giuseppe Cliffs Apt. 541\nWilliamsonmouth, GA 03028-8035",
                "image": null,
                "mfa_enabled": 0,
                "mfa_method": null,
                "mfa_verified_to": null,
                "location_id": null,
                "created_by": null,
                "active": 1,
                "notifications_timezone": null,
                "notifications_at": null,
                "created_at": "2026-06-02T13:55:12.000000Z",
                "updated_at": "2026-06-02T13:55:12.000000Z",
                "invitation_status": null,
                "acadle_invitation_status": null,
                "roles": []
            }
        },
        {
            "id": 2,
            "name": "Dicta porro tenetur enim accusantium debitis.",
            "description": "Doloremque odio nobis quae odit.",
            "author_id": 97,
            "company_id": null,
            "config": "{\"autoGrasp\":[0,100],\"coContractionTimings\":[300,200],\"controlMode\":[0],\"emgGains\":[100,100],\"emgSpike\":[1,300],\"emgThresholds\":[50,100,50,30,70,50,80,10,10,80],\"gripPairsConfig\":[13,1,5,10,9,12,7,8],\"gripSequentialConfig\":[255,12,255,7,3,9,6,255,1,255,11,8],\"gripSwitchingMode\":[3],\"holdOpen\":[1500,2000],\"pulseTimings\":[460,750,290,640],\"softGrip\":[0],\"speedControlStrategy\":[0]}",
            "created_at": "2026-06-02T13:55:13.000000Z",
            "updated_at": "2026-06-02T13:55:13.000000Z",
            "author": {
                "id": 97,
                "mrn": "BUJK88W81780408512",
                "name": "Prof. Mozell Altenwerth PhD",
                "email": "1780408512xraynor@example.com",
                "language": "en",
                "phone": "808-226-1598",
                "phone_country": "DO",
                "phone_verified_at": null,
                "address1": "518 Windler Forges",
                "address2": "Daughertyberg, FL 48614-0064",
                "postal_code": "24053",
                "city": "O'Keefe Inc",
                "country": "ES",
                "clinic_name": "Mayermouth",
                "clinic_location": "2518 Maximo Radial Suite 457\nTracyland, VT 24021",
                "image": null,
                "mfa_enabled": 0,
                "mfa_method": null,
                "mfa_verified_to": null,
                "location_id": null,
                "created_by": null,
                "active": 1,
                "notifications_timezone": null,
                "notifications_at": null,
                "created_at": "2026-06-02T13:55:12.000000Z",
                "updated_at": "2026-06-02T13:55:12.000000Z",
                "invitation_status": null,
                "acadle_invitation_status": null,
                "roles": []
            }
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to list config templates",
    "code": "CONFIG_TEMPLATES:LIST:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/config/templates

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Query Parameters

search string optional

Filter config templates by name. Example: sport

author integer optional

Super Admin only: Filter config templates by author. Example: 1

scope string optional

ClinicAdmin/Clinician/ClinicianSupport only: Filter config templates by scope. The value must be one of:

me (entries where current user is author),
global (entries added by Aether).

Example: `me`

perpage integer optional

Elements per page (Default: 20).

page integer optional

Page number (Default: 1).

extend string optional

Comma-separated list of relation extensions (available: author).

Response

Response Fields

items object

id integer

Config template ID.

name string

Template name.

description string

Template description.

author_id integer

ID of the user who created the template.

company_id integer

Associated company ID.

config string

Serialized config data.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

author object

User who created the template.

notes object[]

Notes attached to this template.

paginator object

total integer

Total number of items.

count integer

Number of items on current page.

perpage integer

Items per page.

current_page integer

Current page number.

last_page integer

Last page number.

Get config template

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/config/templates/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/config/templates/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "id": 3,
    "name": "Optio voluptas sit cum est in delectus.",
    "description": "Aut quis omnis aut.",
    "author_id": 98,
    "company_id": null,
    "config": "{\"autoGrasp\":[0,0],\"coContractionTimings\":[200,100],\"controlMode\":[1],\"emgGains\":[100,100],\"emgSpike\":[0,300],\"emgThresholds\":[0,40,10,70,80,100,40,100,80,20],\"gripPairsConfig\":[11,6,10,4,3,12,5,13],\"gripSequentialConfig\":[4,12,3,255,7,5,2,255,11,9,255,13],\"gripSwitchingMode\":[3],\"holdOpen\":[2000,2500],\"pulseTimings\":[880,900,920,770],\"softGrip\":[1],\"speedControlStrategy\":[1]}",
    "created_at": "2026-06-02T13:55:13.000000Z",
    "updated_at": "2026-06-02T13:55:13.000000Z",
    "author": {
        "id": 98,
        "mrn": "C2ALM79S1780408513",
        "name": "Brian Barton",
        "email": "1780408513olson.petra@example.net",
        "language": "en",
        "phone": "+1-779-882-3336",
        "phone_country": "GH",
        "phone_verified_at": null,
        "address1": "524 Herman Road Apt. 261",
        "address2": "Javonteborough, OH 06211",
        "postal_code": "25126",
        "city": "Brekke-Durgan",
        "country": "FR",
        "clinic_name": "Treverberg",
        "clinic_location": "6963 Lyla Cove Apt. 100\nLake Armanichester, AL 42918-5385",
        "image": null,
        "mfa_enabled": 0,
        "mfa_method": null,
        "mfa_verified_to": null,
        "location_id": null,
        "created_by": null,
        "active": 1,
        "notifications_timezone": null,
        "notifications_at": null,
        "created_at": "2026-06-02T13:55:13.000000Z",
        "updated_at": "2026-06-02T13:55:13.000000Z",
        "invitation_status": null,
        "acadle_invitation_status": null,
        "roles": []
    }
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to view config template",
    "code": "CONFIG_TEMPLATES:GET:INSUFFICIENT_PERMISSION"
}

Example response (404, Config template not found):


{
    "message": "Config template not found",
    "code": "CONFIG_TEMPLATES:GET:TEMPLATE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/config/templates/{id}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

id integer

Config template ID. Example: 1

Query Parameters

extend string optional

Comma-separated list of relation extensions (available: author).

Response

Response Fields

id integer

Config template ID.

name string

Template name.

description string

Template description.

author_id integer

ID of the user who created the template.

company_id integer

Associated company ID.

config string

Serialized config data.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

author object

User who created the template.

notes object[]

Notes attached to this template.

Create new config template

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/config/templates" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"name\": \"Default config for Aether Zeus\",
    \"description\": \"Description of the config template.\",
    \"owner\": \"company\",
    \"author\": 1,
    \"config\": \"{\\\"param_1\\\": [100, 200], \\\"param_2\\\": [100, 200, 300]}\"
}"

const url = new URL(
    "http://localhost:8000/api/config/templates"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "name": "Default config for Aether Zeus",
    "description": "Description of the config template.",
    "owner": "company",
    "author": 1,
    "config": "{\"param_1\": [100, 200], \"param_2\": [100, 200, 300]}"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (201):


{
    "id": 4,
    "name": "Ipsum fugiat ipsa temporibus voluptas qui animi blanditiis.",
    "description": "Ullam libero explicabo et enim.",
    "author_id": 99,
    "company_id": null,
    "config": "{\"autoGrasp\":[0,0],\"coContractionTimings\":[500,400],\"controlMode\":[0],\"emgGains\":[100,100],\"emgSpike\":[1,300],\"emgThresholds\":[20,30,10,60,30,30,30,0,40,50],\"gripPairsConfig\":[13,8,12,4,3,1,10,2],\"gripSequentialConfig\":[255,13,255,6,10,5,9,3,12,255,1,8],\"gripSwitchingMode\":[2],\"holdOpen\":[1500,2500],\"pulseTimings\":[540,620,40,150],\"softGrip\":[1],\"speedControlStrategy\":[1]}",
    "created_at": "2026-06-02T13:55:13.000000Z",
    "updated_at": "2026-06-02T13:55:13.000000Z",
    "author": {
        "id": 99,
        "mrn": "EMZ8YPD51780408513",
        "name": "Ole Bradtke",
        "email": "1780408513hbernhard@example.net",
        "language": "en",
        "phone": "+1 (540) 227-2175",
        "phone_country": "KY",
        "phone_verified_at": null,
        "address1": "7210 Tromp Cliff Suite 186",
        "address2": "Lake Bonnieside, OK 67523-2994",
        "postal_code": "01428",
        "city": "Hegmann-Yundt",
        "country": "FR",
        "clinic_name": "Faheyborough",
        "clinic_location": "620 Vena Route Apt. 785\nNorth Audra, CA 59779-3628",
        "image": null,
        "mfa_enabled": 0,
        "mfa_method": null,
        "mfa_verified_to": null,
        "location_id": null,
        "created_by": null,
        "active": 1,
        "notifications_timezone": null,
        "notifications_at": null,
        "created_at": "2026-06-02T13:55:13.000000Z",
        "updated_at": "2026-06-02T13:55:13.000000Z",
        "invitation_status": null,
        "acadle_invitation_status": null,
        "roles": []
    }
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to create config template",
    "code": "CONFIG_TEMPLATES:CREATE:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/config/templates

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

name string

Name of the config template. Example: Default config for Aether Zeus

description string optional

Description of the config template. Example: Description of the config template.

owner string optional

Mark config template owned by clinician or company. Default: me (clinician). Example: company

Must be one of:

me
company

author string optional

Super Admin only: User ID to be the author of template. The id of an existing record in the App\Models\User table. Example: 1

config string

Full config. MUST_BE_JSON. Example: {"param_1": [100, 200], "param_2": [100, 200, 300]}

Response

Response Fields

id integer

Config template ID.

name string

Template name.

description string

Template description.

author_id integer

ID of the user who created the template.

company_id integer

Associated company ID.

config string

Serialized config data.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

author object

User who created the template.

notes object[]

Notes attached to this template.

Update config template

requires authentication

Example request:

curl --request PUT \
    "http://localhost:8000/api/config/templates/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"name\": \"Default config for Aether Zeus\",
    \"description\": \"Description of the config template.\",
    \"owner\": \"company\",
    \"author\": 1,
    \"config\": \"{\\\"param_1\\\": [100, 200], \\\"param_2\\\": [100, 200, 300]}\"
}"

const url = new URL(
    "http://localhost:8000/api/config/templates/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "name": "Default config for Aether Zeus",
    "description": "Description of the config template.",
    "owner": "company",
    "author": 1,
    "config": "{\"param_1\": [100, 200], \"param_2\": [100, 200, 300]}"
};

fetch(url, {
    method: "PUT",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (202):


{
    "id": 5,
    "name": "Velit iusto rerum sint.",
    "description": "Laborum tempore qui voluptatem quibusdam possimus molestiae.",
    "author_id": 100,
    "company_id": null,
    "config": "{\"autoGrasp\":[0,100],\"coContractionTimings\":[500,500],\"controlMode\":[0],\"emgGains\":[100,100],\"emgSpike\":[1,300],\"emgThresholds\":[0,60,0,80,80,20,90,30,20,30],\"gripPairsConfig\":[3,5,9,8,13,2,12,4],\"gripSequentialConfig\":[3,7,255,13,9,255,255,255,8,11,6,255],\"gripSwitchingMode\":[2],\"holdOpen\":[1500,2000],\"pulseTimings\":[530,870,610,600],\"softGrip\":[0],\"speedControlStrategy\":[0]}",
    "created_at": "2026-06-02T13:55:14.000000Z",
    "updated_at": "2026-06-02T13:55:14.000000Z",
    "author": {
        "id": 100,
        "mrn": "527BT9EH1780408514",
        "name": "Mrs. Kayla Bergnaum V",
        "email": "1780408514dolly.schuppe@example.net",
        "language": "en",
        "phone": "1-602-973-0248",
        "phone_country": "LK",
        "phone_verified_at": null,
        "address1": "29382 Bernhard Square",
        "address2": "North Piperside, LA 28346",
        "postal_code": "66726",
        "city": "Purdy LLC",
        "country": "IE",
        "clinic_name": "Port Santiagotown",
        "clinic_location": "193 Tremayne Ports Apt. 748\nEast Martinehaven, MO 67453",
        "image": null,
        "mfa_enabled": 0,
        "mfa_method": null,
        "mfa_verified_to": null,
        "location_id": null,
        "created_by": null,
        "active": 1,
        "notifications_timezone": null,
        "notifications_at": null,
        "created_at": "2026-06-02T13:55:14.000000Z",
        "updated_at": "2026-06-02T13:55:14.000000Z",
        "invitation_status": null,
        "acadle_invitation_status": null,
        "roles": []
    }
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to update config template",
    "code": "CONFIG_TEMPLATES:UPDATE:INSUFFICIENT_PERMISSION"
}

Example response (404, Config template not found):


{
    "message": "Config template not found",
    "code": "CONFIG_TEMPLATES:UPDATE:TEMPLATE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

PUT api/config/templates/{id}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

id integer

Config template ID. Example: 1

Body Parameters

name string optional

Name of the config template. Example: Default config for Aether Zeus

description string optional

Description of the config template. Example: Description of the config template.

owner string optional

Mark config template owned by clinician or company. Default: me (clinician). Example: company

Must be one of:

me
company

author string optional

Super Admin only: User ID to be the author of template. The id of an existing record in the App\Models\User table. Example: 1

config string optional

Full config. MUST_BE_JSON. Example: {"param_1": [100, 200], "param_2": [100, 200, 300]}

Response

Response Fields

id integer

Config template ID.

name string

Template name.

description string

Template description.

author_id integer

ID of the user who created the template.

company_id integer

Associated company ID.

config string

Serialized config data.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

author object

User who created the template.

notes object[]

Notes attached to this template.

Delete config template

requires authentication

Example request:

curl --request DELETE \
    "http://localhost:8000/api/config/templates/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/config/templates/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "DELETE",
    headers,
}).then(response => response.json());

Example response (202, OK):


{
    "message": "Config template deleted",
    "code": "CONFIG_TEMPLATES:DELETE:DELETED"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to delete config template",
    "code": "CONFIG_TEMPLATES:DELETE:INSUFFICIENT_PERMISSION"
}

Example response (404, Config template not found):


{
    "message": "Config template not found",
    "code": "CONFIG_TEMPLATES:DELETE:TEMPLATE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Config Templates Notes

API endpoints for config templates notes

Get config templates notes list

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/config/templates/1/notes?user=1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/config/templates/1/notes"
);

const params = {
    "user": "1",
};
Object.keys(params)
    .forEach(key => url.searchParams.append(key, params[key]));

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 1,
            "template_id": 6,
            "user_id": 101,
            "note": "Consequatur adipisci voluptatibus et fuga.",
            "created_at": "2026-06-02T13:55:14.000000Z",
            "updated_at": "2026-06-02T13:55:14.000000Z",
            "author": {
                "id": 101,
                "mrn": "5WRYY6XA1780408514",
                "name": "Kirsten Considine",
                "email": "1780408514toy.randi@example.com",
                "language": "en",
                "phone": "(925) 726-2332",
                "phone_country": "RW",
                "phone_verified_at": null,
                "address1": "776 Fritsch Crossing Suite 565",
                "address2": "Lake Arneport, MN 12471",
                "postal_code": "88075-7434",
                "city": "Johns, Kunde and Daniel",
                "country": "FR",
                "clinic_name": "Hannahville",
                "clinic_location": "1614 Carlos Stravenue Suite 856\nHymanstad, FL 07032",
                "image": null,
                "mfa_enabled": 0,
                "mfa_method": null,
                "mfa_verified_to": null,
                "location_id": null,
                "created_by": null,
                "active": 1,
                "notifications_timezone": null,
                "notifications_at": null,
                "created_at": "2026-06-02T13:55:14.000000Z",
                "updated_at": "2026-06-02T13:55:14.000000Z",
                "invitation_status": null,
                "acadle_invitation_status": null,
                "roles": []
            }
        },
        {
            "id": 2,
            "template_id": 7,
            "user_id": 102,
            "note": "Quia dolores accusantium et corporis.",
            "created_at": "2026-06-02T13:55:15.000000Z",
            "updated_at": "2026-06-02T13:55:15.000000Z",
            "author": {
                "id": 102,
                "mrn": "HBEW8QPD1780408515",
                "name": "Berenice Pfeffer",
                "email": "1780408515cleveland90@example.org",
                "language": "en",
                "phone": "209.542.2205",
                "phone_country": "AL",
                "phone_verified_at": null,
                "address1": "8757 Jeff Islands Apt. 471",
                "address2": "Hayleyshire, LA 38880",
                "postal_code": "44435",
                "city": "Mohr, Mante and O'Keefe",
                "country": "IT",
                "clinic_name": "New Tanyahaven",
                "clinic_location": "7415 Aletha Lakes Apt. 062\nHeaneymouth, NM 46123",
                "image": null,
                "mfa_enabled": 0,
                "mfa_method": null,
                "mfa_verified_to": null,
                "location_id": null,
                "created_by": null,
                "active": 1,
                "notifications_timezone": null,
                "notifications_at": null,
                "created_at": "2026-06-02T13:55:15.000000Z",
                "updated_at": "2026-06-02T13:55:15.000000Z",
                "invitation_status": null,
                "acadle_invitation_status": null,
                "roles": []
            }
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to access config templates notes",
    "code": "CONFIG_TEMPLATE_NOTES:LIST:INSUFFICIENT_PERMISSION"
}

Example response (404, Config template not found):


{
    "message": "Config template not found",
    "code": "CONFIG_TEMPLATE_NOTES:LIST:TEMPLATE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/config/templates/{id}/notes

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

id integer

Config template ID. Example: 1

Query Parameters

user integer optional

Filter notes by user. Example: 1

perpage integer optional

Elements per page (Default: 20).

page integer optional

Page number (Default: 1).

extend string optional

Comma-separated list of relation extensions (available: author).

sortby string optional

Sort by field (available: date). Default: date, desc.

sortdir string optional

Sort direction (available: asc, desc).

Response

Response Fields

items object

id integer

Note ID.

template_id integer

Associated config template ID.

user_id integer

ID of the user who wrote the note.

note string

Note content.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

author object

User who wrote the note.

paginator object

total integer

Total number of items.

count integer

Number of items on current page.

perpage integer

Items per page.

current_page integer

Current page number.

last_page integer

Last page number.

Get config template note

requires authentication

Returns single config template note in response.

Example request:

curl --request GET \
    --get "http://localhost:8000/api/config/templates/1/notes/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/config/templates/1/notes/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "id": 3,
    "template_id": 8,
    "user_id": 103,
    "note": "Rerum repudiandae dolor ut quidem.",
    "created_at": "2026-06-02T13:55:15.000000Z",
    "updated_at": "2026-06-02T13:55:15.000000Z",
    "author": {
        "id": 103,
        "mrn": "BCPDLFRR1780408515",
        "name": "Coy Lehner",
        "email": "1780408515eleanore36@example.com",
        "language": "en",
        "phone": "870.872.9535",
        "phone_country": "SH",
        "phone_verified_at": null,
        "address1": "6758 Douglas Ferry",
        "address2": "Parisianbury, PA 48784",
        "postal_code": "75898",
        "city": "Crona-Funk",
        "country": "SE",
        "clinic_name": "West Mable",
        "clinic_location": "6444 Geraldine Views\nWest Carolinachester, ME 84391",
        "image": null,
        "mfa_enabled": 0,
        "mfa_method": null,
        "mfa_verified_to": null,
        "location_id": null,
        "created_by": null,
        "active": 1,
        "notifications_timezone": null,
        "notifications_at": null,
        "created_at": "2026-06-02T13:55:15.000000Z",
        "updated_at": "2026-06-02T13:55:15.000000Z",
        "invitation_status": null,
        "acadle_invitation_status": null,
        "roles": []
    }
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to access config templates notes",
    "code": "CONFIG_TEMPLATE_NOTES:GET:INSUFFICIENT_PERMISSION"
}

Example response (404, Config template not found):


{
    "message": "Config template not found",
    "code": "CONFIG_TEMPLATE_NOTES:GET:TEMPLATE_NOT_FOUND"
}

Example response (404, Config template note not found):


{
    "message": "Config template note not found",
    "code": "CONFIG_TEMPLATE_NOTES:GET:NOTE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/config/templates/{id}/notes/{noteId}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

id integer

Config template ID. Example: 1

noteId integer

Config template note ID. Example: 1

Query Parameters

extend string optional

Comma-separated list of relation extensions (available: author).

Response

Response Fields

id integer

Note ID.

template_id integer

Associated config template ID.

user_id integer

ID of the user who wrote the note.

note string

Note content.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

author object

User who wrote the note.

Create new config template note

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/config/templates/1/notes" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"note\": \"Ullam quaerat maiores earum consequatur.\"
}"

const url = new URL(
    "http://localhost:8000/api/config/templates/1/notes"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "note": "Ullam quaerat maiores earum consequatur."
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (201):


{
    "id": 4,
    "template_id": 9,
    "user_id": 104,
    "note": "Cumque aliquam nihil in sed qui.",
    "created_at": "2026-06-02T13:55:16.000000Z",
    "updated_at": "2026-06-02T13:55:16.000000Z",
    "author": {
        "id": 104,
        "mrn": "K9U64M2E1780408515",
        "name": "Prof. Rylan Brekke",
        "email": "1780408515andre63@example.org",
        "language": "en",
        "phone": "1-650-967-4832",
        "phone_country": "AM",
        "phone_verified_at": null,
        "address1": "288 Janis Fall",
        "address2": "Vivienshire, KY 26788-7410",
        "postal_code": "00104",
        "city": "McCullough, Boehm and Davis",
        "country": "SI",
        "clinic_name": "South Lucio",
        "clinic_location": "9729 Mitchell Valley Suite 754\nEast Rosannachester, ME 70489-4258",
        "image": null,
        "mfa_enabled": 0,
        "mfa_method": null,
        "mfa_verified_to": null,
        "location_id": null,
        "created_by": null,
        "active": 1,
        "notifications_timezone": null,
        "notifications_at": null,
        "created_at": "2026-06-02T13:55:16.000000Z",
        "updated_at": "2026-06-02T13:55:16.000000Z",
        "invitation_status": null,
        "acadle_invitation_status": null,
        "roles": []
    }
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to add config templates notes",
    "code": "CONFIG_TEMPLATE_NOTES:CREATE:INSUFFICIENT_PERMISSION"
}

Example response (404, Config template not found):


{
    "message": "Config template not found",
    "code": "CONFIG_TEMPLATE_NOTES:CREATE:TEMPLATE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/config/templates/{id}/notes

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

id integer

Config template ID. Example: 1

Body Parameters

note string optional

Note text. Example: Ullam quaerat maiores earum consequatur.

Response

Response Fields

id integer

Note ID.

template_id integer

Associated config template ID.

user_id integer

ID of the user who wrote the note.

note string

Note content.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

author object

User who wrote the note.

Delete config template note

requires authentication

Example request:

curl --request DELETE \
    "http://localhost:8000/api/config/templates/1/notes/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/config/templates/1/notes/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "DELETE",
    headers,
}).then(response => response.json());

Example response (202, OK):


{
    "message": "Config template note deleted",
    "code": "CONFIG_TEMPLATE_NOTES:DELETE:DELETED"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to delete config templates notes",
    "code": "CONFIG_TEMPLATE_NOTES:DELETE:INSUFFICIENT_PERMISSION"
}

Example response (404, Config template not found):


{
    "message": "Config template not found",
    "code": "CONFIG_TEMPLATE_NOTES:DELETE:TEMPLATE_NOT_FOUND"
}

Example response (404, Config template note not found):


{
    "message": "Config template note not found",
    "code": "CONFIG_TEMPLATE_NOTES:DELETE:NOTE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

DELETE api/config/templates/{id}/notes/{noteId}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

id integer

Config template ID. Example: 1

noteId integer

Config template note ID. Example: 1

Custom Grips

API endpoints for custom grips management

List custom grips templates

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/custom-grips-templates" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/custom-grips-templates"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 1,
            "user_id": 255,
            "name": "roslyn63",
            "initial_position": "[50, 50, 50, 50, 50]",
            "limit_position": "[900, 900, 900, 900, 900]",
            "active_fingers": "[0, 1, 1, 1, 1]",
            "created_at": "2026-06-02T13:56:23.000000Z",
            "updated_at": "2026-06-02T13:56:23.000000Z"
        },
        {
            "id": 2,
            "user_id": 256,
            "name": "fay.madelynn",
            "initial_position": "[50, 50, 50, 50, 50]",
            "limit_position": "[900, 900, 900, 900, 900]",
            "active_fingers": "[0, 1, 1, 1, 1]",
            "created_at": "2026-06-02T13:56:24.000000Z",
            "updated_at": "2026-06-02T13:56:24.000000Z"
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage custom grips templates",
    "code": "CUSTOM_GRIPS_TEMPLATES:LIST:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/custom-grips-templates

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Query Parameters

perpage integer optional

Elements per page (Default: 20).

page integer optional

Page number (Default: 1).

Response

Response Fields

items object

id integer

Custom grip template ID.

user_id integer

Owner user ID.

name string

Template name.

initial_position string

Initial finger positions.

limit_position string

Limit finger positions.

active_fingers string

Active fingers configuration.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

paginator object

total integer

Total number of items.

count integer

Number of items on current page.

perpage integer

Items per page.

current_page integer

Current page number.

last_page integer

Last page number.

Create custom grip template

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/custom-grips-templates" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"name\": \"Custom Grip Template 1\",
    \"initial_position\": \"[50, 50, 50, 50, 50]\",
    \"limit_position\": \"[900, 900, 900, 900, 900]\",
    \"active_fingers\": \"[0, 1, 1, 1, 1]\"
}"

const url = new URL(
    "http://localhost:8000/api/custom-grips-templates"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "name": "Custom Grip Template 1",
    "initial_position": "[50, 50, 50, 50, 50]",
    "limit_position": "[900, 900, 900, 900, 900]",
    "active_fingers": "[0, 1, 1, 1, 1]"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (201):


{
    "id": 3,
    "user_id": 257,
    "name": "ryan07",
    "initial_position": "[50, 50, 50, 50, 50]",
    "limit_position": "[900, 900, 900, 900, 900]",
    "active_fingers": "[0, 1, 1, 1, 1]",
    "created_at": "2026-06-02T13:56:24.000000Z",
    "updated_at": "2026-06-02T13:56:24.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage custom grips templates",
    "code": "CUSTOM_GRIPS_TEMPLATES:CREATE:INSUFFICIENT_PERMISSION"
}

Example response (403, Custom grip template name in use):


{
    "message": "Custom grip template name already in use",
    "code": "CUSTOM_GRIPS_TEMPLATES:CREATE:NAME_IN_USE"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/custom-grips-templates

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

name string

Name of custom grip template. Example: Custom Grip Template 1

initial_position string

Grip initial position. Value should be a string containing the array of values. Example: "[50, 50, 50, 50, 50]". Must start with one of [ Must end with one of ]. Example: [50, 50, 50, 50, 50]

limit_position string

Grip limit position. Value should be a string containing the array of values. Example: "[900, 900, 900, 900, 900]". Must start with one of [ Must end with one of ]. Example: [900, 900, 900, 900, 900]

active_fingers string

Grip active fingers. Value should be a string containing the array of values. Example: "[0, 1, 1, 1, 1]". Must start with one of [ Must end with one of ]. Example: [0, 1, 1, 1, 1]

Response

Response Fields

id integer

Custom grip template ID.

user_id integer

Owner user ID.

name string

Template name.

initial_position string

Initial finger positions.

limit_position string

Limit finger positions.

active_fingers string

Active fingers configuration.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Delete custom grip template

requires authentication

Example request:

curl --request DELETE \
    "http://localhost:8000/api/custom-grips-templates/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/custom-grips-templates/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "DELETE",
    headers,
}).then(response => response.json());

Example response (202, OK):


{
    "message": "Custom grip deleted",
    "code": "CUSTOM_GRIPS_TEMPLATES:DELETE:DELETED"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage custom grips templates",
    "code": "CUSTOM_GRIPS_TEMPLATES:DELETE:INSUFFICIENT_PERMISSION"
}

Example response (404, Custom grip template not found):


{
    "message": "Custom grip template not found",
    "code": "CUSTOM_GRIPS_TEMPLATES:DELETE:TEMPLATE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

List custom grips

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/device/1/custom-grips" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/device/1/custom-grips"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 1,
            "device_id": 130,
            "name": "easton.bogan",
            "opposed": 1,
            "grip_number": 0,
            "created_at": "2026-06-02T13:56:24.000000Z",
            "updated_at": "2026-06-02T13:56:24.000000Z"
        },
        {
            "id": 2,
            "device_id": 131,
            "name": "yschamberger",
            "opposed": 1,
            "grip_number": 0,
            "created_at": "2026-06-02T13:56:24.000000Z",
            "updated_at": "2026-06-02T13:56:24.000000Z"
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to view custom grips",
    "code": "CUSTOM_GRIPS:LIST:INSUFFICIENT_PERMISSION"
}

Example response (404, Device not found):


{
    "message": "Device not found",
    "code": "CUSTOM_GRIPS:LIST:DEVICE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/device/{deviceId}/custom-grips

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

deviceId integer

Device ID. Example: 1

Query Parameters

perpage integer optional

Elements per page (Default: 20).

page integer optional

Page number (Default: 1).

Response

Response Fields

items object

id integer

Custom grip ID.

device_id integer

Associated device ID.

name string

Custom grip name.

opposed boolean

Whether the grip is opposed.

grip_number integer

Grip slot number.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

paginator object

total integer

Total number of items.

count integer

Number of items on current page.

perpage integer

Items per page.

current_page integer

Current page number.

last_page integer

Last page number.

Create custom grip

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/device/1/custom-grips" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"name\": \"Custom Grip 1\",
    \"opposed\": true,
    \"grip_number\": 1
}"

const url = new URL(
    "http://localhost:8000/api/device/1/custom-grips"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "name": "Custom Grip 1",
    "opposed": true,
    "grip_number": 1
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (201):


{
    "id": 3,
    "device_id": 132,
    "name": "aurelie.roberts",
    "opposed": 1,
    "grip_number": 0,
    "created_at": "2026-06-02T13:56:24.000000Z",
    "updated_at": "2026-06-02T13:56:24.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage custom grips",
    "code": "CUSTOM_GRIPS:CREATE:INSUFFICIENT_PERMISSION"
}

Example response (403, Custom grip name in use):


{
    "message": "Custom grip name already in use",
    "code": "CUSTOM_GRIPS:CREATE:NAME_IN_USE"
}

Example response (404, Device not found):


{
    "message": "Device not found",
    "code": "CUSTOM_GRIPS:CREATE:DEVICE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/device/{deviceId}/custom-grips

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

deviceId integer

Device ID. Example: 1

Body Parameters

name string

Name of custom grip. Example: Custom Grip 1

opposed boolean true false

Grip opposed status. Example: true

grip_number integer

Grip number (not ID). Example: 1

Response

Response Fields

id integer

Custom grip ID.

device_id integer

Associated device ID.

name string

Custom grip name.

opposed boolean

Whether the grip is opposed.

grip_number integer

Grip slot number.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Update custom grip

requires authentication

Example request:

curl --request PUT \
    "http://localhost:8000/api/device/1/custom-grips/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"name\": \"Custom Grip 1\",
    \"opposed\": true,
    \"grip_number\": 1
}"

const url = new URL(
    "http://localhost:8000/api/device/1/custom-grips/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "name": "Custom Grip 1",
    "opposed": true,
    "grip_number": 1
};

fetch(url, {
    method: "PUT",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (202):


{
    "id": 4,
    "device_id": 133,
    "name": "jaydon34",
    "opposed": 1,
    "grip_number": 0,
    "created_at": "2026-06-02T13:56:24.000000Z",
    "updated_at": "2026-06-02T13:56:24.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage custom grips",
    "code": "CUSTOM_GRIPS:UPDATE:INSUFFICIENT_PERMISSION"
}

Example response (403, Custom grip name in use):


{
    "message": "Custom grip name already in use",
    "code": "CUSTOM_GRIPS:UPDATE:NAME_IN_USE"
}

Example response (404, Device not found):


{
    "message": "Device not found",
    "code": "CUSTOM_GRIPS:UPDATE:DEVICE_NOT_FOUND"
}

Example response (404, Custom grip not found):


{
    "message": "Custom grip not found",
    "code": "CUSTOM_GRIPS:UPDATE:GRIP_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

PUT api/device/{deviceId}/custom-grips/{gripId}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

deviceId integer

Device ID. Example: 1

gripId integer

Custom Grip ID. Example: 1

Body Parameters

name string optional

Name of custom grip. Example: Custom Grip 1

opposed boolean optional true false

Grip opposed status. Example: true

grip_number integer optional

Grip number (not ID). Example: 1

Response

Response Fields

id integer

Custom grip ID.

device_id integer

Associated device ID.

name string

Custom grip name.

opposed boolean

Whether the grip is opposed.

grip_number integer

Grip slot number.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Delete custom grip

requires authentication

Example request:

curl --request DELETE \
    "http://localhost:8000/api/device/1/custom-grips/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/device/1/custom-grips/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "DELETE",
    headers,
}).then(response => response.json());

Example response (202, OK):


{
    "message": "Custom grip template deleted",
    "code": "CUSTOM_GRIPS:DELETE:DELETED"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage custom grips",
    "code": "CUSTOM_GRIPS:DELETE:INSUFFICIENT_PERMISSION"
}

Example response (404, Device not found):


{
    "message": "Device not found",
    "code": "CUSTOM_GRIPS:DELETE:DEVICE_NOT_FOUND"
}

Example response (404, Custom grip not found):


{
    "message": "Custom grip not found",
    "code": "CUSTOM_GRIPS:DELETE:GRIP_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

DELETE api/device/{deviceId}/custom-grips/{gripId}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

deviceId integer

Device ID. Example: 1

gripId integer

Custom Grip ID. Example: 1

Device Models

API endpoints for device models management

Get device models list

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/devices/models?active=1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/devices/models"
);

const params = {
    "active": "1",
};
Object.keys(params)
    .forEach(key => url.searchParams.append(key, params[key]));

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


[
    {
        "id": 3,
        "name": "Zeus hand v1",
        "type": "leg",
        "orientation": "left",
        "active": 1,
        "created_at": "2026-06-02T13:54:43.000000Z",
        "updated_at": "2026-06-02T13:54:43.000000Z"
    },
    {
        "id": 4,
        "name": "Zeus hand v1",
        "type": "arm",
        "orientation": "left",
        "active": 1,
        "created_at": "2026-06-02T13:54:43.000000Z",
        "updated_at": "2026-06-02T13:54:43.000000Z"
    }
]

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to list device models",
    "code": "DEVICE_MODELS:LIST:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/devices/models

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Query Parameters

active integer optional

Filter device models by active status (available: 0 - only inactive, 1 - only active, any - all users). Default: 1. Example: 1

Response

Response Fields

id integer

Device model ID.

name string

Model name.

type string

Model type.

orientation string

Model orientation.

active boolean

Whether the model is active.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Create device model

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/devices/models" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"name\": \"Zeus hand v1\",
    \"type\": \"hand\",
    \"orientation\": \"left\",
    \"active\": true
}"

const url = new URL(
    "http://localhost:8000/api/devices/models"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "name": "Zeus hand v1",
    "type": "hand",
    "orientation": "left",
    "active": true
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (201):


{
    "id": 5,
    "name": "Zeus hand v1",
    "type": "leg",
    "orientation": "right",
    "active": 1,
    "created_at": "2026-06-02T13:54:43.000000Z",
    "updated_at": "2026-06-02T13:54:43.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to create device model",
    "code": "DEVICE_MODELS:CREATE:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/devices/models

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

name string

Model name. Example: Zeus hand v1

type string optional

Model type (e.g. hand). Example: hand

orientation string optional

Model orientation if specified. Example: left

active boolean optional true false

Device model active status (0 - inactive, 1 - active). Example: true

Response

Response Fields

id integer

Device model ID.

name string

Model name.

type string

Model type.

orientation string

Model orientation.

active boolean

Whether the model is active.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Update device model

requires authentication

Example request:

curl --request PUT \
    "http://localhost:8000/api/devices/models/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"name\": \"Zeus hand v1\",
    \"type\": \"hand\",
    \"orientation\": \"right\",
    \"active\": true
}"

const url = new URL(
    "http://localhost:8000/api/devices/models/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "name": "Zeus hand v1",
    "type": "hand",
    "orientation": "right",
    "active": true
};

fetch(url, {
    method: "PUT",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (202):


{
    "id": 6,
    "name": "Zeus hand v1",
    "type": "arm",
    "orientation": "left",
    "active": 1,
    "created_at": "2026-06-02T13:54:43.000000Z",
    "updated_at": "2026-06-02T13:54:43.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to update device model",
    "code": "DEVICE_MODELS:UPDATE:INSUFFICIENT_PERMISSION"
}

Example response (404, Device model not found):


{
    "message": "Device model not found",
    "code": "DEVICE_MODELS:UPDATE:MODEL_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

PUT api/devices/models/{id}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

id integer

DeviceModel ID. Example: 1

Body Parameters

name string optional

Model name. Example: Zeus hand v1

type string optional

Model type (e.g. hand). Example: hand

orientation string optional

Model orientation if specified. Example: right

active boolean optional true false

Device model active status (0 - inactive, 1 - active). Example: true

Response

Response Fields

id integer

Device model ID.

name string

Model name.

type string

Model type.

orientation string

Model orientation.

active boolean

Whether the model is active.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Devices

API endpoints for devices management

Check serial number or bluetooth ID

Public endpoint responding with status of given device serial number or bluetooth ID. If any of these numbers can be found in database, status will be true. Otherwise, status will be false (device does not exist).

Example request:

curl --request GET \
    --get "http://localhost:8000/api/device/check/S3R1AL-NUM83R" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"type\": \"serial\"
}"

const url = new URL(
    "http://localhost:8000/api/device/check/S3R1AL-NUM83R"
);

const headers = {
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "type": "serial"
};

fetch(url, {
    method: "GET",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (200, OK):


{
    "status": true
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/device/check/{serial}

Headers

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

serial string

Device serial number or bluetooth ID. Example: S3R1AL-NUM83R

Body Parameters

type string optional

Type of checked identifier. Example: serial

Must be one of:

serial
bluetooth_id

Get devices list

requires authentication

Possible extend options:

model - device model details
amputee - end-user assigned to device
clinicians - list of clinicians assigned to the device
firmwareVersion - device firmware version
pcbVersion - PCB version

Example request:

curl --request GET \
    --get "http://localhost:8000/api/devices?search=S3R1AL-NUM83R&active=-1&amputee=1&clinician=1&model=1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/devices"
);

const params = {
    "search": "S3R1AL-NUM83R",
    "active": "-1",
    "amputee": "1",
    "clinician": "1",
    "model": "1",
};
Object.keys(params)
    .forEach(key => url.searchParams.append(key, params[key]));

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 5,
            "serial": "89d46f13-f6ba-3c0a-9dc3-fc84a015990a",
            "bluetooth_id": "174758ac-2602-3550-8bd9-1b65d5d967b3",
            "company_id": null,
            "model_id": 7,
            "amputee_id": 34,
            "clinician_id": null,
            "firmware_version_id": null,
            "pcb_version_id": null,
            "reverse_magnets": 0,
            "is_electrode": 0,
            "active": 1,
            "last_activity_at": "0000-00-00 00:00:00",
            "created_at": "2026-06-02T13:54:43.000000Z",
            "updated_at": "2026-06-02T13:54:43.000000Z",
            "model": {
                "id": 7,
                "name": "Zeus hand v1",
                "type": "leg",
                "orientation": "right",
                "active": 1,
                "created_at": "2026-06-02T13:54:43.000000Z",
                "updated_at": "2026-06-02T13:54:43.000000Z"
            },
            "amputee": {
                "id": 34,
                "mrn": "KZF56LSV1780408483",
                "name": "Aida Grimes",
                "email": "1780408483bfeeney@example.com",
                "language": "en",
                "phone": "469.352.2424",
                "phone_country": "MD",
                "phone_verified_at": null,
                "address1": "851 Ward Corner Suite 106",
                "address2": "Port Lesliechester, OR 34547",
                "postal_code": "27198-7710",
                "city": "Schaden Group",
                "country": "AT",
                "clinic_name": "Kochton",
                "clinic_location": "17446 Bosco Estates Apt. 420\nSouth Estefania, NV 27106",
                "image": null,
                "mfa_enabled": 0,
                "mfa_method": null,
                "mfa_verified_to": null,
                "location_id": null,
                "created_by": null,
                "active": 1,
                "notifications_timezone": null,
                "notifications_at": null,
                "created_at": "2026-06-02T13:54:43.000000Z",
                "updated_at": "2026-06-02T13:54:43.000000Z",
                "invitation_status": null,
                "acadle_invitation_status": null,
                "roles": []
            }
        },
        {
            "id": 6,
            "serial": "3e3eaebe-aa5b-360e-9728-0610a3dde6c7",
            "bluetooth_id": "94349147-92b1-3c5e-8ad6-7425e4f3b21d",
            "company_id": null,
            "model_id": 8,
            "amputee_id": 35,
            "clinician_id": null,
            "firmware_version_id": null,
            "pcb_version_id": null,
            "reverse_magnets": 0,
            "is_electrode": 0,
            "active": 1,
            "last_activity_at": "0000-00-00 00:00:00",
            "created_at": "2026-06-02T13:54:44.000000Z",
            "updated_at": "2026-06-02T13:54:44.000000Z",
            "model": {
                "id": 8,
                "name": "Zeus hand v1",
                "type": "arm",
                "orientation": "left",
                "active": 1,
                "created_at": "2026-06-02T13:54:43.000000Z",
                "updated_at": "2026-06-02T13:54:43.000000Z"
            },
            "amputee": {
                "id": 35,
                "mrn": "Z5UGNZFM1780408483",
                "name": "Claudie Bahringer",
                "email": "1780408483tyshawn14@example.com",
                "language": "en",
                "phone": "815.462.8261",
                "phone_country": "CA",
                "phone_verified_at": null,
                "address1": "41924 Hegmann Mountains",
                "address2": "Ewelltown, NH 51706-4417",
                "postal_code": "02445",
                "city": "Powlowski-Mueller",
                "country": "NL",
                "clinic_name": "South Cordell",
                "clinic_location": "565 Vivianne Highway Suite 614\nSaraimouth, NE 38970-7119",
                "image": null,
                "mfa_enabled": 0,
                "mfa_method": null,
                "mfa_verified_to": null,
                "location_id": null,
                "created_by": null,
                "active": 1,
                "notifications_timezone": null,
                "notifications_at": null,
                "created_at": "2026-06-02T13:54:44.000000Z",
                "updated_at": "2026-06-02T13:54:44.000000Z",
                "invitation_status": null,
                "acadle_invitation_status": null,
                "roles": []
            }
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to list devices",
    "code": "DEVICES:LIST:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/devices

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Query Parameters

search string optional

Filter devices by searching in: serial number, bluetooth ID. Example: S3R1AL-NUM83R

active integer optional

Filter devices by active status (available: 0 - only inactive, 1 - only active, -1 - all users). Default: 1. Example: -1

amputee string optional

Filter devices by amputees. Provide single ID (amputee=1), array of IDs (amputee[]=1&amputee[]=2) or comma-separated list of IDs (amputee=1,2). Pass value 0 to get devices unassigned to any amputee. Example: 1

clinician string optional

Filter devices by clinicians. Provide single ID (clinician=1), array of IDs (clinician[]=1&clinician[]=2) or comma-separated list of IDs (clinician=1,2). Pass value 0 to get devices unassigned to any clinician. Example: 1

model string optional

Filter devices by device models. Provide single ID (model=1), array of IDs (model[]=1&model[]=2) or comma-separated list of IDs (model=1,2). Pass value 0 to get devices without model. Example: 1

perpage integer optional

Elements per page (Default: 20).

page integer optional

Page number (Default: 1).

extend string optional

Comma-separated list of relation extensions (available: model, amputee, clinicians, firmwareVersion, pcbVersion, config, joinedDevices, joinedElectrodes).

sortby string optional

Sort by field (available: serial, amputee_name, date). Default: date, desc.

sortdir string optional

Sort direction (available: asc, desc).

Response

Response Fields

items object

id integer

Device ID.

serial string

Device serial number.

bluetooth_id string

Bluetooth identifier.

model_id integer

Device model ID.

amputee_id integer

Assigned patient (amputee) user ID.

firmware_version_id integer

Firmware version ID.

pcb_version_id integer

PCB version ID.

company_id integer

Company ID.

reverse_magnets boolean

Whether magnets are reversed.

is_electrode boolean

Whether this device is an electrode.

active boolean

Whether the device is active.

last_activity_at string

Last activity timestamp.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

model object

Device model details.

id integer

Device model ID.

name string

Model name.

type string

Model type.

orientation string

Model orientation.

active boolean

Whether the model is active.

amputee object

Assigned patient (amputee) user.

id integer

User ID.

name string

User full name.

email string

User email address.

clinicians object[]

Clinicians assigned to this device.

firmwareVersion object

Firmware version details.

id integer

Firmware version ID.

name string

Version name.

file_firmware string

Firmware file URL.

file_firmware_v2 string

Firmware v2 file URL.

file_firmware_v3 string

Firmware v3 file URL.

file_firmware_v4 string

Firmware v4 file URL.

file_firmware_v5 string

Firmware v5 file URL.

file_firmware_new_pcb string

New PCB firmware file URL.

file_bootloader string

Bootloader file URL.

file_bootloader_v2 string

Bootloader v2 file URL.

file_bootloader_v3 string

Bootloader v3 file URL.

file_bootloader_v4 string

Bootloader v4 file URL.

changelog string

Changelog file URL.

pcbVersion object

PCB version details.

id integer

PCB version ID.

name string

Version name.

hardware_id string

Hardware identifier.

joinedDevices object[]

Joined hand devices.

joinedElectrodes object[]

Joined electrode devices.

paginator object

total integer

Total number of items.

count integer

Number of items on current page.

perpage integer

Items per page.

current_page integer

Current page number.

last_page integer

Last page number.

Get device information

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/device/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/device/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "id": 7,
    "serial": "49a9e9f7-f66d-3405-b337-9a851d1e8a66",
    "bluetooth_id": "2f65d609-a56f-31bf-9f44-f98984ae5f72",
    "company_id": null,
    "model_id": 9,
    "amputee_id": 36,
    "clinician_id": null,
    "firmware_version_id": 1,
    "pcb_version_id": 1,
    "reverse_magnets": 0,
    "is_electrode": 0,
    "active": 1,
    "last_activity_at": "0000-00-00 00:00:00",
    "created_at": "2026-06-02T13:54:44.000000Z",
    "updated_at": "2026-06-02T13:54:44.000000Z",
    "model": {
        "id": 9,
        "name": "Zeus hand v1",
        "type": "leg",
        "orientation": "right",
        "active": 1,
        "created_at": "2026-06-02T13:54:44.000000Z",
        "updated_at": "2026-06-02T13:54:44.000000Z"
    },
    "amputee": {
        "id": 36,
        "mrn": "5DGWC8EE1780408484",
        "name": "Wilson Beier III",
        "email": "1780408484retta.lubowitz@example.org",
        "language": "en",
        "phone": "(417) 821-0747",
        "phone_country": "FR",
        "phone_verified_at": null,
        "address1": "85348 Marlee Loaf Suite 515",
        "address2": "Rudolphport, WV 13424-6957",
        "postal_code": "18383",
        "city": "Rosenbaum-Mayert",
        "country": "NL",
        "clinic_name": "North Wandaside",
        "clinic_location": "78383 Pat Loop Apt. 076\nEast Kattieburgh, WI 52579-7225",
        "image": null,
        "mfa_enabled": 0,
        "mfa_method": null,
        "mfa_verified_to": null,
        "location_id": null,
        "created_by": null,
        "active": 1,
        "notifications_timezone": null,
        "notifications_at": null,
        "created_at": "2026-06-02T13:54:44.000000Z",
        "updated_at": "2026-06-02T13:54:44.000000Z",
        "invitation_status": null,
        "acadle_invitation_status": null,
        "roles": []
    },
    "pcb_version": {
        "id": 1,
        "name": "3.96.43",
        "hardware_id": "",
        "created_at": "2026-06-02T13:54:44.000000Z",
        "updated_at": "2026-06-02T13:54:44.000000Z"
    }
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to view device data",
    "code": "DEVICES:GET:INSUFFICIENT_PERMISSION"
}

Example response (404, Device not found):


{
    "message": "Device not found",
    "code": "DEVICES:GET:DEVICE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/device/{id}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

id integer

Device ID. Example: 1

Query Parameters

extend string optional

Comma-separated list of relation extensions (available: model, amputee, firmwareVersion, pcbVersion, clinicians, joinedDevices, joinedElectrodes).

Response

Response Fields

id integer

Device ID.

serial string

Device serial number.

bluetooth_id string

Bluetooth identifier.

model_id integer

Device model ID.

amputee_id integer

Assigned patient (amputee) user ID.

firmware_version_id integer

Firmware version ID.

pcb_version_id integer

PCB version ID.

company_id integer

Company ID.

reverse_magnets boolean

Whether magnets are reversed.

is_electrode boolean

Whether this device is an electrode.

active boolean

Whether the device is active.

last_activity_at string

Last activity timestamp.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

model object

Device model details.

id integer

Device model ID.

name string

Model name.

type string

Model type.

orientation string

Model orientation.

active boolean

Whether the model is active.

amputee object

Assigned patient (amputee) user.

id integer

User ID.

name string

User full name.

email string

User email address.

clinicians object[]

Clinicians assigned to this device.

firmwareVersion object

Firmware version details.

id integer

Firmware version ID.

name string

Version name.

file_firmware string

Firmware file URL.

file_firmware_v2 string

Firmware v2 file URL.

file_firmware_v3 string

Firmware v3 file URL.

file_firmware_v4 string

Firmware v4 file URL.

file_firmware_v5 string

Firmware v5 file URL.

file_firmware_new_pcb string

New PCB firmware file URL.

file_bootloader string

Bootloader file URL.

file_bootloader_v2 string

Bootloader v2 file URL.

file_bootloader_v3 string

Bootloader v3 file URL.

file_bootloader_v4 string

Bootloader v4 file URL.

changelog string

Changelog file URL.

pcbVersion object

PCB version details.

id integer

PCB version ID.

name string

Version name.

hardware_id string

Hardware identifier.

joinedDevices object[]

Joined hand devices.

joinedElectrodes object[]

Joined electrode devices.

Create new device

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/device" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"serial\": \"S3R1AL-NUM83R\",
    \"bluetooth_id\": \"BL0123456789\",
    \"model_id\": 1,
    \"amputee_id\": 1,
    \"clinicians\": [
        2
    ],
    \"firmware_version_id\": 1,
    \"pcb_version_id\": 1,
    \"reverse_magnets\": false,
    \"is_electrode\": false,
    \"active\": true,
    \"last_activity_at\": \"2022-08-15 12:00:00\"
}"

const url = new URL(
    "http://localhost:8000/api/device"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "serial": "S3R1AL-NUM83R",
    "bluetooth_id": "BL0123456789",
    "model_id": 1,
    "amputee_id": 1,
    "clinicians": [
        2
    ],
    "firmware_version_id": 1,
    "pcb_version_id": 1,
    "reverse_magnets": false,
    "is_electrode": false,
    "active": true,
    "last_activity_at": "2022-08-15 12:00:00"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (201):


{
    "id": 8,
    "serial": "afa6b5f3-d475-378e-8ed0-ff95cf146f75",
    "bluetooth_id": "75cce72f-b80c-3df8-aa0a-f66cb29c8978",
    "company_id": null,
    "model_id": null,
    "amputee_id": null,
    "clinician_id": null,
    "firmware_version_id": null,
    "pcb_version_id": null,
    "reverse_magnets": 0,
    "is_electrode": 0,
    "active": 1,
    "last_activity_at": "0000-00-00 00:00:00",
    "created_at": "2026-06-02T13:54:44.000000Z",
    "updated_at": "2026-06-02T13:54:44.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to create device",
    "code": "DEVICES:CREATE:INSUFFICIENT_PERMISSION"
}

Example response (403, Firmware has no schema):


{
    "message": "Cannot create: firmware has no schema",
    "code": "DEVICES:CREATE:NO_FIRMWARE_SCHEMA"
}

Example response (500, Server error):


{
    "message": "Server error: device not created",
    "code": "DEVICES:CREATE:SERVER_ERROR"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/device

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

serial string

Device serial number. Example: S3R1AL-NUM83R

bluetooth_id string

Device Bluetooth ID. Example: BL0123456789

model_id string

Device Model ID. The id of an existing record in the App\Models\DeviceModel table. Example: 1

amputee_id string optional

Device amputee ID. The id of an existing record in the App\Models\User table. Example: 1

clinicians integer[] optional

Clinician ID. The id of an existing record in the App\Models\User table.

firmware_version_id string optional

Firmware Version ID. The id of an existing record in the App\Models\FirmwareVersion table. Example: 1

pcb_version_id string optional

PCB Version ID. The id of an existing record in the App\Models\PCBVersion table. Example: 1

reverse_magnets boolean optional true false

Device reverse magnets. Default: 0. Example: false

is_electrode boolean optional true false

Super Admin only: Device is electrode. Default: 0. Example: false

active boolean optional true false

Device active status (0 - inactive, 1 - active). Example: true

last_activity_at string optional

Device last activity date. Update this value each time device connects to the mobile app. Always shift local datetime to UTC timezone. Must be a valid date in the format Y-m-d H:i:s. Example: 2022-08-15 12:00:00

Response

Response Fields

id integer

Device ID.

serial string

Device serial number.

bluetooth_id string

Bluetooth identifier.

model_id integer

Device model ID.

amputee_id integer

Assigned patient (amputee) user ID.

firmware_version_id integer

Firmware version ID.

pcb_version_id integer

PCB version ID.

company_id integer

Company ID.

reverse_magnets boolean

Whether magnets are reversed.

is_electrode boolean

Whether this device is an electrode.

active boolean

Whether the device is active.

last_activity_at string

Last activity timestamp.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

model object

Device model details.

id integer

Device model ID.

name string

Model name.

type string

Model type.

orientation string

Model orientation.

active boolean

Whether the model is active.

amputee object

Assigned patient (amputee) user.

id integer

User ID.

name string

User full name.

email string

User email address.

clinicians object[]

Clinicians assigned to this device.

firmwareVersion object

Firmware version details.

id integer

Firmware version ID.

name string

Version name.

file_firmware string

Firmware file URL.

file_firmware_v2 string

Firmware v2 file URL.

file_firmware_v3 string

Firmware v3 file URL.

file_firmware_v4 string

Firmware v4 file URL.

file_firmware_v5 string

Firmware v5 file URL.

file_firmware_new_pcb string

New PCB firmware file URL.

file_bootloader string

Bootloader file URL.

file_bootloader_v2 string

Bootloader v2 file URL.

file_bootloader_v3 string

Bootloader v3 file URL.

file_bootloader_v4 string

Bootloader v4 file URL.

changelog string

Changelog file URL.

pcbVersion object

PCB version details.

id integer

PCB version ID.

name string

Version name.

hardware_id string

Hardware identifier.

joinedDevices object[]

Joined hand devices.

joinedElectrodes object[]

Joined electrode devices.

Update device

requires authentication

Amputee of device can update only these fields: serial, bluetooth_id, firmware_version_id, pcb_version_id

Example request:

curl --request PUT \
    "http://localhost:8000/api/device/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"serial\": \"S3R1AL-NUM83R\",
    \"bluetooth_id\": \"BL0123456789\",
    \"model_id\": 1,
    \"amputee_id\": 1,
    \"clinicians\": [
        2
    ],
    \"firmware_version_id\": 1,
    \"pcb_version_id\": 1,
    \"reverse_magnets\": false,
    \"is_electrode\": false,
    \"active\": true,
    \"last_activity_at\": \"2022-08-15 12:00:00\"
}"

const url = new URL(
    "http://localhost:8000/api/device/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "serial": "S3R1AL-NUM83R",
    "bluetooth_id": "BL0123456789",
    "model_id": 1,
    "amputee_id": 1,
    "clinicians": [
        2
    ],
    "firmware_version_id": 1,
    "pcb_version_id": 1,
    "reverse_magnets": false,
    "is_electrode": false,
    "active": true,
    "last_activity_at": "2022-08-15 12:00:00"
};

fetch(url, {
    method: "PUT",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (202):


{
    "id": 9,
    "serial": "b49133f5-f5b2-3332-be00-5bce62c1d4de",
    "bluetooth_id": "fee20859-2ddd-3efa-a246-db08c77c85db",
    "company_id": null,
    "model_id": null,
    "amputee_id": null,
    "clinician_id": null,
    "firmware_version_id": null,
    "pcb_version_id": null,
    "reverse_magnets": 0,
    "is_electrode": 0,
    "active": 1,
    "last_activity_at": "0000-00-00 00:00:00",
    "created_at": "2026-06-02T13:54:44.000000Z",
    "updated_at": "2026-06-02T13:54:44.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to update device",
    "code": "DEVICES:UPDATE:INSUFFICIENT_PERMISSION"
}

Example response (403, Firmware has no schema):


{
    "message": "Cannot update: firmware has no schema",
    "code": "DEVICES:UPDATE:NO_FIRMWARE_SCHEMA"
}

Example response (403):


{
    "message": "Cannot update: no clinicians left for patient relation",
    "code": "DEVICES:UPDATE:NO_CLINICIANS"
}

Example response (404, Device not found):


{
    "message": "Device not found",
    "code": "DEVICES:UPDATE:DEVICE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

PUT api/device/{id}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

id integer

Device ID. Example: 1

Body Parameters

serial string optional

Device serial number. Example: S3R1AL-NUM83R

bluetooth_id string optional

Device Bluetooth ID. Example: BL0123456789

model_id string optional

Device Model ID. The id of an existing record in the App\Models\DeviceModel table. Example: 1

amputee_id string optional

Device amputee ID. Pass null to remove assignment. The id of an existing record in the App\Models\User table. Example: 1

clinicians integer[] optional

Clinician ID. The id of an existing record in the App\Models\User table.

firmware_version_id string optional

Firmware Version ID. The id of an existing record in the App\Models\FirmwareVersion table. Example: 1

pcb_version_id string optional

PCB Version ID. The id of an existing record in the App\Models\PCBVersion table. Example: 1

reverse_magnets boolean optional true false

Device reverse magnets. Default: 0. Example: false

is_electrode boolean optional true false

Super Admin only: Device is electrode. Default: 0. Example: false

active boolean optional true false

Device active status (0 - inactive, 1 - active). Example: true

last_activity_at string optional

Response

Response Fields

id integer

Device ID.

serial string

Device serial number.

bluetooth_id string

Bluetooth identifier.

model_id integer

Device model ID.

amputee_id integer

Assigned patient (amputee) user ID.

firmware_version_id integer

Firmware version ID.

pcb_version_id integer

PCB version ID.

company_id integer

Company ID.

reverse_magnets boolean

Whether magnets are reversed.

is_electrode boolean

Whether this device is an electrode.

active boolean

Whether the device is active.

last_activity_at string

Last activity timestamp.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

model object

Device model details.

id integer

Device model ID.

name string

Model name.

type string

Model type.

orientation string

Model orientation.

active boolean

Whether the model is active.

amputee object

Assigned patient (amputee) user.

id integer

User ID.

name string

User full name.

email string

User email address.

clinicians object[]

Clinicians assigned to this device.

firmwareVersion object

Firmware version details.

id integer

Firmware version ID.

name string

Version name.

file_firmware string

Firmware file URL.

file_firmware_v2 string

Firmware v2 file URL.

file_firmware_v3 string

Firmware v3 file URL.

file_firmware_v4 string

Firmware v4 file URL.

file_firmware_v5 string

Firmware v5 file URL.

file_firmware_new_pcb string

New PCB firmware file URL.

file_bootloader string

Bootloader file URL.

file_bootloader_v2 string

Bootloader v2 file URL.

file_bootloader_v3 string

Bootloader v3 file URL.

file_bootloader_v4 string

Bootloader v4 file URL.

changelog string

Changelog file URL.

pcbVersion object

PCB version details.

id integer

PCB version ID.

name string

Version name.

hardware_id string

Hardware identifier.

joinedDevices object[]

Joined hand devices.

joinedElectrodes object[]

Joined electrode devices.

Delete device

requires authentication

Example request:

curl --request DELETE \
    "http://localhost:8000/api/device/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/device/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "DELETE",
    headers,
}).then(response => response.json());

Example response (202, OK):


{
    "message": "Device deleted",
    "code": "DEVICES:DELETE:DELETED"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to delete device",
    "code": "DEVICES:DELETE:INSUFFICIENT_PERMISSION"
}

Example response (404, Device not found):


{
    "message": "Device not found",
    "code": "DEVICES:DELETE:DEVICE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Get device hashes

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/device/1/hash" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/device/1/hash"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200, OK):


{
    "hash_global": "123456789012345",
    "hash_common_settings": "123456789012345",
    "hash_common_grips": "123456789012345",
    "hash_mode1": "123456789012345",
    "hash_mode2": "123456789012345",
    "hash_mode3": "123456789012345"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to access device hashes",
    "code": "DEVICES:GET_HASHES:INSUFFICIENT_PERMISSION"
}

Example response (404, Device not found):


{
    "message": "Device not found",
    "code": "DEVICES:GET_HASHES:DEVICE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Update device hashes

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/device/1/hash" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"hash_global\": \"123456789012345\",
    \"hash_common_settings\": \"123456789012345\",
    \"hash_common_grips\": \"123456789012345\",
    \"hash_mode1\": \"123456789012345\",
    \"hash_mode2\": \"123456789012345\",
    \"hash_mode3\": \"123456789012345\"
}"

const url = new URL(
    "http://localhost:8000/api/device/1/hash"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "hash_global": "123456789012345",
    "hash_common_settings": "123456789012345",
    "hash_common_grips": "123456789012345",
    "hash_mode1": "123456789012345",
    "hash_mode2": "123456789012345",
    "hash_mode3": "123456789012345"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (202, OK):


{
    "hash_global": "123456789012345",
    "hash_common_settings": "123456789012345",
    "hash_common_grips": "123456789012345",
    "hash_mode1": "123456789012345",
    "hash_mode2": "123456789012345",
    "hash_mode3": "123456789012345"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to access device hashes",
    "code": "DEVICES:SET_HASHES:INSUFFICIENT_PERMISSION"
}

Example response (404, Device not found):


{
    "message": "Device not found",
    "code": "DEVICES:SET_HASHES:DEVICE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/device/{id}/hash

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

id integer

Device ID. Example: 1

Body Parameters

hash_global string optional

Global hash. Example: 123456789012345

hash_common_settings string optional

Common settings hash. Example: 123456789012345

hash_common_grips string optional

Common grips hash. Example: 123456789012345

hash_mode1 string optional

Mode 1 hash. Example: 123456789012345

hash_mode2 string optional

Mode 2 hash. Example: 123456789012345

hash_mode3 string optional

Mode 3 hash. Example: 123456789012345

Detach device

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/device/1/detach" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/device/1/detach"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "POST",
    headers,
}).then(response => response.json());

Example response (202, OK):


{
    "message": "Device detached",
    "code": "DEVICES:DETACH:DETACHED"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to detach device",
    "code": "DEVICES:DETACH:INSUFFICIENT_PERMISSION"
}

Example response (404, Device not found):


{
    "message": "Device not found",
    "code": "DEVICES:DETACH:DEVICE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Add device

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/device/add/S3R1AL-NUM83R" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/device/add/S3R1AL-NUM83R"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "POST",
    headers,
}).then(response => response.json());

Example response (202):


{
    "id": 10,
    "serial": "b164e2b1-98fb-3245-b4c0-ee38b14b0d7c",
    "bluetooth_id": "6d9a2798-1866-37d2-81db-38f50ce1b51d",
    "company_id": null,
    "model_id": null,
    "amputee_id": null,
    "clinician_id": null,
    "firmware_version_id": null,
    "pcb_version_id": null,
    "reverse_magnets": 0,
    "is_electrode": 0,
    "active": 1,
    "last_activity_at": "0000-00-00 00:00:00",
    "created_at": "2026-06-02T13:54:45.000000Z",
    "updated_at": "2026-06-02T13:54:45.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to assign devices with code",
    "code": "DEVICES:ASSIGN:INSUFFICIENT_PERMISSION"
}

Example response (403, User reached the temporary limit of attached devices):


{
    "message": "Reached the limit of assigned devices",
    "code": "DEVICES:ASSIGN:LIMIT_REACHED"
}

Example response (404, Device not found):


{
    "message": "Device not found",
    "code": "DEVICES:ASSIGN:DEVICE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Response

Response Fields

id integer

Device ID.

serial string

Device serial number.

bluetooth_id string

Bluetooth identifier.

model_id integer

Device model ID.

amputee_id integer

Assigned patient (amputee) user ID.

firmware_version_id integer

Firmware version ID.

pcb_version_id integer

PCB version ID.

company_id integer

Company ID.

reverse_magnets boolean

Whether magnets are reversed.

is_electrode boolean

Whether this device is an electrode.

active boolean

Whether the device is active.

last_activity_at string

Last activity timestamp.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

model object

Device model details.

id integer

Device model ID.

name string

Model name.

type string

Model type.

orientation string

Model orientation.

active boolean

Whether the model is active.

amputee object

Assigned patient (amputee) user.

id integer

User ID.

name string

User full name.

email string

User email address.

clinicians object[]

Clinicians assigned to this device.

firmwareVersion object

Firmware version details.

id integer

Firmware version ID.

name string

Version name.

file_firmware string

Firmware file URL.

file_firmware_v2 string

Firmware v2 file URL.

file_firmware_v3 string

Firmware v3 file URL.

file_firmware_v4 string

Firmware v4 file URL.

file_firmware_v5 string

Firmware v5 file URL.

file_firmware_new_pcb string

New PCB firmware file URL.

file_bootloader string

Bootloader file URL.

file_bootloader_v2 string

Bootloader v2 file URL.

file_bootloader_v3 string

Bootloader v3 file URL.

file_bootloader_v4 string

Bootloader v4 file URL.

changelog string

Changelog file URL.

pcbVersion object

PCB version details.

id integer

PCB version ID.

name string

Version name.

hardware_id string

Hardware identifier.

joinedDevices object[]

Joined hand devices.

joinedElectrodes object[]

Joined electrode devices.

Connect device

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/device/connect/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/device/connect/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "POST",
    headers,
}).then(response => response.json());

Example response (200, OK):


{
    "message": "Device connected",
    "code": "DEVICES:CONNECT:CONNECTED"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to view device data",
    "code": "DEVICES:CONNECT:INSUFFICIENT_PERMISSION"
}

Example response (404, Device not found):


{
    "message": "Device not found",
    "code": "DEVICES:CONNECT:DEVICE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Disconnect device

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/device/disconnect/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/device/disconnect/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "POST",
    headers,
}).then(response => response.json());

Example response (200, OK):


{
    "message": "Device disconnected",
    "code": "DEVICES:DISCONNECT:DISCONNECTED"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to view device data",
    "code": "DEVICES:DISCONNECT:INSUFFICIENT_PERMISSION"
}

Example response (404, Device not found):


{
    "message": "Device not found",
    "code": "DEVICES:DISCONNECT:DEVICE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Join devices

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/device/join/1/2" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"force\": false,
    \"patient\": 1
}"

const url = new URL(
    "http://localhost:8000/api/device/join/1/2"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "force": false,
    "patient": 1
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (200):


{
    "id": 11,
    "serial": "43f9b60a-e630-3646-abaf-197a3a0a65a3",
    "bluetooth_id": "e350a26c-1c14-357b-bdf2-3f5ff5ec8322",
    "company_id": null,
    "model_id": null,
    "amputee_id": null,
    "clinician_id": null,
    "firmware_version_id": null,
    "pcb_version_id": null,
    "reverse_magnets": 0,
    "is_electrode": 0,
    "active": 1,
    "last_activity_at": "0000-00-00 00:00:00",
    "created_at": "2026-06-02T13:54:45.000000Z",
    "updated_at": "2026-06-02T13:54:45.000000Z",
    "joined_devices": [
        {
            "id": 12,
            "serial": "62ba00c6-7869-31ee-a85b-e53cddea13a1",
            "bluetooth_id": "463464ab-6c38-3921-ac92-5d2baa4b2c0e",
            "company_id": null,
            "model_id": null,
            "amputee_id": null,
            "clinician_id": null,
            "firmware_version_id": null,
            "pcb_version_id": null,
            "reverse_magnets": 0,
            "is_electrode": 0,
            "active": 1,
            "last_activity_at": "0000-00-00 00:00:00",
            "created_at": "2026-06-02T13:54:45.000000Z",
            "updated_at": "2026-06-02T13:54:45.000000Z",
            "pivot": {
                "electrode_id": 11,
                "device_id": 12,
                "created_at": "2026-06-02T13:54:45.000000Z",
                "updated_at": "2026-06-02T13:54:45.000000Z"
            }
        }
    ],
    "joined_electrodes": [
        {
            "id": 13,
            "serial": "de2e792c-1aa2-30d6-8c34-e010688d8cec",
            "bluetooth_id": "7d7ddc8a-5cc0-3ce0-a980-1f4a2e47e8fd",
            "company_id": null,
            "model_id": null,
            "amputee_id": null,
            "clinician_id": null,
            "firmware_version_id": null,
            "pcb_version_id": null,
            "reverse_magnets": 0,
            "is_electrode": 0,
            "active": 1,
            "last_activity_at": "0000-00-00 00:00:00",
            "created_at": "2026-06-02T13:54:45.000000Z",
            "updated_at": "2026-06-02T13:54:45.000000Z",
            "pivot": {
                "device_id": 11,
                "electrode_id": 13,
                "created_at": "2026-06-02T13:54:45.000000Z",
                "updated_at": "2026-06-02T13:54:45.000000Z"
            }
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to join devices",
    "code": "DEVICES:JOIN:INSUFFICIENT_PERMISSION"
}

Example response (403, Device 2 has a patient assigned):


{
    "message": "Device 2 has a patient assigned",
    "code": "DEVICES:JOIN:DEVICE2_HAS_PATIENT"
}

Example response (403, Device already has an electrode joined):


{
    "message": "Device already has an electrode joined",
    "code": "DEVICES:JOIN:ALREADY_JOINED"
}

Example response (403, Server error):


{
    "message": "Server error",
    "code": "DEVICES:JOIN:SERVER_ERROR"
}

Example response (404, Device not found):


{
    "message": "Device not found",
    "code": "DEVICES:JOIN:DEVICE_NOT_FOUND"
}

Example response (404, Device 1 cannot be an electrode):


{
    "message": "Device 1 cannot be an electrode",
    "code": "DEVICES:JOIN:INCORRECT_DEVICE1_TYPE"
}

Example response (404, Device 2 must be an electrode):


{
    "message": "Device 1 must be an electrode",
    "code": "DEVICES:JOIN:INCORRECT_DEVICE2_TYPE"
}

Example response (404, Both devices have no patient assigned):


{
    "message": "Both devices have no patient assigned",
    "code": "DEVICES:JOIN:NO_PATIENT"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/device/join/{deviceId}/{electrodeId}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

deviceId integer

Device ID (hand). Example: 1

electrodeId integer

Device ID (electrode). Example: 2

Body Parameters

force boolean optional true false

Force assignment even if one or both devices are already joined with other devices. Example: false

patient integer optional

Add or replace patient assignment in joined devices. The id of an existing record in the App\Models\User table. Example: 1

Response

Response Fields

id integer

Device ID.

serial string

Device serial number.

bluetooth_id string

Bluetooth identifier.

model_id integer

Device model ID.

amputee_id integer

Assigned patient (amputee) user ID.

firmware_version_id integer

Firmware version ID.

pcb_version_id integer

PCB version ID.

company_id integer

Company ID.

reverse_magnets boolean

Whether magnets are reversed.

is_electrode boolean

Whether this device is an electrode.

active boolean

Whether the device is active.

last_activity_at string

Last activity timestamp.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

model object

Device model details.

id integer

Device model ID.

name string

Model name.

type string

Model type.

orientation string

Model orientation.

active boolean

Whether the model is active.

amputee object

Assigned patient (amputee) user.

id integer

User ID.

name string

User full name.

email string

User email address.

clinicians object[]

Clinicians assigned to this device.

firmwareVersion object

Firmware version details.

id integer

Firmware version ID.

name string

Version name.

file_firmware string

Firmware file URL.

file_firmware_v2 string

Firmware v2 file URL.

file_firmware_v3 string

Firmware v3 file URL.

file_firmware_v4 string

Firmware v4 file URL.

file_firmware_v5 string

Firmware v5 file URL.

file_firmware_new_pcb string

New PCB firmware file URL.

file_bootloader string

Bootloader file URL.

file_bootloader_v2 string

Bootloader v2 file URL.

file_bootloader_v3 string

Bootloader v3 file URL.

file_bootloader_v4 string

Bootloader v4 file URL.

changelog string

Changelog file URL.

pcbVersion object

PCB version details.

id integer

PCB version ID.

name string

Version name.

hardware_id string

Hardware identifier.

joinedDevices object[]

Joined hand devices.

joinedElectrodes object[]

Joined electrode devices.

Detach joined devices

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/device/unjoin/1/2" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/device/unjoin/1/2"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "POST",
    headers,
}).then(response => response.json());

Example response (200, OK):


{
    "message": "Devices unjoined",
    "code": "DEVICES:UNJOIN:UNJOINED"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to join devices",
    "code": "DEVICES:UNJOIN:INSUFFICIENT_PERMISSION"
}

Example response (403, OK):


{
    "message": "Devices are not joined",
    "code": "DEVICES:UNJOIN:NOT_JOINED"
}

Example response (404, Device not found):


{
    "message": "Device not found",
    "code": "DEVICES:UNJOIN:DEVICE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/device/unjoin/{deviceId}/{electrodeId}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

deviceId integer

Device ID. Example: 1

electrodeId integer

Electrode ID. Example: 2

Create demo patient

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/device/1/dummy-patient" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/device/1/dummy-patient"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "POST",
    headers,
}).then(response => response.json());

Example response (201, OK):


{
    "email": "SERIAL@gmail.com",
    "password": "Demo@123"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to create dummy patient",
    "code": "DEVICES:DUMMY_PATIENT:INSUFFICIENT_PERMISSION"
}

Example response (403, Device already has a patient):


{
    "message": "Device already has a patient",
    "code": "DEVICES:DUMMY_PATIENT:PATIENT_EXISTS"
}

Example response (404, Device not found):


{
    "message": "Device not found",
    "code": "DEVICES:DUMMY_PATIENT:DEVICE_NOT_FOUND"
}

Example response (500, Server error):


{
    "message": "Server error: dummy patient not created",
    "code": "DEVICES:DUMMY_PATIENT:SERVER_ERROR"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Documents

API endpoints for documents management

List documents

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/documents?type=web" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/documents"
);

const params = {
    "type": "web",
};
Object.keys(params)
    .forEach(key => url.searchParams.append(key, params[key]));

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 1,
            "name": "Receptionist and Information Clerk",
            "type": "mobile",
            "created_at": "2026-06-02T13:56:23.000000Z",
            "updated_at": "2026-06-02T13:56:23.000000Z"
        },
        {
            "id": 2,
            "name": "Lifeguard",
            "type": "mobile",
            "created_at": "2026-06-02T13:56:23.000000Z",
            "updated_at": "2026-06-02T13:56:23.000000Z"
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage documents",
    "code": "DOCUMENTS:LIST:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/documents

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Query Parameters

type string optional

Filter documents by type. Example: web

Must be one of:

web
mobile

perpage integer optional

Elements per page (Default: 20).

page integer optional

Page number (Default: 1).

Response

Response Fields

items object

id integer

Document ID.

name string

Document name.

type string

Document target platform.

Must be one of:

web
mobile

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

versions object[]

Document versions.

paginator object

total integer

Total number of items.

count integer

Number of items on current page.

perpage integer

Items per page.

current_page integer

Current page number.

last_page integer

Last page number.

Create document

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/documents" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"name\": \"Privacy Policy\",
    \"type\": \"web\"
}"

const url = new URL(
    "http://localhost:8000/api/documents"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "name": "Privacy Policy",
    "type": "web"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (201):


{
    "id": 3,
    "name": "Equal Opportunity Representative",
    "type": "web",
    "created_at": "2026-06-02T13:56:23.000000Z",
    "updated_at": "2026-06-02T13:56:23.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage documents",
    "code": "DOCUMENTS:CREATE:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/documents

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

name string

Document name. Example: Privacy Policy

type string

Document destination. Example: web

Must be one of:

web
mobile

Response

Response Fields

id integer

Document ID.

name string

Document name.

type string

Document target platform.

Must be one of:

web
mobile

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

versions object[]

Document versions.

Delete document

requires authentication

Example request:

curl --request DELETE \
    "http://localhost:8000/api/documents/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/documents/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "DELETE",
    headers,
}).then(response => response.json());

Example response (202, OK):


{
    "message": "Document deleted",
    "code": "DOCUMENTS:DELETE:DELETED"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage documents",
    "code": "DOCUMENTS:DELETE:INSUFFICIENT_PERMISSION"
}

Example response (403, Document has existing versions):


{
    "message": "Cannot delete: document has existing versions (1)",
    "code": "DOCUMENTS:DELETE:HAS_VERSIONS"
}

Example response (404, Document not found):


{
    "message": "Document not found",
    "code": "DOCUMENTS:DELETE:DOCUMENT_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

List document versions

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/documents/1/versions" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/documents/1/versions"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


[
    {
        "id": 1,
        "document_id": null,
        "index": 31778,
        "file": "http://www.gerlach.net/",
        "created_at": "2026-06-02T13:56:23.000000Z",
        "updated_at": "2026-06-02T13:56:23.000000Z"
    },
    {
        "id": 2,
        "document_id": null,
        "index": 547586,
        "file": "http://www.powlowski.com/",
        "created_at": "2026-06-02T13:56:23.000000Z",
        "updated_at": "2026-06-02T13:56:23.000000Z"
    }
]

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage documents",
    "code": "DOCUMENTS:LIST_VERSIONS:INSUFFICIENT_PERMISSION"
}

Example response (404, Document not found):


{
    "message": "Document not found",
    "code": "DOCUMENTS:LIST_VERSIONS:DOCUMENT_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/documents/{documentId}/versions

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

documentId integer

Document ID. Example: 1

Query Parameters

perpage integer optional

Elements per page (Default: 20).

page integer optional

Page number (Default: 1).

Response

Response Fields

id integer

Document version ID.

document_id integer

Associated document ID.

index integer

Version index number.

file string

File path or URL.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

document object

Parent document.

Create document version

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/documents/1/versions" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"file\": \"https:\\/\\/www.aetherbiomedical.com\\/privacy-policy\"
}"

const url = new URL(
    "http://localhost:8000/api/documents/1/versions"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "file": "https:\/\/www.aetherbiomedical.com\/privacy-policy"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (201):


{
    "id": 3,
    "document_id": null,
    "index": 7184,
    "file": "http://www.bednar.com/",
    "created_at": "2026-06-02T13:56:23.000000Z",
    "updated_at": "2026-06-02T13:56:23.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage documents",
    "code": "DOCUMENTS:CREATE_VERSION:INSUFFICIENT_PERMISSION"
}

Example response (404, Document not found):


{
    "message": "Document not found",
    "code": "DOCUMENTS:CREATE_VERSION:DOCUMENT_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/documents/{documentId}/versions

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

documentId integer

Document ID. Example: 1

Body Parameters

file string

URL to document file. Must be a valid URL. Example: https://www.aetherbiomedical.com/privacy-policy

Response

Response Fields

id integer

Document version ID.

document_id integer

Associated document ID.

index integer

Version index number.

file string

File path or URL.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

document object

Parent document.

Delete document version

requires authentication

Example request:

curl --request DELETE \
    "http://localhost:8000/api/documents/1/versions/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/documents/1/versions/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "DELETE",
    headers,
}).then(response => response.json());

Example response (202, OK):


{
    "message": "Document version deleted",
    "code": "DOCUMENTS:DELETE_VERSION:DELETED"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage documents",
    "code": "DOCUMENTS:DELETE_VERSION:INSUFFICIENT_PERMISSION"
}

Example response (404, Document not found):


{
    "message": "Document not found",
    "code": "DOCUMENTS:DELETE_VERSION:DOCUMENT_NOT_FOUND"
}

Example response (404, Document version not found):


{
    "message": "Document version not found",
    "code": "DOCUMENTS:DELETE_VERSION:VERSION_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

DELETE api/documents/{documentId}/versions/{versionId}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

documentId integer

Document ID. Example: 1

versionId integer

DocumentVersion ID. Example: 1

Get documents status

requires authentication

Any document on the list has to be accepted. Use POST /documents/accept endpoint to mark them as accepted once user agrees to that. Empty list means that user is up-to-date with all required documents and nothing has to be accepted.

Example request:

curl --request GET \
    --get "http://localhost:8000/api/documents/status?type=web" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/documents/status"
);

const params = {
    "type": "web",
};
Object.keys(params)
    .forEach(key => url.searchParams.append(key, params[key]));

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200, OK):


{
    "documents": [],
    "texts": {
        "title": "Changes to the Privacy Policy",
        "description": "Due to the addition of a new data processing entity, please familiarize yourself with and accept the new privacy policy",
        "checkbox": "I declare that I have read the content of the Privacy Policy and the Terms and Conditions and accept their provisions. I understand that acceptance is a condition for using the application."
    }
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to view documents status",
    "code": "DOCUMENTS:STATUS:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Accept documents

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/documents/accept" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"documents\": [
        1
    ]
}"

const url = new URL(
    "http://localhost:8000/api/documents/accept"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "documents": [
        1
    ]
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (202, OK):


{
    "message": "Accepted 1 document(s)",
    "code": "DOCUMENTS:ACCEPT:ACCEPTED"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to update documents status",
    "code": "DOCUMENTS:ACCEPT:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Accept Terms of Service for patients

requires authentication

This endpoint does not save any information to the database. Its purpose is to make sure the patient will be saved in the HubSpot.

Example request:

curl --request POST \
    "http://localhost:8000/api/documents/accept/tos" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/documents/accept/tos"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "POST",
    headers,
}).then(response => response.json());

Example response (202, OK):


{
    "message": "Patients' \"Terms of Service\" accepted",
    "code": "DOCUMENTS:ACCEPT_PATIENT_TOS:ACCEPTED"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to accept patients' \"Terms of Service\"",
    "code": "DOCUMENTS:ACCEPT_PATIENT_TOS:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Feature announcements

Endpoints related to feature announcements

List feature announcements

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/feature-announcements" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/feature-announcements"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 1,
            "name": "Orchid",
            "notification_title": "omnis-dolor.title",
            "notification_body": "omnis-dolor.body",
            "created_at": "2026-06-02T13:56:56.000000Z",
            "updated_at": "2026-06-02T13:56:56.000000Z"
        },
        {
            "id": 2,
            "name": "BlueViolet",
            "notification_title": "expedita-reiciendis.title",
            "notification_body": "expedita-reiciendis.body",
            "created_at": "2026-06-02T13:56:56.000000Z",
            "updated_at": "2026-06-02T13:56:56.000000Z"
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage feature announcements",
    "code": "FEATURE_ANNOUNCEMENTS:LIST:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/feature-announcements

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Query Parameters

perpage integer optional

Elements per page (Default: 20).

page integer optional

Page number (Default: 1).

Create feature announcement

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/feature-announcements" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"name\": \"Notification about 1.15 release\",
    \"notification_title\": \"release_1.15.title\",
    \"notification_body\": \"release_1.15.body\"
}"

const url = new URL(
    "http://localhost:8000/api/feature-announcements"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "name": "Notification about 1.15 release",
    "notification_title": "release_1.15.title",
    "notification_body": "release_1.15.body"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (201):


{
    "id": 3,
    "name": "DarkOrchid",
    "notification_title": "quidem-delectus.title",
    "notification_body": "quidem-delectus.body",
    "created_at": "2026-06-02T13:56:56.000000Z",
    "updated_at": "2026-06-02T13:56:56.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage feature announcements",
    "code": "FEATURE_ANNOUNCEMENTS:CREATE:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/feature-announcements

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

name string

Notification name. Only for internal usage. Example: Notification about 1.15 release

notification_title string

Notification title (Simple Localize key). Please follow the naming: [campaign_name].title in namespace announcements, for example: release_1.15.title. Example: release_1.15.title

notification_body string

Notification body (Simple Localize key). Please follow the naming: [campaign_name].body in namespace announcements, for example: release_1.15.body. Example: release_1.15.body

Update feature announcement

requires authentication

Example request:

curl --request PUT \
    "http://localhost:8000/api/feature-announcements/2" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"name\": \"Notification about 1.15 release\",
    \"notification_title\": \"release_1.15.title\",
    \"notification_body\": \"release_1.15.body\"
}"

const url = new URL(
    "http://localhost:8000/api/feature-announcements/2"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "name": "Notification about 1.15 release",
    "notification_title": "release_1.15.title",
    "notification_body": "release_1.15.body"
};

fetch(url, {
    method: "PUT",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (202):


{
    "id": 4,
    "name": "MediumSlateBlue",
    "notification_title": "est-ducimus.title",
    "notification_body": "est-ducimus.body",
    "created_at": "2026-06-02T13:56:56.000000Z",
    "updated_at": "2026-06-02T13:56:56.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage feature announcements",
    "code": "FEATURE_ANNOUNCEMENTS:UPDATE:INSUFFICIENT_PERMISSION"
}

Example response (404, Feature announcement not found):


{
    "message": "Feature announcement not found",
    "code": "FEATURE_ANNOUNCEMENTS:UPDATE:NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

PUT api/feature-announcements/{id}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

id integer

The ID of the feature announcement. Example: 2

Body Parameters

name string optional

Notification name. Only for internal usage. Example: Notification about 1.15 release

notification_title string optional

Notification title (Simple Localize key). Please follow the naming: [campaign_name].title in namespace announcements, for example: release_1.15.title. Example: release_1.15.title

notification_body string optional

Notification body (Simple Localize key). Please follow the naming: [campaign_name].body in namespace announcements, for example: release_1.15.body. Example: release_1.15.body

Delete feature announcement

requires authentication

Example request:

curl --request DELETE \
    "http://localhost:8000/api/feature-announcements/7" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/feature-announcements/7"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "DELETE",
    headers,
}).then(response => response.json());

Example response (200, OK):


{
    "message": "Feature announcement deleted",
    "code": "FEATURE_ANNOUNCEMENTS:DELETE:DELETED"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage feature announcements",
    "code": "FEATURE_ANNOUNCEMENTS:DELETE:INSUFFICIENT_PERMISSION"
}

Example response (404, Feature announcement not found):


{
    "message": "Feature announcement not found",
    "code": "FEATURE_ANNOUNCEMENTS:DELETE:NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Send feature announcement

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/feature-announcements/6/send" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/feature-announcements/6/send"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "POST",
    headers,
}).then(response => response.json());

Example response (200, OK):


{
    "message": "Feature announcement sent",
    "code": "FEATURE_ANNOUNCEMENTS:SEND:SENT"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage feature announcements",
    "code": "FEATURE_ANNOUNCEMENTS:SEND:INSUFFICIENT_PERMISSION"
}

Example response (404, Feature announcement not found):


{
    "message": "Feature announcement not found",
    "code": "FEATURE_ANNOUNCEMENTS:SEND:NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Feedback

Endpoints related to feedback collecting

Check feedback token

Example request:

curl --request POST \
    "http://localhost:8000/api/feedback/4KJ2YLM0MA64Y6D6FUY2OFY690IICO1OJ2DHR6T68IZNI528H3SKUFJMY0C5DHOA/check" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/feedback/4KJ2YLM0MA64Y6D6FUY2OFY690IICO1OJ2DHR6T68IZNI528H3SKUFJMY0C5DHOA/check"
);

const headers = {
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "POST",
    headers,
}).then(response => response.json());

Example response (200, OK):


{
    "valid": true
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Send feedback with token

Example request:

curl --request POST \
    "http://localhost:8000/api/feedback/4KJ2YLM0MA64Y6D6FUY2OFY690IICO1OJ2DHR6T68IZNI528H3SKUFJMY0C5DHOA" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"type\": \"contextual\",
    \"trigger\": \"remote_session\",
    \"rate\": 5,
    \"description\": \"That was amazing!\",
    \"skipped\": false,
    \"training_day_id\": 1
}"

const url = new URL(
    "http://localhost:8000/api/feedback/4KJ2YLM0MA64Y6D6FUY2OFY690IICO1OJ2DHR6T68IZNI528H3SKUFJMY0C5DHOA"
);

const headers = {
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "type": "contextual",
    "trigger": "remote_session",
    "rate": 5,
    "description": "That was amazing!",
    "skipped": false,
    "training_day_id": 1
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (201):


{
    "id": 1,
    "user_id": 6,
    "type": "periodic",
    "trigger": "firmware_update",
    "platform": "web",
    "rate": 3,
    "description": "Et aspernatur et est tenetur.",
    "skipped": 0,
    "training_day_id": null,
    "created_at": "2026-06-02T13:54:30.000000Z",
    "updated_at": "2026-06-02T13:54:30.000000Z"
}

Example response (403, Invalid token):


{
    "message": "Invalid token",
    "code": "FEEDBACK:SEND_WITH_TOKEN:INVALID_TOKEN"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/feedback/{token}

Headers

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

token string

Authentication token Example: 4KJ2YLM0MA64Y6D6FUY2OFY690IICO1OJ2DHR6T68IZNI528H3SKUFJMY0C5DHOA

Body Parameters

type string

Type of feedback. Example: contextual

Must be one of:

contextual
periodic

trigger string optional

Feedback trigger. This field is required when type is contextual. Example: remote_session

Must be one of:

remote_session
local_session
async_session
patient_create
clinician_invite
firmware_update
new_config
grip_change
training_failed
training_success

rate integer optional

User's rating. MINIMUM:NUMBER:0 MAXIMUM:NUMBER:5. Example: 5

description string optional

User's description. Example: That was amazing!

skipped boolean optional true false

Feedback skipped by the user. Example: false

training_day_id integer optional

Training day ID (for training feedback only). The id of an existing record in the App\Models\TrainingDay table. Example: 1

Response

Response Fields

id integer

Feedback ID.

user_id integer

User who submitted the feedback.

type string

Feedback type.

trigger string

What triggered the feedback.

platform string

Platform the feedback was submitted from.

rate integer

Feedback rating.

description string

Feedback description.

skipped boolean

Whether the feedback was skipped.

training_day_id integer

Associated training day ID.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Get feedback status

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/feedback/status" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/feedback/status"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200, OK):


{
    "remote_session": true,
    "firmware_update": true,
    "local_session": true,
    "async_session": true,
    "patient_create": false,
    "clinician_invite": true
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to check feedback status",
    "code": "FEEDBACK:STATUS:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Send feedback

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/feedback" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"type\": \"contextual\",
    \"trigger\": \"remote_session\",
    \"platform\": \"web\",
    \"rate\": 5,
    \"description\": \"That was amazing!\",
    \"skipped\": false,
    \"training_day_id\": 1
}"

const url = new URL(
    "http://localhost:8000/api/feedback"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "type": "contextual",
    "trigger": "remote_session",
    "platform": "web",
    "rate": 5,
    "description": "That was amazing!",
    "skipped": false,
    "training_day_id": 1
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (201):


{
    "id": 2,
    "user_id": 306,
    "type": "on_demand",
    "trigger": "firmware_update",
    "platform": "web",
    "rate": 5,
    "description": "Molestiae et vero id voluptas.",
    "skipped": 1,
    "training_day_id": null,
    "created_at": "2026-06-02T13:56:48.000000Z",
    "updated_at": "2026-06-02T13:56:48.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to send feedback",
    "code": "FEEDBACK:SEND:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/feedback

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

type string

Type of feedback. Example: contextual

Must be one of:

contextual
on_demand
periodic
training

trigger string optional

Feedback trigger. Example: remote_session

Must be one of:

remote_session
local_session
async_session
patient_create
clinician_invite
firmware_update
new_config
grip_change
training_failed
training_success

platform string

Feedback platform. Example: web

Must be one of:

web
mobile

rate integer optional

User's rating. MINIMUM:NUMBER:0 MAXIMUM:NUMBER:5. Example: 5

description string optional

User's description. Example: That was amazing!

skipped boolean optional true false

Feedback skipped by the user. Example: false

training_day_id integer optional

Training day ID (for training feedback only). The id of an existing record in the App\Models\TrainingDay table. Example: 1

Response

Response Fields

id integer

Feedback ID.

user_id integer

User who submitted the feedback.

type string

Feedback type.

trigger string

What triggered the feedback.

platform string

Platform the feedback was submitted from.

rate integer

Feedback rating.

description string

Feedback description.

skipped boolean

Whether the feedback was skipped.

training_day_id integer

Associated training day ID.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Schedule feedback notification

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/feedback/schedule" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"trigger\": \"remote_session\"
}"

const url = new URL(
    "http://localhost:8000/api/feedback/schedule"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "trigger": "remote_session"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (200, OK):


{
    "scheduled_at": "2026-04-13 12:00:00"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to schedule feedback notification",
    "code": "FEEDBACK:SCHEDULE:INSUFFICIENT_PERMISSION"
}

Example response (403, Feedback with this trigger was already scheduled today):


{
    "message": "Feedback with this trigger was already scheduled today",
    "code": "FEEDBACK:SCHEDULE:ALREADY_SCHEDULED"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/feedback/schedule

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

trigger string

Feedback trigger. Example: remote_session

Must be one of:

remote_session
local_session
async_session
patient_create
clinician_invite
firmware_update
new_config
grip_change
training_failed
training_success

List feedback

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/feedback" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/feedback"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (201):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 25,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 3,
            "user_id": 307,
            "type": "on_demand",
            "trigger": "grip_change",
            "platform": "web",
            "rate": 5,
            "description": "Quo modi hic libero quia ut.",
            "skipped": 1,
            "training_day_id": null,
            "created_at": "2026-06-02T13:56:49.000000Z",
            "updated_at": "2026-06-02T13:56:49.000000Z"
        },
        {
            "id": 4,
            "user_id": 308,
            "type": "on_demand",
            "trigger": "new_config",
            "platform": "mobile",
            "rate": 5,
            "description": "Ipsa error et atque aut itaque veritatis culpa.",
            "skipped": 0,
            "training_day_id": null,
            "created_at": "2026-06-02T13:56:49.000000Z",
            "updated_at": "2026-06-02T13:56:49.000000Z"
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to list feedback",
    "code": "FEEDBACK:LIST:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/feedback

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Query Parameters

perpage integer optional

Elements per page (Default: 20).

page integer optional

Page number (Default: 1).

sortby string optional

Sort by field (available: date). Default: date, desc.

sortdir string optional

Sort direction (available: asc, desc).

Response

Response Fields

items object

id integer

Feedback ID.

user_id integer

User who submitted the feedback.

type string

Feedback type.

trigger string

What triggered the feedback.

platform string

Platform the feedback was submitted from.

rate integer

Feedback rating.

description string

Feedback description.

skipped boolean

Whether the feedback was skipped.

training_day_id integer

Associated training day ID.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

paginator object

total integer

Total number of items.

count integer

Number of items on current page.

perpage integer

Items per page.

current_page integer

Current page number.

last_page integer

Last page number.

Export feedback to CSV

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/feedback/csv" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/feedback/csv"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200, CSV file):


{
    "file": "https://staging-us-east-2-aether-biomedical-s3-us-bucket.s3.us-east-2.amazonaws.com/feedback/feedback-1759228216.csv",
    "expires": "2025-09-30 10:40:00"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to export feedback",
    "code": "FEEDBACK:EXPORT_CSV:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Get feedback cooldowns

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/feedback/cooldowns" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/feedback/cooldowns"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200, OK):


{
    "remote_session": 1,
    "local_session": 1,
    "async_session": 1,
    "patient_create": 1,
    "clinician_invite": 1,
    "firmware_update": 1,
    "new_config": 1,
    "grip_change": 1
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage feedback cooldowns",
    "code": "FEEDBACK:GET_COOLDOWNS:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Update feedback cooldowns

requires authentication

Example request:

curl --request PUT \
    "http://localhost:8000/api/feedback/cooldowns" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"remote_session\": 1,
    \"local_session\": 1,
    \"async_session\": 1,
    \"patient_create\": 1,
    \"clinician_invite\": 1,
    \"firmware_update\": 1,
    \"new_config\": 1,
    \"grip_change\": 1
}"

const url = new URL(
    "http://localhost:8000/api/feedback/cooldowns"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "remote_session": 1,
    "local_session": 1,
    "async_session": 1,
    "patient_create": 1,
    "clinician_invite": 1,
    "firmware_update": 1,
    "new_config": 1,
    "grip_change": 1
};

fetch(url, {
    method: "PUT",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (200, OK):


{
    "remote_session": 1,
    "local_session": 1,
    "async_session": 1,
    "patient_create": 1,
    "clinician_invite": 1,
    "firmware_update": 1,
    "new_config": 1,
    "grip_change": 1
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage feedback cooldowns",
    "code": "FEEDBACK:UPDATE_COOLDOWNS:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

PUT api/feedback/cooldowns

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

remote_session integer optional

Cooldown for remote session trigger. MINIMUM:NUMBER:1. Example: 1

local_session integer optional

Cooldown for local session trigger. MINIMUM:NUMBER:1. Example: 1

async_session integer optional

Cooldown for async session trigger. MINIMUM:NUMBER:1. Example: 1

patient_create integer optional

Cooldown for patient create trigger. MINIMUM:NUMBER:1. Example: 1

clinician_invite integer optional

Cooldown for clinician invite trigger. MINIMUM:NUMBER:1. Example: 1

firmware_update integer optional

Cooldown for firmware update trigger. MINIMUM:NUMBER:1. Example: 1

new_config integer optional

Cooldown for new config trigger. MINIMUM:NUMBER:1. Example: 1

grip_change integer optional

Cooldown for grip change trigger. MINIMUM:NUMBER:1. Example: 1

Get feedback enabled

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/feedback/enabled" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/feedback/enabled"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200, OK):


{
    "remote_session": true,
    "local_session": true,
    "async_session": true,
    "patient_create": true,
    "clinician_invite": true,
    "firmware_update": true,
    "new_config": true,
    "grip_change": true
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage feedback cooldowns",
    "code": "FEEDBACK:GET_ENABLED:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Set feedback enabled

requires authentication

Example request:

curl --request PUT \
    "http://localhost:8000/api/feedback/enabled" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"remote_session\": false,
    \"local_session\": false,
    \"async_session\": false,
    \"patient_create\": false,
    \"clinician_invite\": false,
    \"firmware_update\": false,
    \"new_config\": false,
    \"grip_change\": false
}"

const url = new URL(
    "http://localhost:8000/api/feedback/enabled"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "remote_session": false,
    "local_session": false,
    "async_session": false,
    "patient_create": false,
    "clinician_invite": false,
    "firmware_update": false,
    "new_config": false,
    "grip_change": false
};

fetch(url, {
    method: "PUT",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (200, OK):


{
    "remote_session": true,
    "local_session": true,
    "async_session": true,
    "patient_create": true,
    "clinician_invite": true,
    "firmware_update": true,
    "new_config": true,
    "grip_change": true
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage feedback cooldowns",
    "code": "FEEDBACK:SET_ENABLED:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

PUT api/feedback/enabled

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

remote_session boolean optional true false

Enabled state for remote session trigger. Example: false

local_session boolean optional true false

Enabled state for local session trigger. Example: false

async_session boolean optional true false

Enabled state for async session trigger. Example: false

patient_create boolean optional true false

Enabled state for patient create trigger. Example: false

clinician_invite boolean optional true false

Enabled state for clinician invite trigger. Example: false

firmware_update boolean optional true false

Enabled state for firmware update trigger. Example: false

new_config boolean optional true false

Enabled state for new config trigger. Example: false

grip_change boolean optional true false

Enabled state for grip change trigger. Example: false

Feedback statistics

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/feedback/statistics" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/feedback/statistics"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200, OK):


{
    "submitted": 100,
    "skipped": 150,
    "total": 250,
    "average_rating": 4.76
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to view feedback statistics",
    "code": "FEEDBACK:STATISTICS:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

GeoData

API endpoints for geodata

Get supported timezones list

Example request:

curl --request GET \
    --get "http://localhost:8000/api/timezones" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/timezones"
);

const headers = {
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200, OK):


[
    "Africa/Abidjan",
    "Africa/Accra",
    "Africa/Addis_Ababa",
    "Africa/Algiers",
    "Africa/Asmara",
    "Africa/Bamako",
    "Africa/Bangui",
    "Africa/Banjul",
    "Africa/Bissau",
    "Africa/Blantyre",
    "Africa/Brazzaville",
    "Africa/Bujumbura",
    "Africa/Cairo",
    "Africa/Casablanca",
    "Africa/Ceuta",
    "Africa/Conakry",
    "Africa/Dakar",
    "Africa/Dar_es_Salaam",
    "Africa/Djibouti",
    "Africa/Douala",
    "Africa/El_Aaiun",
    "Africa/Freetown",
    "Africa/Gaborone",
    "Africa/Harare",
    "Africa/Johannesburg",
    "Africa/Juba",
    "Africa/Kampala",
    "Africa/Khartoum",
    "Africa/Kigali",
    "Africa/Kinshasa",
    "Africa/Lagos",
    "Africa/Libreville",
    "Africa/Lome",
    "Africa/Luanda",
    "Africa/Lubumbashi",
    "Africa/Lusaka",
    "Africa/Malabo",
    "Africa/Maputo",
    "Africa/Maseru",
    "Africa/Mbabane",
    "Africa/Mogadishu",
    "Africa/Monrovia",
    "Africa/Nairobi",
    "Africa/Ndjamena",
    "Africa/Niamey",
    "Africa/Nouakchott",
    "Africa/Ouagadougou",
    "Africa/Porto-Novo",
    "Africa/Sao_Tome",
    "Africa/Tripoli",
    "Africa/Tunis",
    "Africa/Windhoek",
    "America/Adak",
    "America/Anchorage",
    "America/Anguilla",
    "America/Antigua",
    "America/Araguaina",
    "America/Argentina/Buenos_Aires",
    "America/Argentina/Catamarca",
    "America/Argentina/Cordoba",
    "America/Argentina/Jujuy",
    "America/Argentina/La_Rioja",
    "America/Argentina/Mendoza",
    "America/Argentina/Rio_Gallegos",
    "America/Argentina/Salta",
    "America/Argentina/San_Juan",
    "America/Argentina/San_Luis",
    "America/Argentina/Tucuman",
    "America/Argentina/Ushuaia",
    "America/Aruba",
    "America/Asuncion",
    "America/Atikokan",
    "America/Bahia",
    "America/Bahia_Banderas",
    "America/Barbados",
    "America/Belem",
    "America/Belize",
    "America/Blanc-Sablon",
    "America/Boa_Vista",
    "America/Bogota",
    "America/Boise",
    "America/Cambridge_Bay",
    "America/Campo_Grande",
    "America/Cancun",
    "America/Caracas",
    "America/Cayenne",
    "America/Cayman",
    "America/Chicago",
    "America/Chihuahua",
    "America/Costa_Rica",
    "America/Creston",
    "America/Cuiaba",
    "America/Curacao",
    "America/Danmarkshavn",
    "America/Dawson",
    "America/Dawson_Creek",
    "America/Denver",
    "America/Detroit",
    "America/Dominica",
    "America/Edmonton",
    "America/Eirunepe",
    "America/El_Salvador",
    "America/Fort_Nelson",
    "America/Fortaleza",
    "America/Glace_Bay",
    "America/Goose_Bay",
    "America/Grand_Turk",
    "America/Grenada",
    "America/Guadeloupe",
    "America/Guatemala",
    "America/Guayaquil",
    "America/Guyana",
    "America/Halifax",
    "America/Havana",
    "America/Hermosillo",
    "America/Indiana/Indianapolis",
    "America/Indiana/Knox",
    "America/Indiana/Marengo",
    "America/Indiana/Petersburg",
    "America/Indiana/Tell_City",
    "America/Indiana/Vevay",
    "America/Indiana/Vincennes",
    "America/Indiana/Winamac",
    "America/Inuvik",
    "America/Iqaluit",
    "America/Jamaica",
    "America/Juneau",
    "America/Kentucky/Louisville",
    "America/Kentucky/Monticello",
    "America/Kralendijk",
    "America/La_Paz",
    "America/Lima",
    "America/Los_Angeles",
    "America/Lower_Princes",
    "America/Maceio",
    "America/Managua",
    "America/Manaus",
    "America/Marigot",
    "America/Martinique",
    "America/Matamoros",
    "America/Mazatlan",
    "America/Menominee",
    "America/Merida",
    "America/Metlakatla",
    "America/Mexico_City",
    "America/Miquelon",
    "America/Moncton",
    "America/Monterrey",
    "America/Montevideo",
    "America/Montserrat",
    "America/Nassau",
    "America/New_York",
    "America/Nipigon",
    "America/Nome",
    "America/Noronha",
    "America/North_Dakota/Beulah",
    "America/North_Dakota/Center",
    "America/North_Dakota/New_Salem",
    "America/Nuuk",
    "America/Ojinaga",
    "America/Panama",
    "America/Pangnirtung",
    "America/Paramaribo",
    "America/Phoenix",
    "America/Port-au-Prince",
    "America/Port_of_Spain",
    "America/Porto_Velho",
    "America/Puerto_Rico",
    "America/Punta_Arenas",
    "America/Rainy_River",
    "America/Rankin_Inlet",
    "America/Recife",
    "America/Regina",
    "America/Resolute",
    "America/Rio_Branco",
    "America/Santarem",
    "America/Santiago",
    "America/Santo_Domingo",
    "America/Sao_Paulo",
    "America/Scoresbysund",
    "America/Sitka",
    "America/St_Barthelemy",
    "America/St_Johns",
    "America/St_Kitts",
    "America/St_Lucia",
    "America/St_Thomas",
    "America/St_Vincent",
    "America/Swift_Current",
    "America/Tegucigalpa",
    "America/Thule",
    "America/Thunder_Bay",
    "America/Tijuana",
    "America/Toronto",
    "America/Tortola",
    "America/Vancouver",
    "America/Whitehorse",
    "America/Winnipeg",
    "America/Yakutat",
    "America/Yellowknife",
    "Antarctica/Casey",
    "Antarctica/Davis",
    "Antarctica/DumontDUrville",
    "Antarctica/Macquarie",
    "Antarctica/Mawson",
    "Antarctica/McMurdo",
    "Antarctica/Palmer",
    "Antarctica/Rothera",
    "Antarctica/Syowa",
    "Antarctica/Troll",
    "Antarctica/Vostok",
    "Arctic/Longyearbyen",
    "Asia/Aden",
    "Asia/Almaty",
    "Asia/Amman",
    "Asia/Anadyr",
    "Asia/Aqtau",
    "Asia/Aqtobe",
    "Asia/Ashgabat",
    "Asia/Atyrau",
    "Asia/Baghdad",
    "Asia/Bahrain",
    "Asia/Baku",
    "Asia/Bangkok",
    "Asia/Barnaul",
    "Asia/Beirut",
    "Asia/Bishkek",
    "Asia/Brunei",
    "Asia/Chita",
    "Asia/Choibalsan",
    "Asia/Colombo",
    "Asia/Damascus",
    "Asia/Dhaka",
    "Asia/Dili",
    "Asia/Dubai",
    "Asia/Dushanbe",
    "Asia/Famagusta",
    "Asia/Gaza",
    "Asia/Hebron",
    "Asia/Ho_Chi_Minh",
    "Asia/Hong_Kong",
    "Asia/Hovd",
    "Asia/Irkutsk",
    "Asia/Jakarta",
    "Asia/Jayapura",
    "Asia/Jerusalem",
    "Asia/Kabul",
    "Asia/Kamchatka",
    "Asia/Karachi",
    "Asia/Kathmandu",
    "Asia/Khandyga",
    "Asia/Kolkata",
    "Asia/Krasnoyarsk",
    "Asia/Kuala_Lumpur",
    "Asia/Kuching",
    "Asia/Kuwait",
    "Asia/Macau",
    "Asia/Magadan",
    "Asia/Makassar",
    "Asia/Manila",
    "Asia/Muscat",
    "Asia/Nicosia",
    "Asia/Novokuznetsk",
    "Asia/Novosibirsk",
    "Asia/Omsk",
    "Asia/Oral",
    "Asia/Phnom_Penh",
    "Asia/Pontianak",
    "Asia/Pyongyang",
    "Asia/Qatar",
    "Asia/Qostanay",
    "Asia/Qyzylorda",
    "Asia/Riyadh",
    "Asia/Sakhalin",
    "Asia/Samarkand",
    "Asia/Seoul",
    "Asia/Shanghai",
    "Asia/Singapore",
    "Asia/Srednekolymsk",
    "Asia/Taipei",
    "Asia/Tashkent",
    "Asia/Tbilisi",
    "Asia/Tehran",
    "Asia/Thimphu",
    "Asia/Tokyo",
    "Asia/Tomsk",
    "Asia/Ulaanbaatar",
    "Asia/Urumqi",
    "Asia/Ust-Nera",
    "Asia/Vientiane",
    "Asia/Vladivostok",
    "Asia/Yakutsk",
    "Asia/Yangon",
    "Asia/Yekaterinburg",
    "Asia/Yerevan",
    "Atlantic/Azores",
    "Atlantic/Bermuda",
    "Atlantic/Canary",
    "Atlantic/Cape_Verde",
    "Atlantic/Faroe",
    "Atlantic/Madeira",
    "Atlantic/Reykjavik",
    "Atlantic/South_Georgia",
    "Atlantic/St_Helena",
    "Atlantic/Stanley",
    "Australia/Adelaide",
    "Australia/Brisbane",
    "Australia/Broken_Hill",
    "Australia/Darwin",
    "Australia/Eucla",
    "Australia/Hobart",
    "Australia/Lindeman",
    "Australia/Lord_Howe",
    "Australia/Melbourne",
    "Australia/Perth",
    "Australia/Sydney",
    "Europe/Amsterdam",
    "Europe/Andorra",
    "Europe/Astrakhan",
    "Europe/Athens",
    "Europe/Belgrade",
    "Europe/Berlin",
    "Europe/Bratislava",
    "Europe/Brussels",
    "Europe/Bucharest",
    "Europe/Budapest",
    "Europe/Busingen",
    "Europe/Chisinau",
    "Europe/Copenhagen",
    "Europe/Dublin",
    "Europe/Gibraltar",
    "Europe/Guernsey",
    "Europe/Helsinki",
    "Europe/Isle_of_Man",
    "Europe/Istanbul",
    "Europe/Jersey",
    "Europe/Kaliningrad",
    "Europe/Kiev",
    "Europe/Kirov",
    "Europe/Lisbon",
    "Europe/Ljubljana",
    "Europe/London",
    "Europe/Luxembourg",
    "Europe/Madrid",
    "Europe/Malta",
    "Europe/Mariehamn",
    "Europe/Minsk",
    "Europe/Monaco",
    "Europe/Moscow",
    "Europe/Oslo",
    "Europe/Paris",
    "Europe/Podgorica",
    "Europe/Prague",
    "Europe/Riga",
    "Europe/Rome",
    "Europe/Samara",
    "Europe/San_Marino",
    "Europe/Sarajevo",
    "Europe/Saratov",
    "Europe/Simferopol",
    "Europe/Skopje",
    "Europe/Sofia",
    "Europe/Stockholm",
    "Europe/Tallinn",
    "Europe/Tirane",
    "Europe/Ulyanovsk",
    "Europe/Uzhgorod",
    "Europe/Vaduz",
    "Europe/Vatican",
    "Europe/Vienna",
    "Europe/Vilnius",
    "Europe/Volgograd",
    "Europe/Warsaw",
    "Europe/Zagreb",
    "Europe/Zaporozhye",
    "Europe/Zurich",
    "Indian/Antananarivo",
    "Indian/Chagos",
    "Indian/Christmas",
    "Indian/Cocos",
    "Indian/Comoro",
    "Indian/Kerguelen",
    "Indian/Mahe",
    "Indian/Maldives",
    "Indian/Mauritius",
    "Indian/Mayotte",
    "Indian/Reunion",
    "Pacific/Apia",
    "Pacific/Auckland",
    "Pacific/Bougainville",
    "Pacific/Chatham",
    "Pacific/Chuuk",
    "Pacific/Easter",
    "Pacific/Efate",
    "Pacific/Fakaofo",
    "Pacific/Fiji",
    "Pacific/Funafuti",
    "Pacific/Galapagos",
    "Pacific/Gambier",
    "Pacific/Guadalcanal",
    "Pacific/Guam",
    "Pacific/Honolulu",
    "Pacific/Kanton",
    "Pacific/Kiritimati",
    "Pacific/Kosrae",
    "Pacific/Kwajalein",
    "Pacific/Majuro",
    "Pacific/Marquesas",
    "Pacific/Midway",
    "Pacific/Nauru",
    "Pacific/Niue",
    "Pacific/Norfolk",
    "Pacific/Noumea",
    "Pacific/Pago_Pago",
    "Pacific/Palau",
    "Pacific/Pitcairn",
    "Pacific/Pohnpei",
    "Pacific/Port_Moresby",
    "Pacific/Rarotonga",
    "Pacific/Saipan",
    "Pacific/Tahiti",
    "Pacific/Tarawa",
    "Pacific/Tongatapu",
    "Pacific/Wake",
    "Pacific/Wallis",
    "UTC"
]

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Goals

API endpoints for goals

The goals module consists of:

exercises - predefined actions which should be performed by patient. Exercises can be managed only by SuperAdmin,
goals - objectives defined for each patient which could consists of exercises, grips and grip switches,
goal conditions - parts of the goal, single condition of type exercise, grips goal or switches goal.

List grips

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/grips?model=1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/grips"
);

const params = {
    "model": "1",
};
Object.keys(params)
    .forEach(key => url.searchParams.append(key, params[key]));

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


[
    {
        "id": 1,
        "number": 9906,
        "name": "nihil grip",
        "description": null,
        "opposed": 0,
        "created_at": "2026-06-02T13:56:23.000000Z",
        "updated_at": "2026-06-02T13:56:23.000000Z"
    },
    {
        "id": 2,
        "number": 2353,
        "name": "quae grip",
        "description": null,
        "opposed": 0,
        "created_at": "2026-06-02T13:56:23.000000Z",
        "updated_at": "2026-06-02T13:56:23.000000Z"
    }
]

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to view grips",
    "code": "GOALS:LIST_GRIPS:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/grips

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Query Parameters

model integer optional

Device Model ID. Use this parameter to receive the correct grip images in the image field. When not present, all images will be listed in images array. Example: 1

Response

Response Fields

id integer

Grip ID.

number integer

Grip number identifier.

name string

Grip name.

description string

Grip description.

opposed boolean

Whether the grip is opposed.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

List exercises

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/exercises" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/exercises"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 1,
            "name": "exercises.Buddy Lock",
            "description": "exercises.Sed dolorem aut voluptatum inventore.",
            "icon": "😚",
            "created_at": "2026-06-02T13:56:24.000000Z",
            "updated_at": "2026-06-02T13:56:24.000000Z"
        },
        {
            "id": 2,
            "name": "exercises.Benny Shoal",
            "description": "exercises.Nobis natus dicta eos facere ducimus accusamus doloremque.",
            "icon": "😞",
            "created_at": "2026-06-02T13:56:24.000000Z",
            "updated_at": "2026-06-02T13:56:24.000000Z"
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to view exercises",
    "code": "GOALS:LIST_EXERCISES:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Response

Response Fields

items object

id integer

Exercise ID.

name string

Exercise name.

description string

Exercise description.

icon string

Exercise icon identifier.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

paginator object

total integer

Total number of items.

count integer

Number of items on current page.

perpage integer

Items per page.

current_page integer

Current page number.

last_page integer

Last page number.

Create exercise

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/exercises" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"name\": \"Water plants\",
    \"description\": \"Use Tripod Close Grip and water your plants\",
    \"icon\": \"🪴\"
}"

const url = new URL(
    "http://localhost:8000/api/exercises"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "name": "Water plants",
    "description": "Use Tripod Close Grip and water your plants",
    "icon": "🪴"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (201):


{
    "id": 3,
    "name": "exercises.Hoyt Common",
    "description": "exercises.Ullam quam sunt provident tenetur labore sapiente repellat animi.",
    "icon": "😩",
    "created_at": "2026-06-02T13:56:24.000000Z",
    "updated_at": "2026-06-02T13:56:24.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage exercises",
    "code": "GOALS:CREATE_EXERCISE:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/exercises

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

name string

Exercise name. Example: Water plants

description string

Exercise description. Example: Use Tripod Close Grip and water your plants

icon string

Emoji icon. Example: 🪴

Response

Response Fields

id integer

Exercise ID.

name string

Exercise name.

description string

Exercise description.

icon string

Exercise icon identifier.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Update exercise

requires authentication

Example request:

curl --request PUT \
    "http://localhost:8000/api/exercises/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"name\": \"Water plants\",
    \"description\": \"Use Tripod Close Grip and water your plants\",
    \"icon\": \"🪴\"
}"

const url = new URL(
    "http://localhost:8000/api/exercises/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "name": "Water plants",
    "description": "Use Tripod Close Grip and water your plants",
    "icon": "🪴"
};

fetch(url, {
    method: "PUT",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (202):


{
    "id": 4,
    "name": "exercises.Zboncak Ways",
    "description": "exercises.Perferendis quidem ut eos sunt voluptatem et.",
    "icon": "😥",
    "created_at": "2026-06-02T13:56:24.000000Z",
    "updated_at": "2026-06-02T13:56:24.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage exercises",
    "code": "GOALS:UPDATE_EXERCISE:INSUFFICIENT_PERMISSION"
}

Example response (404, Exercise not found):


{
    "message": "Exercise not found",
    "code": "GOALS:UPDATE_EXERCISE:EXERCISE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

PUT api/exercises/{exerciseId}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

exerciseId integer

Exercise ID. Example: 1

Body Parameters

name string optional

Exercise name. Example: Water plants

description string optional

Exercise description. Example: Use Tripod Close Grip and water your plants

icon string optional

Emoji icon. Example: 🪴

Response

Response Fields

id integer

Exercise ID.

name string

Exercise name.

description string

Exercise description.

icon string

Exercise icon identifier.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Delete exercise

requires authentication

Example request:

curl --request DELETE \
    "http://localhost:8000/api/exercises/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/exercises/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "DELETE",
    headers,
}).then(response => response.json());

Example response (202, OK):


{
    "message": "Exercise deleted",
    "code": "GOALS:DELETE_EXERCISE:DELETED"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage exercises",
    "code": "GOALS:DELETE_EXERCISE:INSUFFICIENT_PERMISSION"
}

Example response (403, Exercise is used in goals):


{
    "message": "Cannot delete: exercise is used in goals (1)",
    "code": "GOALS:DELETE_EXERCISE:HAS_GOALS"
}

Example response (404, Exercise not found):


{
    "message": "Exercise not found",
    "code": "GOALS:DELETE_EXERCISE:EXERCISE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

List user goals

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/user/1/goals?active=1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/user/1/goals"
);

const params = {
    "active": "1",
};
Object.keys(params)
    .forEach(key => url.searchParams.append(key, params[key]));

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 1,
            "amputee_id": 258,
            "clinician_id": 259,
            "start_date": "2021-05-25",
            "end_date": "2019-09-23",
            "active": 0,
            "created_at": "2026-06-02T13:56:25.000000Z",
            "updated_at": "2026-06-02T13:56:25.000000Z"
        },
        {
            "id": 2,
            "amputee_id": 260,
            "clinician_id": 261,
            "start_date": "1974-09-21",
            "end_date": "1980-06-09",
            "active": 1,
            "created_at": "2026-06-02T13:56:26.000000Z",
            "updated_at": "2026-06-02T13:56:26.000000Z"
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to view user goals",
    "code": "GOALS:LIST_GOALS:INSUFFICIENT_PERMISSION"
}

Example response (404, User not found):


{
    "message": "User not found",
    "code": "GOALS:LIST_GOALS:USER_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/user/{userId}/goals

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

userId integer

User ID. Example: 1

Query Parameters

active boolean optional true false

Goal active status. Example: 1

sortby string optional

Sort by field (available: start_date). Default: start_date, desc.

sortdir string optional

Sort direction (available: asc, desc).

Response

Response Fields

items object

id integer

Goal ID.

amputee_id integer

Patient (amputee) user ID.

clinician_id integer

Clinician user ID.

start_date string

Goal start date.

end_date string

Goal end date.

active boolean

Whether the goal is active.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

paginator object

total integer

Total number of items.

count integer

Number of items on current page.

perpage integer

Items per page.

current_page integer

Current page number.

last_page integer

Last page number.

Create user goal

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/user/1/goals" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"start_date\": \"2023-05-12\",
    \"end_date\": \"2023-05-15\",
    \"active\": true
}"

const url = new URL(
    "http://localhost:8000/api/user/1/goals"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "start_date": "2023-05-12",
    "end_date": "2023-05-15",
    "active": true
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (201):


{
    "id": 3,
    "amputee_id": 262,
    "clinician_id": 263,
    "start_date": "2002-04-19",
    "end_date": "2022-12-13",
    "active": 0,
    "created_at": "2026-06-02T13:56:27.000000Z",
    "updated_at": "2026-06-02T13:56:27.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage user goals",
    "code": "GOALS:CREATE_GOAL:INSUFFICIENT_PERMISSION"
}

Example response (404, User not found):


{
    "message": "User not found",
    "code": "GOALS:CREATE_GOAL:USER_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/user/{userId}/goals

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

userId integer

User ID. Example: 1

Body Parameters

start_date string

Start date of the goal tracking. MUST_BE_DATE Must be a valid date in the format Y-m-d. MUST_BE_AFTER_OR_EQUAL:today. Example: 2023-05-12

end_date string

End date of goal tracking. MUST_BE_DATE Must be a valid date in the format Y-m-d. MUST_BE_AFTER:start_date. Example: 2023-05-15

active boolean optional true false

Status of goal activity. Example: true

Response

Response Fields

id integer

Goal ID.

amputee_id integer

Patient (amputee) user ID.

clinician_id integer

Clinician user ID.

start_date string

Goal start date.

end_date string

Goal end date.

active boolean

Whether the goal is active.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Update user goal

requires authentication

Example request:

curl --request PUT \
    "http://localhost:8000/api/user/1/goals/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"start_date\": \"2023-05-12\",
    \"end_date\": \"2023-05-15\",
    \"active\": true
}"

const url = new URL(
    "http://localhost:8000/api/user/1/goals/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "start_date": "2023-05-12",
    "end_date": "2023-05-15",
    "active": true
};

fetch(url, {
    method: "PUT",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (202):


{
    "id": 4,
    "amputee_id": 264,
    "clinician_id": 265,
    "start_date": "2014-06-11",
    "end_date": "1973-10-20",
    "active": 1,
    "created_at": "2026-06-02T13:56:28.000000Z",
    "updated_at": "2026-06-02T13:56:28.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage user goals",
    "code": "GOALS:UPDATE_GOAL:INSUFFICIENT_PERMISSION"
}

Example response (403, Cannot activate ongoing goal):


{
    "message": "Cannot activate ongoing goal",
    "code": "GOALS:UPDATE_GOAL:GOAL_IS_ONGOING"
}

Example response (404, User not found):


{
    "message": "User not found",
    "code": "GOALS:UPDATE_GOAL:USER_NOT_FOUND"
}

Example response (404, Goal not found):


{
    "message": "Goal not found",
    "code": "GOALS:UPDATE_GOAL:GOAL_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

PUT api/user/{userId}/goals/{goalId}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

userId integer

User ID. Example: 1

goalId integer

Goal ID. Example: 1

Body Parameters

start_date string optional

Start date of the goal tracking. MUST_BE_DATE Must be a valid date in the format Y-m-d. MUST_BE_AFTER_OR_EQUAL:today. Example: 2023-05-12

end_date string optional

End date of goal tracking. MUST_BE_DATE Must be a valid date in the format Y-m-d. MUST_BE_AFTER:start_date. Example: 2023-05-15

active boolean optional true false

Status of goal activity. Example: true

Response

Response Fields

id integer

Goal ID.

amputee_id integer

Patient (amputee) user ID.

clinician_id integer

Clinician user ID.

start_date string

Goal start date.

end_date string

Goal end date.

active boolean

Whether the goal is active.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Delete user goal

requires authentication

Example request:

curl --request DELETE \
    "http://localhost:8000/api/user/1/goals/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/user/1/goals/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "DELETE",
    headers,
}).then(response => response.json());

Example response (202, OK):


{
    "message": "Goal deleted",
    "code": "GOALS:DELETE_GOAL:DELETED"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage user goals",
    "code": "GOALS:DELETE_GOAL:INSUFFICIENT_PERMISSION"
}

Example response (403, Cannot delete ongoing goal):


{
    "message": "Cannot delete active ongoing goal",
    "code": "GOALS:DELETE_GOAL:GOAL_IS_ONGOING"
}

Example response (404, User not found):


{
    "message": "User not found",
    "code": "GOALS:DELETE_GOAL:USER_NOT_FOUND"
}

Example response (404, Goal not found):


{
    "message": "Goal not found",
    "code": "GOALS:DELETE_GOAL:GOAL_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

DELETE api/user/{userId}/goals/{goalId}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

userId integer

User ID. Example: 1

goalId integer

Goal ID. Example: 1

List user goal conditions

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/user/1/goals/1/conditions" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/user/1/goals/1/conditions"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 1,
            "goal_id": 5,
            "type": "switch",
            "grip_id": 3,
            "grips_frequency": "d",
            "grips_count": 933,
            "switches_frequency": "w",
            "switches_count": 362,
            "exercise_id": 5,
            "exercise_frequency": "d",
            "exercise_count": 10,
            "created_at": "2026-06-02T13:56:29.000000Z",
            "updated_at": "2026-06-02T13:56:29.000000Z"
        },
        {
            "id": 2,
            "goal_id": 6,
            "type": "switch",
            "grip_id": 4,
            "grips_frequency": "w",
            "grips_count": 787,
            "switches_frequency": "w",
            "switches_count": 374,
            "exercise_id": 6,
            "exercise_frequency": "m",
            "exercise_count": 9,
            "created_at": "2026-06-02T13:56:29.000000Z",
            "updated_at": "2026-06-02T13:56:29.000000Z"
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to view user goals",
    "code": "GOALS:LIST_CONDITIONS:INSUFFICIENT_PERMISSION"
}

Example response (404, User not found):


{
    "message": "User not found",
    "code": "GOALS:LIST_CONDITIONS:USER_NOT_FOUND"
}

Example response (404, Goal not found):


{
    "message": "Goal not found",
    "code": "GOALS:LIST_CONDITIONS:GOAL_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/user/{userId}/goals/{goalId}/conditions

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

userId integer

User ID. Example: 1

goalId integer

Goal ID. Example: 1

Response

Response Fields

items object

id integer

Goal condition ID.

goal_id integer

Associated goal ID.

type string

Condition type.

Must be one of:

grip
switch
exercise

grip_id integer

Target grip ID.

grips_frequency string

Grip frequency period.

Must be one of:

grips_count integer

Required grip count.

switches_frequency string

Switch frequency period.

Must be one of:

switches_count integer

Required switch count.

exercise_id integer

Target exercise ID.

exercise_frequency string

Exercise frequency period.

Must be one of:

exercise_count integer

Required exercise count.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

paginator object

total integer

Total number of items.

count integer

Number of items on current page.

perpage integer

Items per page.

current_page integer

Current page number.

last_page integer

Last page number.

Create user goal condition

requires authentication

Each goal condition could be one of type: grip, switch or exercise.

If goal condition is type of grip, fill only grip_id (optional), grips_frequency and grips_count.
If grip_id is null or missing, patient can perform any grip to fulfill objective.

If goal condition is type of switch, fill only switches_frequency and switches_count.

If goal condition is type of exercise, fill only exercise_id, exercise_frequency and exercise_count.

Restrictions:

you can add one grip-any condition (grip_id=null, any grip is counted) and many grip-specific conditions (for example: grip 1 - 100 times and grip 2 - 50 times),
all grips conditions must have same frequency (grips_frequency field),
sum of grip-specific conditions (grips_count field) cannot be greater than grip-any condition for same goal
you can add only one switch condition for same goal,
you can add multiple exercise conditions, but each exercise can be used only once.

Example request:

curl --request POST \
    "http://localhost:8000/api/user/1/goals/1/conditions" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"type\": \"grip\",
    \"grip_id\": 1,
    \"grips_frequency\": \"d\",
    \"grips_count\": 100,
    \"switches_frequency\": \"d\",
    \"switches_count\": 100,
    \"exercise_id\": 1,
    \"exercise_frequency\": \"d\",
    \"exercise_count\": 5
}"

const url = new URL(
    "http://localhost:8000/api/user/1/goals/1/conditions"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "type": "grip",
    "grip_id": 1,
    "grips_frequency": "d",
    "grips_count": 100,
    "switches_frequency": "d",
    "switches_count": 100,
    "exercise_id": 1,
    "exercise_frequency": "d",
    "exercise_count": 5
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (201):


{
    "id": 3,
    "goal_id": 7,
    "type": "grip",
    "grip_id": 5,
    "grips_frequency": "m",
    "grips_count": 859,
    "switches_frequency": "a",
    "switches_count": 961,
    "exercise_id": 7,
    "exercise_frequency": "d",
    "exercise_count": 3,
    "created_at": "2026-06-02T13:56:30.000000Z",
    "updated_at": "2026-06-02T13:56:30.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage user goals",
    "code": "GOALS:CREATE_CONDITION:INSUFFICIENT_PERMISSION"
}

Example response (403, Cannot create condition: all grip conditions have to be same frequency):


{
    "message": "Cannot create condition: all grip conditions have to be same frequency",
    "code": "GOALS:CREATE_CONDITION:INVALID_FREQUENCY"
}

Example response (403, Cannot create condition: grip-any condition for this goal already exist):


{
    "message": "Cannot create condition: grip-any condition for this goal already exist",
    "code": "GOALS:CREATE_CONDITION:GRIP_ANY_ALREADY_EXISTS"
}

Example response (403, Cannot create condition: condition with this grip already exist):


{
    "message": "Cannot create condition: condition with this grip already exist",
    "code": "GOALS:CREATE_CONDITION:GRIP_CONDITION_ALREADY_EXISTS"
}

Example response (403, Cannot create condition: grip-any value cannot be lower than sum of grip-specific conditions):


{
    "message": "Cannot create condition: grip-any value cannot be lower than sum of grip-specific conditions",
    "code": "GOALS:CREATE_CONDITION:GRIP_ANY_LOWER_THAN_GRIPS_SUM"
}

Example response (403, Cannot create condition: sum of grip-specific conditions cannot be greater than value of grip-any condition):


{
    "message": "Cannot create condition: sum of grip-specific conditions cannot be greater than value of grip-any condition",
    "code": "GOALS:CREATE_CONDITION:GRIPS_SUM_GREATER_THAN_GRIP_ANY"
}

Example response (403, Cannot create condition: switch condition for this goal already exist):


{
    "message": "Cannot create condition: switch condition for this goal already exist",
    "code": "GOALS:CREATE_CONDITION:SWITCH_CONDITION_ALREADY_EXISTS"
}

Example response (403, Cannot create condition: condition with this exercise already exist):


{
    "message": "Cannot create condition: condition with this exercise already exist",
    "code": "GOALS:CREATE_CONDITION:EXERCISE_CONDITION_ALREADY_EXISTS"
}

Example response (404, User not found):


{
    "message": "User not found",
    "code": "GOALS:CREATE_CONDITION:USER_NOT_FOUND"
}

Example response (404, Goal not found):


{
    "message": "Goal not found",
    "code": "GOALS:CREATE_CONDITION:GOAL_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/user/{userId}/goals/{goalId}/conditions

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

userId integer

User ID. Example: 1

goalId integer

Goal ID. Example: 1

Body Parameters

type string

Goal condition type. Example: grip

Must be one of:

grip
switch
exercise

grip_id integer optional

Grip number required for condition. Pass null to allow any grip. The id of an existing record in the App\Models\Grip table. Example: 1

grips_frequency string optional

Grips frequency unit. d - daily, w - weekly, m - monthly, a - all time (within goal). This field is required when type is grip. Example: d

Must be one of:

grips_count integer optional

Required number of grips per frequency unit. This field is required when type is grip. MINIMUM:NUMBER:1. Example: 100

switches_frequency string optional

Switches frequency unit. d - daily, w - weekly, m - monthly, a - all time (within goal). This field is required when type is switch. Example: d

Must be one of:

switches_count integer optional

Required number of switches per frequency unit. This field is required when type is switch. MINIMUM:NUMBER:1. Example: 100

exercise_id integer optional

Exercise ID. This field is required when type is exercise. The id of an existing record in the App\Models\Exercise table. Example: 1

exercise_frequency string optional

Exercise frequency unit. d - daily, w - weekly, m - monthly. This field is required when type is exercise. Example: d

Must be one of:

exercise_count integer optional

Required number of performed exercises per frequency unit. This field is required when type is exercise. MINIMUM:NUMBER:1. Example: 5

Response

Response Fields

id integer

Goal condition ID.

goal_id integer

Associated goal ID.

type string

Condition type.

Must be one of:

grip
switch
exercise

grip_id integer

Target grip ID.

grips_frequency string

Grip frequency period.

Must be one of:

grips_count integer

Required grip count.

switches_frequency string

Switch frequency period.

Must be one of:

switches_count integer

Required switch count.

exercise_id integer

Target exercise ID.

exercise_frequency string

Exercise frequency period.

Must be one of:

exercise_count integer

Required exercise count.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Delete user goal condition

requires authentication

Example request:

curl --request DELETE \
    "http://localhost:8000/api/user/1/goals/1/conditions/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/user/1/goals/1/conditions/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "DELETE",
    headers,
}).then(response => response.json());

Example response (202, OK):


{
    "message": "Goal condition deleted",
    "code": "GOALS:DELETE_CONDITION:DELETED"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage user goals",
    "code": "GOALS:DELETE_CONDITION:INSUFFICIENT_PERMISSION"
}

Example response (404, User not found):


{
    "message": "User not found",
    "code": "GOALS:DELETE_CONDITION:USER_NOT_FOUND"
}

Example response (404, Goal not found):


{
    "message": "Goal not found",
    "code": "GOALS:DELETE_CONDITION:GOAL_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

DELETE api/user/{userId}/goals/{goalId}/conditions/{conditionId}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

userId integer

User ID. Example: 1

goalId integer

Goal ID. Example: 1

conditionId integer

Goal condition ID. Example: 1

Get user goal progress

requires authentication

Data is grouped into three parts:

grips - data about grips progress,
switches - data about switches progress,
exercises - data about exercises progress and attempts made.

For grips and switches there is summary, which is divided into 4 parts:

overall - summary of whole goal time-frame,
period - summary of given period, according to frequency (for example: if frequency of conditions is "weekly", these data is summary of current's week).
today - summary of today's, used mainly to send daily summary notifications,
conditions - goal conditions with progress for each one.

There are also extra fields inside the summary parts:

type for grips overall summary, which points which conditions were used to calculate the summary. If grip-any condition exists, it has priority over grip-specific conditions, otherwise summary contains sum of all grip-specific conditions,
frequency, frequency_from and frequency_to for period summary for both grips and switches, which describe time-frame of frequency and period,
done for today's summary for both grips and switches, indicates if today's goal is reached (it's calculated only for conditions of frequency "daily").

Example request:

curl --request GET \
    --get "http://localhost:8000/api/goals/1/progress" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/goals/1/progress"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200, OK):


{
    "grips": {
        "meta": {
            "overall": {
                "from": "2023-09-01 00:00:00",
                "to": "2023-08-30 23:59:59"
            },
            "period": {
                "from": "2023-09-15 23:59:59",
                "to": "2023-09-21 23:59:59",
                "frequency": "w"
            }
        },
        "summary": {
            "type": "grips-specific",
            "progress": 222,
            "goal": 2535
        },
        "progress": [
            {
                "grip": {
                    "id": 1,
                    "number": 0,
                    "name": "Rest Opposition",
                    "description": null,
                    "created_at": "2023-08-30T12:20:00.000000Z",
                    "updated_at": "2023-08-30T12:20:00.000000Z"
                },
                "overall": {
                    "progress": 125,
                    "goal": 200
                },
                "period": {
                    "progress": 22,
                    "goal": 50
                }
            },
            {
                "grip": {
                    "id": 2,
                    "number": 1,
                    "name": "Power",
                    "description": null,
                    "created_at": "2023-05-18T11:24:11.000000Z",
                    "updated_at": "2023-05-18T11:24:11.000000Z"
                },
                "overall": {
                    "progress": 90,
                    "goal": 150
                },
                "period": {
                    "progress": 10,
                    "goal": 30
                }
            },
            {
                "grip": null,
                "overall": {
                    "progress": 78,
                    "goal": 1250
                },
                "period": {
                    "progress": 17,
                    "goal": 240
                }
            }
        ],
        "today": {
            "performed": 0,
            "goal": 0,
            "done": true
        }
    },
    "switches": {
        "overall": {
            "performed": 55,
            "goal": 300
        },
        "period": {
            "performed": 25,
            "goal": 30,
            "frequency": "d",
            "frequency_from": "2023-09-20 00:00:00",
            "frequency_to": "2023-09-20 23:59:59"
        },
        "today": {
            "performed": 25,
            "goal": 30,
            "done": false
        },
        "condition": {
            "type": "switch",
            "switches_frequency": "d",
            "switches_count": 30
        }
    },
    "exercises": {
        "performed": 1,
        "goal": 3,
        "done": false,
        "conditions": [
            {
                "type": "exercise",
                "exercise_id": 1,
                "exercise_frequency": "d",
                "exercise_count": 3,
                "attempts": [
                    {
                        "date_from": "2023-06-06",
                        "date_to": "2023-06-12",
                        "count_done": 1,
                        "count_not_done": 1
                    },
                    {
                        "date_from": "2023-06-13",
                        "date_to": "2023-06-19",
                        "count_done": 0,
                        "count_not_done": 0
                    },
                    {
                        "date_from": "2023-06-20",
                        "date_to": "2023-06-26",
                        "count_done": 0,
                        "count_not_done": 0
                    },
                    {
                        "date_from": "2023-06-27",
                        "date_to": "2023-07-03",
                        "count_done": 0,
                        "count_not_done": 0
                    }
                ],
                "exercise": {
                    "id": 1,
                    "name": "Water plants",
                    "description": "Use Tripod Grip and water your plants",
                    "icon": "🪴",
                    "created_at": "2023-05-19T10:25:37.000000Z",
                    "updated_at": "2023-05-19T10:25:37.000000Z"
                }
            }
        ]
    }
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to view goal progress",
    "code": "GOALS:GET_PROGRESS:INSUFFICIENT_PERMISSION"
}

Example response (404, Goal not found):


{
    "message": "Goal not found",
    "code": "GOALS:GET_PROGRESS:GOAL_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Update user goal progress

requires authentication

Use this endpoint to update goal progress as patient. Add exercise attempts and mark them as done or not done.

Example request:

curl --request POST \
    "http://localhost:8000/api/goals/1/progress" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"exercise_id\": 1,
    \"exercise_done\": true
}"

const url = new URL(
    "http://localhost:8000/api/goals/1/progress"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "exercise_id": 1,
    "exercise_done": true
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (202):


{
    "id": 1,
    "user_id": 272,
    "goal_id": 8,
    "type": "switch",
    "grip_id": null,
    "grips": 833,
    "switches": 283,
    "exercise_id": 8,
    "exercise_done": 1,
    "created_at": "2026-06-02T13:56:32.000000Z",
    "updated_at": "2026-06-02T13:56:32.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to update goal progress",
    "code": "GOALS:UPDATE_PROGRESS:INSUFFICIENT_PERMISSION"
}

Example response (404, Goal not found):


{
    "message": "Goal not found",
    "code": "GOALS:UPDATE_PROGRESS:GOAL_NOT_FOUND"
}

Example response (422, User timezone not set):


{
    "message": "User timezone not set",
    "code": "GOALS:UPDATE_PROGRESS:NO_TIMEZONE"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/goals/{goalId}/progress

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

goalId integer

Goal ID. Example: 1

Body Parameters

exercise_id integer

Exercise ID. The id of an existing record in the App\Models\Exercise table. Example: 1

exercise_done boolean optional true false

Status of exercise attempt. Example: true

Response

Response Fields

id integer

User goal ID.

user_id integer

Associated user ID.

goal_id integer

Associated goal ID.

type string

Goal condition type.

Must be one of:

grip
switch
exercise

grip_id integer

Target grip ID.

grips integer

Grip count progress.

switches integer

Switch count progress.

exercise_id integer

Target exercise ID.

exercise_done boolean

Whether the exercise is completed.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Invitations

Accept clinician invitation

Example request:

curl --request POST \
    "http://localhost:8000/api/invite/accept" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"token\": \"ABC123DEF456GHI789JKL0\",
    \"email\": \"example@domain.com\",
    \"password\": \"Test123!\",
    \"language\": \"en\",
    \"name\": \"Tom Smith\",
    \"clinic_name\": \"My clinic Ltd\",
    \"clinic_location\": \"Example St 1\\/345 New York, NY\",
    \"address1\": \"15995 Jakubowski Drive\",
    \"address2\": \"East Vernachester, DE 44837-8398\",
    \"mfa_enabled\": true,
    \"mfa_method\": \"email\"
}"

const url = new URL(
    "http://localhost:8000/api/invite/accept"
);

const headers = {
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "token": "ABC123DEF456GHI789JKL0",
    "email": "example@domain.com",
    "password": "Test123!",
    "language": "en",
    "name": "Tom Smith",
    "clinic_name": "My clinic Ltd",
    "clinic_location": "Example St 1\/345 New York, NY",
    "address1": "15995 Jakubowski Drive",
    "address2": "East Vernachester, DE 44837-8398",
    "mfa_enabled": true,
    "mfa_method": "email"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (200):


{
    "id": 4,
    "mrn": "6UQHARVB1780408468",
    "name": "Kaia Barrows Sr.",
    "email": "1780408468bode.ahmad@example.net",
    "language": "en",
    "phone": "954.723.9934",
    "phone_country": "AI",
    "phone_verified_at": null,
    "address1": "42417 Uriel Lane",
    "address2": "New Wilmerstad, WV 82059-9209",
    "postal_code": "63444-2410",
    "city": "Satterfield Ltd",
    "country": "LT",
    "clinic_name": "Lake Rasheedtown",
    "clinic_location": "5933 Herman Summit\nLittelmouth, SC 60764",
    "image": null,
    "mfa_enabled": 0,
    "mfa_method": null,
    "mfa_verified_to": null,
    "location_id": null,
    "created_by": null,
    "active": 1,
    "notifications_timezone": null,
    "notifications_at": null,
    "created_at": "2026-06-02T13:54:28.000000Z",
    "updated_at": "2026-06-02T13:54:28.000000Z",
    "invitation_status": null,
    "acadle_invitation_status": null,
    "roles": [
        {
            "id": 5,
            "name": "Amputee"
        }
    ]
}

Example response (403, Invitation expired):


{
    "message": "Invitation expired",
    "code": "INVITATIONS:ACCEPT:INVITATION_EXPIRED"
}

Example response (404, Invitation not found):


{
    "message": "Invitation not found",
    "code": "INVITATIONS:ACCEPT:INVITATION_NOT_FOUND"
}

Example response (500, Server error):


{
    "message": "Server error: invitation not accepted",
    "code": "INVITATIONS:ACCEPT:SERVER_ERROR"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/invite/accept

Headers

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

token string

Invitation token sent by e-mail. SIZE:STRING_LENGTH:24. Example: ABC123DEF456GHI789JKL0

email string

User e-mail. MUST_BE_EMAIL. Example: example@domain.com

password string

User password. Example: Test123!

language string

User language. Example: en

name string

User name. Example: Tom Smith

clinic_name string optional

Clinic name. Example: My clinic Ltd

clinic_location string optional

Clinic location. Example: Example St 1/345 New York, NY

address1 string optional

User address line 1. Example: 15995 Jakubowski Drive

address2 string optional

User address line 2. Example: East Vernachester, DE 44837-8398

mfa_enabled boolean optional true false

MFA enabled. Example: true

mfa_method string optional

MFA method. Example: email

Must be one of:

email
sms

Response

Response Fields

id integer

User ID.

mrn string

Medical Record Number.

name string

User full name.

email string

User email address.

language string

User preferred language.

phone string

User phone number.

phone_country string

Phone country code.

phone_verified_at string

Phone verification date.

address1 string

Address line 1.

address2 string

Address line 2.

postal_code string

Postal code.

city string

City.

country string

Country code (ISO 3166 Alpha-2).

clinic_name string

Clinic name.

clinic_location string

Clinic location.

image string

User profile image URL.

mfa_enabled boolean

Whether MFA is enabled.

mfa_method string

Preferred MFA method.

mfa_verified_to string

MFA session verified until.

location_id integer

Location ID.

created_by integer

ID of the user who created this account.

active boolean

Whether the user account is active.

notifications_timezone string

Timezone for notifications.

notifications_at string

Preferred notification time.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

invitation_status string

User invitation status.

acadle_invitation_status string

Acadle invitation status.

roles object[]

User roles.

id integer

Role ID.

name string

Role name.

permissions object[]

User permissions.

clinicians object[]

Assigned clinicians.

devices object[]

Assigned devices.

patients object[]

Assigned patients.

invitations object[]

User invitations.

Accept Acadle invitation

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/invite/acadle/accept" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"token\": \"a1b2c3d4e5f6g7h8i9j0k1l2m3\",
    \"email\": \"user@example.com\",
    \"password\": \"securePassword123\",
    \"phone\": \"+1 (805) 774-7281\",
    \"phone_country\": \"US\",
    \"name\": \"John Doe\",
    \"language\": \"en\"
}"

const url = new URL(
    "http://localhost:8000/api/invite/acadle/accept"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "token": "a1b2c3d4e5f6g7h8i9j0k1l2m3",
    "email": "user@example.com",
    "password": "securePassword123",
    "phone": "+1 (805) 774-7281",
    "phone_country": "US",
    "name": "John Doe",
    "language": "en"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (200):


{
    "id": 5,
    "mrn": "UQJ7W55X1780408469",
    "name": "Jabari Cassin",
    "email": "1780408469tiara.larkin@example.org",
    "language": "en",
    "phone": "+1 (207) 717-9490",
    "phone_country": "SG",
    "phone_verified_at": null,
    "address1": "35546 Veum Cliffs",
    "address2": "Yostfurt, NJ 77813",
    "postal_code": "01847",
    "city": "Kunde-Doyle",
    "country": "PL",
    "clinic_name": "Gislasonview",
    "clinic_location": "4082 Lynch Shore Suite 563\nBrendaview, MN 49299-6661",
    "image": null,
    "mfa_enabled": 0,
    "mfa_method": null,
    "mfa_verified_to": null,
    "location_id": null,
    "created_by": null,
    "active": 1,
    "notifications_timezone": null,
    "notifications_at": null,
    "created_at": "2026-06-02T13:54:29.000000Z",
    "updated_at": "2026-06-02T13:54:29.000000Z",
    "invitation_status": "accepted",
    "acadle_invitation_status": null,
    "roles": [
        {
            "id": 2,
            "name": "ClinicAdmin"
        }
    ]
}

Example response (403, Invitation expired):


{
    "message": "Invitation expired",
    "code": "INVITATIONS_ACADLE:ACCEPT:INVITATION_EXPIRED"
}

Example response (404, Invitation not found):


{
    "message": "Invitation not found",
    "code": "INVITATIONS_ACADLE:ACCEPT:INVITATION_NOT_FOUND"
}

Example response (500, Server error):


{
    "message": "Server error: invitation not accepted",
    "code": "INVITATIONS_ACADLE:ACCEPT:SERVER_ERROR"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/invite/acadle/accept

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

token string

Invitation token. SIZE:STRING_LENGTH:24. Example: a1b2c3d4e5f6g7h8i9j0k1l2m3

email string

Email address of the Acadle user. MUST_BE_EMAIL. Example: user@example.com

password string

User password. Example: securePassword123

phone string

User phone number. Example: +1 (805) 774-7281

phone_country string

Phone number's country (2 characters). SIZE:STRING_LENGTH:2. Example: US

name string

User name. Example: John Doe

language string

User preferred language. Example: en

Response

Response Fields

id integer

User ID.

mrn string

Medical Record Number.

name string

User full name.

email string

User email address.

language string

User preferred language.

phone string

User phone number.

phone_country string

Phone country code.

phone_verified_at string

Phone verification date.

address1 string

Address line 1.

address2 string

Address line 2.

postal_code string

Postal code.

city string

City.

country string

Country code (ISO 3166 Alpha-2).

clinic_name string

Clinic name.

clinic_location string

Clinic location.

image string

User profile image URL.

mfa_enabled boolean

Whether MFA is enabled.

mfa_method string

Preferred MFA method.

mfa_verified_to string

MFA session verified until.

location_id integer

Location ID.

created_by integer

ID of the user who created this account.

active boolean

Whether the user account is active.

notifications_timezone string

Timezone for notifications.

notifications_at string

Preferred notification time.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

invitation_status string

User invitation status.

acadle_invitation_status string

Acadle invitation status.

roles object[]

User roles.

id integer

Role ID.

name string

Role name.

permissions object[]

User permissions.

clinicians object[]

Assigned clinicians.

devices object[]

Assigned devices.

patients object[]

Assigned patients.

invitations object[]

User invitations.

List users for invitations

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/invite/users" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/invite/users"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 15,
            "mrn": "KJFHWY9W1780408474",
            "name": "Alena Connelly",
            "email": "1780408474kreiger.jules@example.org",
            "language": "en",
            "phone": "858-271-9926",
            "phone_country": "TN",
            "phone_verified_at": null,
            "address1": "59025 Jermey Spur Suite 424",
            "address2": "East Donnyville, TN 59112-7821",
            "postal_code": "31083",
            "city": "Lang, Pfeffer and Baumbach",
            "country": "LV",
            "clinic_name": "Tedburgh",
            "clinic_location": "254 Walsh Parks Apt. 296\nCartermouth, DC 96744-2359",
            "image": null,
            "mfa_enabled": 0,
            "mfa_method": null,
            "mfa_verified_to": null,
            "location_id": null,
            "created_by": null,
            "active": 1,
            "notifications_timezone": null,
            "notifications_at": null,
            "created_at": "2026-06-02T13:54:34.000000Z",
            "updated_at": "2026-06-02T13:54:34.000000Z",
            "invitation_status": null,
            "acadle_invitation_status": null,
            "roles": [
                {
                    "id": 5,
                    "name": "Amputee"
                }
            ]
        },
        {
            "id": 16,
            "mrn": "FTTUN8T41780408475",
            "name": "Prof. Rahul Kub Sr.",
            "email": "1780408475ncrooks@example.com",
            "language": "en",
            "phone": "(510) 905-5730",
            "phone_country": "PT",
            "phone_verified_at": null,
            "address1": "61389 Dominic Ridges Apt. 712",
            "address2": "Brittanybury, HI 40725",
            "postal_code": "70283-7859",
            "city": "Welch, Hyatt and Hettinger",
            "country": "DK",
            "clinic_name": "Aaliyahview",
            "clinic_location": "5208 Bart Alley Suite 210\nKirlinmouth, DC 61694",
            "image": null,
            "mfa_enabled": 0,
            "mfa_method": null,
            "mfa_verified_to": null,
            "location_id": null,
            "created_by": null,
            "active": 1,
            "notifications_timezone": null,
            "notifications_at": null,
            "created_at": "2026-06-02T13:54:35.000000Z",
            "updated_at": "2026-06-02T13:54:35.000000Z",
            "invitation_status": "accepted",
            "acadle_invitation_status": null,
            "roles": [
                {
                    "id": 4,
                    "name": "ClinicianSupport"
                }
            ]
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to list users for invitations",
    "code": "INVITATIONS:USERS:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/invite/users

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Query Parameters

perpage integer optional

Elements per page (Default: 20).

page integer optional

Page number (Default: 1).

extend string optional

Comma-separated list of relation extensions (available: clinicians, patients, devices, devicesAsClinician, roles, permissions).

Response

Response Fields

items object

id integer

User ID.

mrn string

Medical Record Number.

name string

User full name.

email string

User email address.

language string

User preferred language.

phone string

User phone number.

phone_country string

Phone country code.

phone_verified_at string

Phone verification date.

address1 string

Address line 1.

address2 string

Address line 2.

postal_code string

Postal code.

city string

City.

country string

Country code (ISO 3166 Alpha-2).

clinic_name string

Clinic name.

clinic_location string

Clinic location.

image string

User profile image URL.

mfa_enabled boolean

Whether MFA is enabled.

mfa_method string

Preferred MFA method.

mfa_verified_to string

MFA session verified until.

location_id integer

Location ID.

created_by integer

ID of the user who created this account.

active boolean

Whether the user account is active.

notifications_timezone string

Timezone for notifications.

notifications_at string

Preferred notification time.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

invitation_status string

User invitation status.

acadle_invitation_status string

Acadle invitation status.

roles object[]

User roles.

id integer

Role ID.

name string

Role name.

permissions object[]

User permissions.

clinicians object[]

Assigned clinicians.

devices object[]

Assigned devices.

patients object[]

Assigned patients.

invitations object[]

User invitations.

paginator object

total integer

Total number of items.

count integer

Number of items on current page.

perpage integer

Items per page.

current_page integer

Current page number.

last_page integer

Last page number.

Create clinician invitations

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/invite" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"patient_id\": 1,
    \"invitations\": [
        {
            \"user_id\": 1,
            \"user_email\": \"newuser@domain.com\",
            \"role\": \"Clinician\",
            \"training_confirmed\": true,
            \"permissions\": [
                \"ut\"
            ]
        }
    ]
}"

const url = new URL(
    "http://localhost:8000/api/invite"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "patient_id": 1,
    "invitations": [
        {
            "user_id": 1,
            "user_email": "newuser@domain.com",
            "role": "Clinician",
            "training_confirmed": true,
            "permissions": [
                "ut"
            ]
        }
    ]
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (201):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 10,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 17,
            "mrn": "5LNWEFAF1780408475",
            "name": "Isai Bergnaum",
            "email": "1780408475sean40@example.com",
            "language": "en",
            "phone": "(845) 475-5997",
            "phone_country": "PW",
            "phone_verified_at": null,
            "address1": "92840 Berge Mountains Suite 158",
            "address2": "East Courtneystad, MT 98533-0133",
            "postal_code": "54314",
            "city": "Carter Ltd",
            "country": "IE",
            "clinic_name": "Lake Tia",
            "clinic_location": "904 Kulas Branch\nNorth Duane, AK 55814-0090",
            "image": null,
            "mfa_enabled": 0,
            "mfa_method": null,
            "mfa_verified_to": null,
            "location_id": null,
            "created_by": null,
            "active": 1,
            "notifications_timezone": null,
            "notifications_at": null,
            "created_at": "2026-06-02T13:54:35.000000Z",
            "updated_at": "2026-06-02T13:54:35.000000Z",
            "invitation_status": null,
            "acadle_invitation_status": "accepted",
            "invitations": [
                {
                    "id": 1,
                    "user_id": 18,
                    "invited_user_id": 17,
                    "type": "clinician",
                    "training_confirmed": 1,
                    "created_at": "2026-06-02T13:54:36.000000Z",
                    "updated_at": "2026-06-02T13:54:36.000000Z"
                }
            ],
            "roles": [
                {
                    "id": 6,
                    "name": "AcadleUser"
                }
            ]
        },
        {
            "id": 20,
            "mrn": "82FCW69A1780408477",
            "name": "Eliezer Green DVM",
            "email": "1780408477hulda.armstrong@example.net",
            "language": "en",
            "phone": "1-352-584-2864",
            "phone_country": "DM",
            "phone_verified_at": null,
            "address1": "5025 Kelton Estate",
            "address2": "East Dexterborough, WA 29024-4242",
            "postal_code": "04861-6623",
            "city": "Kulas, Jacobson and Heaney",
            "country": "US",
            "clinic_name": "Rosemarieside",
            "clinic_location": "566 Yasmeen Bypass\nPort Joanie, ND 83579-9625",
            "image": null,
            "mfa_enabled": 0,
            "mfa_method": null,
            "mfa_verified_to": null,
            "location_id": null,
            "created_by": null,
            "active": 1,
            "notifications_timezone": null,
            "notifications_at": null,
            "created_at": "2026-06-02T13:54:37.000000Z",
            "updated_at": "2026-06-02T13:54:37.000000Z",
            "invitation_status": "accepted",
            "acadle_invitation_status": null,
            "invitations": [
                {
                    "id": 2,
                    "user_id": 21,
                    "invited_user_id": 20,
                    "type": "clinician",
                    "training_confirmed": 0,
                    "created_at": "2026-06-02T13:54:38.000000Z",
                    "updated_at": "2026-06-02T13:54:38.000000Z"
                }
            ],
            "roles": [
                {
                    "id": 2,
                    "name": "ClinicAdmin"
                }
            ]
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to create invitations",
    "code": "INVITATIONS:CREATE:INSUFFICIENT_PERMISSION"
}

Example response (403, No access to given patient):


{
    "message": "No access to given patient",
    "code": "INVITATIONS:CREATE:NO_ACCESS_TO_PATIENT"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/invite

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

patient_id string optional

Patient user ID. The id of an existing record in the App\Models\User table. Example: 1

invitations object[]

List of invitations (maximum entries: 10, array of objects).

user_id integer optional

Invited user ID. Use only for existing users. Don't use together with user_email. This field is required when invitations.*.user_email is not present. The id of an existing record in the App\Models\User table. Example: 1

user_email string optional

Invited user e-mail. Use only for non-existing users. Don't use together with user_id. This field is required when invitations.*.user_id is not present. MUST_BE_EMAIL. Example: newuser@domain.com

role string optional

Invited user role. Use only for non-existing users. This field is required when invitations.*.user_id is not present. Example: Clinician

Must be one of:

ClinicAdmin
Clinician
ClinicianSupport

training_confirmed boolean true false

Confirmation that invited user was properly trained to use ADP. Must be accepted. Example: true

permissions string[] optional

List of permissions to assign to the user (use that for ClinicianSupport role).

permissions[] string optional

Permission name. Example: quaerat

Response

Response Fields

items object

id integer

User ID.

mrn string

Medical Record Number.

name string

User full name.

email string

User email address.

language string

User preferred language.

phone string

User phone number.

phone_country string

Phone country code.

phone_verified_at string

Phone verification date.

address1 string

Address line 1.

address2 string

Address line 2.

postal_code string

Postal code.

city string

City.

country string

Country code (ISO 3166 Alpha-2).

clinic_name string

Clinic name.

clinic_location string

Clinic location.

image string

User profile image URL.

mfa_enabled boolean

Whether MFA is enabled.

mfa_method string

Preferred MFA method.

mfa_verified_to string

MFA session verified until.

location_id integer

Location ID.

created_by integer

ID of the user who created this account.

active boolean

Whether the user account is active.

notifications_timezone string

Timezone for notifications.

notifications_at string

Preferred notification time.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

invitation_status string

User invitation status.

acadle_invitation_status string

Acadle invitation status.

roles object[]

User roles.

id integer

Role ID.

name string

Role name.

permissions object[]

User permissions.

clinicians object[]

Assigned clinicians.

devices object[]

Assigned devices.

patients object[]

Assigned patients.

invitations object[]

User invitations.

paginator object

total integer

Total number of items.

count integer

Number of items on current page.

perpage integer

Items per page.

current_page integer

Current page number.

last_page integer

Last page number.

Resend invitation

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/invite/1/resend" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/invite/1/resend"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "POST",
    headers,
}).then(response => response.json());

Example response (201):


{
    "id": 23,
    "mrn": "2W6VKS8G1780408478",
    "name": "Camron Langosh",
    "email": "1780408478hjakubowski@example.net",
    "language": "en",
    "phone": "1-430-394-3793",
    "phone_country": "MX",
    "phone_verified_at": null,
    "address1": "9145 Maynard Rapid",
    "address2": "Mathildetown, CO 94476",
    "postal_code": "67850-6164",
    "city": "Abernathy-Blick",
    "country": "US",
    "clinic_name": "East Birdie",
    "clinic_location": "8776 Danika Fall Apt. 945\nSouth Arne, NE 69209-6657",
    "image": null,
    "mfa_enabled": 0,
    "mfa_method": null,
    "mfa_verified_to": null,
    "location_id": null,
    "created_by": null,
    "active": 1,
    "notifications_timezone": null,
    "notifications_at": null,
    "created_at": "2026-06-02T13:54:38.000000Z",
    "updated_at": "2026-06-02T13:54:38.000000Z",
    "invitation_status": "accepted",
    "acadle_invitation_status": null,
    "invitations": [
        {
            "id": 3,
            "user_id": 24,
            "invited_user_id": 23,
            "type": "clinician",
            "training_confirmed": 0,
            "created_at": "2026-06-02T13:54:39.000000Z",
            "updated_at": "2026-06-02T13:54:39.000000Z"
        }
    ],
    "roles": [
        {
            "id": 4,
            "name": "ClinicianSupport"
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to resend invitations",
    "code": "INVITATIONS:RESEND:INSUFFICIENT_PERMISSION"
}

Example response (403, User not found):


{
    "message": "User not found",
    "code": "INVITATIONS:RESEND:USER_NOT_FOUND"
}

Example response (403, Invitation already accepted):


{
    "message": "Invitation already accepted",
    "code": "INVITATIONS:RESEND:INVITATION_ALREADY_ACCEPTED"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Response

Response Fields

id integer

User ID.

mrn string

Medical Record Number.

name string

User full name.

email string

User email address.

language string

User preferred language.

phone string

User phone number.

phone_country string

Phone country code.

phone_verified_at string

Phone verification date.

address1 string

Address line 1.

address2 string

Address line 2.

postal_code string

Postal code.

city string

City.

country string

Country code (ISO 3166 Alpha-2).

clinic_name string

Clinic name.

clinic_location string

Clinic location.

image string

User profile image URL.

mfa_enabled boolean

Whether MFA is enabled.

mfa_method string

Preferred MFA method.

mfa_verified_to string

MFA session verified until.

location_id integer

Location ID.

created_by integer

ID of the user who created this account.

active boolean

Whether the user account is active.

notifications_timezone string

Timezone for notifications.

notifications_at string

Preferred notification time.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

invitation_status string

User invitation status.

acadle_invitation_status string

Acadle invitation status.

roles object[]

User roles.

id integer

Role ID.

name string

Role name.

permissions object[]

User permissions.

clinicians object[]

Assigned clinicians.

devices object[]

Assigned devices.

patients object[]

Assigned patients.

invitations object[]

User invitations.

List all users invited to Acadle

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/invite/acadle/users?search=john" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/invite/acadle/users"
);

const params = {
    "search": "john",
};
Object.keys(params)
    .forEach(key => url.searchParams.append(key, params[key]));

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 26,
            "mrn": "MDR466L21780408479",
            "name": "Ms. Cayla Prohaska",
            "email": "1780408479bwiegand@example.com",
            "language": "en",
            "phone": "+1 (331) 526-4979",
            "phone_country": "LT",
            "phone_verified_at": null,
            "address1": "55243 Torrance Lakes",
            "address2": "Port Lizzie, ME 26746",
            "postal_code": "38197",
            "city": "Christiansen-Larkin",
            "country": "FI",
            "clinic_name": "Cordeliabury",
            "clinic_location": "1278 Heaney Forest\nJerodton, PA 64393-0183",
            "image": null,
            "mfa_enabled": 0,
            "mfa_method": null,
            "mfa_verified_to": null,
            "location_id": null,
            "created_by": null,
            "active": 1,
            "notifications_timezone": null,
            "notifications_at": null,
            "created_at": "2026-06-02T13:54:39.000000Z",
            "updated_at": "2026-06-02T13:54:39.000000Z",
            "invitation_status": null,
            "acadle_invitation_status": null,
            "roles": [
                {
                    "id": 5,
                    "name": "Amputee"
                }
            ]
        },
        {
            "id": 27,
            "mrn": "BEG6HNMR1780408480",
            "name": "Mr. Lazaro Boehm III",
            "email": "1780408480beatrice87@example.net",
            "language": "en",
            "phone": "(769) 210-3600",
            "phone_country": "MH",
            "phone_verified_at": null,
            "address1": "61883 Carole Lock Apt. 226",
            "address2": "Kleinport, AR 76729",
            "postal_code": "43550-1929",
            "city": "Bashirian-Considine",
            "country": "CZ",
            "clinic_name": "Amyafort",
            "clinic_location": "1583 Smith Rapid\nNorth Winston, MI 78333-4114",
            "image": null,
            "mfa_enabled": 0,
            "mfa_method": null,
            "mfa_verified_to": null,
            "location_id": null,
            "created_by": null,
            "active": 1,
            "notifications_timezone": null,
            "notifications_at": null,
            "created_at": "2026-06-02T13:54:40.000000Z",
            "updated_at": "2026-06-02T13:54:40.000000Z",
            "invitation_status": null,
            "acadle_invitation_status": "accepted",
            "roles": [
                {
                    "id": 6,
                    "name": "AcadleUser"
                }
            ]
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to list users for invitations",
    "code": "INVITATIONS_ACADLE:USERS:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/invite/acadle/users

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Query Parameters

search string optional

Filter users by searching in: user name, user email, contact name, contact surname, contact email, CPO number. Example: john

perpage integer optional

Elements per page (Default: 20).

page integer optional

Page number (Default: 1).

extend string optional

Comma-separated list of relation extensions (available: roles, acadleSurvey, latestAcadleSurvey).

sortby string optional

Sort by field (available: survey_completion_date). Default: survey_completion_date, desc.

sortdir string optional

Sort direction (available: asc, desc).

Response

Response Fields

items object

id integer

User ID.

mrn string

Medical Record Number.

name string

User full name.

email string

User email address.

language string

User preferred language.

phone string

User phone number.

phone_country string

Phone country code.

phone_verified_at string

Phone verification date.

address1 string

Address line 1.

address2 string

Address line 2.

postal_code string

Postal code.

city string

City.

country string

Country code (ISO 3166 Alpha-2).

clinic_name string

Clinic name.

clinic_location string

Clinic location.

image string

User profile image URL.

mfa_enabled boolean

Whether MFA is enabled.

mfa_method string

Preferred MFA method.

mfa_verified_to string

MFA session verified until.

location_id integer

Location ID.

created_by integer

ID of the user who created this account.

active boolean

Whether the user account is active.

notifications_timezone string

Timezone for notifications.

notifications_at string

Preferred notification time.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

invitation_status string

User invitation status.

acadle_invitation_status string

Acadle invitation status.

roles object[]

User roles.

id integer

Role ID.

name string

Role name.

permissions object[]

User permissions.

clinicians object[]

Assigned clinicians.

devices object[]

Assigned devices.

patients object[]

Assigned patients.

invitations object[]

User invitations.

paginator object

total integer

Total number of items.

count integer

Number of items on current page.

perpage integer

Items per page.

current_page integer

Current page number.

last_page integer

Last page number.

Create Acadle invitation

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/invite/acadle" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"email\": \"bschowalter@example.net\"
}"

const url = new URL(
    "http://localhost:8000/api/invite/acadle"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "email": "bschowalter@example.net"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (201):


{
    "id": 28,
    "mrn": "TFLB9X6J1780408480",
    "name": "Dillan Mueller",
    "email": "1780408480keeling.jordy@example.org",
    "language": "en",
    "phone": "+1-321-224-7379",
    "phone_country": "ME",
    "phone_verified_at": null,
    "address1": "55244 Krajcik Plain",
    "address2": "North Moriah, RI 93918",
    "postal_code": "75816",
    "city": "Terry LLC",
    "country": "NL",
    "clinic_name": "Dietrichside",
    "clinic_location": "1210 Oran Union Suite 857\nElseshire, CT 96672",
    "image": null,
    "mfa_enabled": 0,
    "mfa_method": null,
    "mfa_verified_to": null,
    "location_id": null,
    "created_by": null,
    "active": 1,
    "notifications_timezone": null,
    "notifications_at": null,
    "created_at": "2026-06-02T13:54:40.000000Z",
    "updated_at": "2026-06-02T13:54:40.000000Z",
    "invitation_status": null,
    "acadle_invitation_status": null,
    "invitations": [
        {
            "id": 4,
            "user_id": 29,
            "invited_user_id": 28,
            "type": "clinician",
            "training_confirmed": 1,
            "created_at": "2026-06-02T13:54:41.000000Z",
            "updated_at": "2026-06-02T13:54:41.000000Z"
        }
    ],
    "roles": [
        {
            "id": 1,
            "name": "SuperAdmin"
        }
    ]
}

Example response (400, User already exists):


{
    "message": "User with this email already exists in the system",
    "code": "INVITATIONS_ACADLE:CREATE:USER_ALREADY_EXISTS"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to create invitations",
    "code": "INVITATIONS_ACADLE:CREATE:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Response

Response Fields

id integer

User ID.

mrn string

Medical Record Number.

name string

User full name.

email string

User email address.

language string

User preferred language.

phone string

User phone number.

phone_country string

Phone country code.

phone_verified_at string

Phone verification date.

address1 string

Address line 1.

address2 string

Address line 2.

postal_code string

Postal code.

city string

City.

country string

Country code (ISO 3166 Alpha-2).

clinic_name string

Clinic name.

clinic_location string

Clinic location.

image string

User profile image URL.

mfa_enabled boolean

Whether MFA is enabled.

mfa_method string

Preferred MFA method.

mfa_verified_to string

MFA session verified until.

location_id integer

Location ID.

created_by integer

ID of the user who created this account.

active boolean

Whether the user account is active.

notifications_timezone string

Timezone for notifications.

notifications_at string

Preferred notification time.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

invitation_status string

User invitation status.

acadle_invitation_status string

Acadle invitation status.

roles object[]

User roles.

id integer

Role ID.

name string

Role name.

permissions object[]

User permissions.

clinicians object[]

Assigned clinicians.

devices object[]

Assigned devices.

patients object[]

Assigned patients.

invitations object[]

User invitations.

Resend Acadle invitation

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/invite/acadle/1/resend" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/invite/acadle/1/resend"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "POST",
    headers,
}).then(response => response.json());

Example response (201):


{
    "id": 31,
    "mrn": "3R9FUY261780408482",
    "name": "Lera Rau",
    "email": "1780408482okeefe.russ@example.org",
    "language": "en",
    "phone": "+1 (571) 290-4455",
    "phone_country": "BW",
    "phone_verified_at": null,
    "address1": "3820 Ernie Squares Apt. 927",
    "address2": "South Diana, MT 31947-4575",
    "postal_code": "95891-7169",
    "city": "Gutmann-Johnston",
    "country": "SK",
    "clinic_name": "East Aleneville",
    "clinic_location": "186 Crooks Isle\nMilanhaven, OK 97196-2540",
    "image": null,
    "mfa_enabled": 0,
    "mfa_method": null,
    "mfa_verified_to": null,
    "location_id": null,
    "created_by": null,
    "active": 1,
    "notifications_timezone": null,
    "notifications_at": null,
    "created_at": "2026-06-02T13:54:42.000000Z",
    "updated_at": "2026-06-02T13:54:42.000000Z",
    "invitation_status": null,
    "acadle_invitation_status": "accepted",
    "invitations": [
        {
            "id": 5,
            "user_id": 32,
            "invited_user_id": 31,
            "type": "clinician",
            "training_confirmed": 1,
            "created_at": "2026-06-02T13:54:43.000000Z",
            "updated_at": "2026-06-02T13:54:43.000000Z"
        }
    ],
    "roles": [
        {
            "id": 6,
            "name": "AcadleUser"
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to resend invitations",
    "code": "INVITATIONS_ACADLE:RESEND:INSUFFICIENT_PERMISSION"
}

Example response (403, User not found):


{
    "message": "User not found",
    "code": "INVITATIONS_ACADLE:RESEND:USER_NOT_FOUND"
}

Example response (403, Invitation already accepted):


{
    "message": "Invitation already accepted",
    "code": "INVITATIONS_ACADLE:RESEND:INVITATION_ALREADY_ACCEPTED"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Response

Response Fields

id integer

User ID.

mrn string

Medical Record Number.

name string

User full name.

email string

User email address.

language string

User preferred language.

phone string

User phone number.

phone_country string

Phone country code.

phone_verified_at string

Phone verification date.

address1 string

Address line 1.

address2 string

Address line 2.

postal_code string

Postal code.

city string

City.

country string

Country code (ISO 3166 Alpha-2).

clinic_name string

Clinic name.

clinic_location string

Clinic location.

image string

User profile image URL.

mfa_enabled boolean

Whether MFA is enabled.

mfa_method string

Preferred MFA method.

mfa_verified_to string

MFA session verified until.

location_id integer

Location ID.

created_by integer

ID of the user who created this account.

active boolean

Whether the user account is active.

notifications_timezone string

Timezone for notifications.

notifications_at string

Preferred notification time.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

invitation_status string

User invitation status.

acadle_invitation_status string

Acadle invitation status.

roles object[]

User roles.

id integer

Role ID.

name string

Role name.

permissions object[]

User permissions.

clinicians object[]

Assigned clinicians.

devices object[]

Assigned devices.

patients object[]

Assigned patients.

invitations object[]

User invitations.

Admin access to invitation tokens

requires authentication

Requires admin.invitations_tokens_access permission.
Fetches only non-accepted and non-expired invitations.

Example request:

curl --request GET \
    --get "http://localhost:8000/api/invite/tokens/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/invite/tokens/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200, OK):


[
    {
        "id": 1,
        "user_id": 1,
        "invited_user_id": 2,
        "token": "I0V25NUVMHC0F8RRF1YEY5BT",
        "training_confirmed": 1,
        "created_at": "2025-05-12T12:00:00.000000Z",
        "updated_at": "2025-05-12T12:00:00.000000Z"
    }
]

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to get invitation tokens",
    "code": "INVITATIONS:ADMIN_TOKENS:INSUFFICIENT_PERMISSION"
}

Example response (404, User not found):


{
    "message": "User not found",
    "code": "INVITATIONS:ADMIN_TOKENS:USER_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Logs

API endpoints for managing event logs

Get events log

requires authentication

user - user account that performed the action
element - element model that has been affected by the action

Example request:

curl --request GET \
    --get "http://localhost:8000/api/logs?search=Test&ip=200.200.100.5&user=1&type=user&date_from=1642003200&date_to=1642003200&include_sessions=1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \

const url = new URL(
    "http://localhost:8000/api/logs"
);

const params = {
    "search": "Test",
    "ip": "200.200.100.5",
    "user": "1",
    "type": "user",
    "date_from": "1642003200",
    "date_to": "1642003200",
    "include_sessions": "1",
};
Object.keys(params)
    .forEach(key => url.searchParams.append(key, params[key]));

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 1,
            "user_id": 277,
            "event_name": "event_factory",
            "element_type": "App\\Models\\User",
            "element_id": 276,
            "comments": "",
            "ip_address": "173.183.197.207",
            "created_at": "2020-05-31T21:13:28.000000Z",
            "updated_at": "2026-06-02T13:56:33.000000Z",
            "username": "Green Mohr V",
            "user": {
                "id": 277,
                "mrn": "VMSPW63A1780408593",
                "name": "Green Mohr V",
                "email": "1780408593shanon93@example.org",
                "language": "en",
                "phone": "(708) 892-0230",
                "phone_country": "GP",
                "phone_verified_at": null,
                "address1": "859 Liam Locks",
                "address2": "West Mckenna, NV 18578-6595",
                "postal_code": "89985-0789",
                "city": "Bechtelar, Steuber and Carroll",
                "country": "FI",
                "clinic_name": "Robertsside",
                "clinic_location": "56118 Webster Squares\nStammland, IL 33654",
                "image": null,
                "mfa_enabled": 0,
                "mfa_method": null,
                "mfa_verified_to": null,
                "location_id": null,
                "created_by": null,
                "active": 1,
                "notifications_timezone": null,
                "notifications_at": null,
                "created_at": "2026-06-02T13:56:33.000000Z",
                "updated_at": "2026-06-02T13:56:33.000000Z",
                "invitation_status": null,
                "acadle_invitation_status": null,
                "roles": []
            },
            "element": {
                "id": 276,
                "mrn": "PQBSJKYB1780408592",
                "name": "Nathanial Botsford",
                "email": "1780408592grady.pattie@example.net",
                "language": "en",
                "phone": "520-534-0124",
                "phone_country": "SX",
                "phone_verified_at": null,
                "address1": "4678 Gibson Cape Apt. 871",
                "address2": "Elveraview, MO 61238",
                "postal_code": "86299-4615",
                "city": "Mante Ltd",
                "country": "FI",
                "clinic_name": "Rosalynstad",
                "clinic_location": "91527 Claudie Cape\nNorth Jimmie, OH 01028",
                "image": null,
                "mfa_enabled": 0,
                "mfa_method": null,
                "mfa_verified_to": null,
                "location_id": null,
                "created_by": null,
                "active": 1,
                "notifications_timezone": null,
                "notifications_at": null,
                "created_at": "2026-06-02T13:56:32.000000Z",
                "updated_at": "2026-06-02T13:56:32.000000Z",
                "invitation_status": null,
                "acadle_invitation_status": null,
                "roles": []
            }
        },
        {
            "id": 2,
            "user_id": 280,
            "event_name": "event_factory",
            "element_type": "App\\Models\\User",
            "element_id": 279,
            "comments": "",
            "ip_address": "240.124.182.42",
            "created_at": "1993-02-23T07:03:55.000000Z",
            "updated_at": "2026-06-02T13:56:34.000000Z",
            "username": "Dr. Ola Koss Sr.",
            "user": {
                "id": 280,
                "mrn": "6KWKVWFT1780408594",
                "name": "Dr. Ola Koss Sr.",
                "email": "1780408594amir.bergstrom@example.net",
                "language": "en",
                "phone": "678-362-8609",
                "phone_country": "PL",
                "phone_verified_at": null,
                "address1": "2785 Rocio Motorway",
                "address2": "Schaeferburgh, IL 13086",
                "postal_code": "63322",
                "city": "Littel and Sons",
                "country": "DE",
                "clinic_name": "Ariannamouth",
                "clinic_location": "174 Roob Haven Suite 435\nSouth Gerhard, AL 80775",
                "image": null,
                "mfa_enabled": 0,
                "mfa_method": null,
                "mfa_verified_to": null,
                "location_id": null,
                "created_by": null,
                "active": 1,
                "notifications_timezone": null,
                "notifications_at": null,
                "created_at": "2026-06-02T13:56:34.000000Z",
                "updated_at": "2026-06-02T13:56:34.000000Z",
                "invitation_status": null,
                "acadle_invitation_status": null,
                "roles": []
            },
            "element": {
                "id": 279,
                "mrn": "4T8RQY7H1780408594",
                "name": "Buford Gaylord",
                "email": "1780408594austyn.dicki@example.org",
                "language": "en",
                "phone": "+1 (310) 450-3435",
                "phone_country": "JP",
                "phone_verified_at": null,
                "address1": "9219 Batz Crescent",
                "address2": "Macejkovicchester, ND 70384",
                "postal_code": "52814-5856",
                "city": "Langosh-Rath",
                "country": "PL",
                "clinic_name": "Kassandrafurt",
                "clinic_location": "20635 Zachery Viaduct Apt. 438\nChristabury, IA 11957",
                "image": null,
                "mfa_enabled": 0,
                "mfa_method": null,
                "mfa_verified_to": null,
                "location_id": null,
                "created_by": null,
                "active": 1,
                "notifications_timezone": null,
                "notifications_at": null,
                "created_at": "2026-06-02T13:56:34.000000Z",
                "updated_at": "2026-06-02T13:56:34.000000Z",
                "invitation_status": null,
                "acadle_invitation_status": null,
                "roles": []
            }
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to access event logs",
    "code": "EVENT_LOGS:LIST:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/logs

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Query Parameters

search string optional

Filter logs by related element data:

for users: search by name or email
for devices: search by serial or bluetooth_id
for P2P sessions: search by amputee_uuid or clinician_uuid

Example: `Test`

ip string optional

Filter logs by IP address. Example: 200.200.100.5

user integer optional

Filter logs by user. Example: 1

type string optional

Filter logs by event type (available: user, device, p2p_session. Example: user

date_from integer optional

Filter logs from date (timestamp). Example: 1642003200

date_to integer optional

Filter logs to date (timestamp). Example: 1642003200

include_sessions integer optional

perpage integer optional

Elements per page (Default: 20).

page integer optional

Page number (Default: 1).

sortby string optional

Sort by field (available: type, username, ip_address, date). Default: date, desc.

sortdir string optional

Sort direction (available: asc, desc).

Body Parameters

date_from string optional

date_to string optional

Response

Response Fields

items object

id integer

Event log entry ID.

user_id integer

ID of the user who triggered the event.

event_name string

Event name.

element_type string

Type of the related element.

element_id integer

ID of the related element.

comments string

Additional event comments.

ip_address string

IP address of the request.

created_at string

Event timestamp.

updated_at string

Last update timestamp.

user object

User who triggered the event.

element object

Related element.

paginator object

total integer

Total number of items.

count integer

Number of items on current page.

perpage integer

Items per page.

current_page integer

Current page number.

last_page integer

Last page number.

Messages

API endpoints for message center

Get user messages list

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/messages" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"filter\": \"all\"
}"

const url = new URL(
    "http://localhost:8000/api/messages"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "filter": "all"
};

fetch(url, {
    method: "GET",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (200):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 1,
            "user_id": null,
            "message_id": 1,
            "is_read": 0,
            "is_archived": 0,
            "is_deleted": 0,
            "message": {
                "id": 1,
                "sender_id": null,
                "title": "Omnis sed aut suscipit minus possimus.",
                "content": "Nisi et et quibusdam sequi quisquam.",
                "created_at": "2026-06-02T13:55:32.000000Z",
                "updated_at": "2026-06-02T13:55:32.000000Z",
                "sender": null
            }
        },
        {
            "id": 2,
            "user_id": null,
            "message_id": 2,
            "is_read": 0,
            "is_archived": 0,
            "is_deleted": 0,
            "message": {
                "id": 2,
                "sender_id": null,
                "title": "Molestiae non labore enim nobis voluptate id.",
                "content": "Aut quasi qui enim in deleniti.",
                "created_at": "2026-06-02T13:55:32.000000Z",
                "updated_at": "2026-06-02T13:55:32.000000Z",
                "sender": null
            }
        }
    ]
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/messages

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Query Parameters

sortby string optional

Sort by field (available: date). Default: date, desc.

sortdir string optional

Sort direction (available: asc, desc).

Body Parameters

filter string optional

Filter results by message status (available: archived, all). Defaults to non-archived only. Example: all

Response

Response Fields

items object

id integer

User message ID.

user_id integer

Recipient user ID.

message_id integer

Associated message ID.

is_read boolean

Whether the message has been read.

is_archived boolean

Whether the message is archived.

is_deleted boolean

Whether the message is deleted.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

message object

The message content.

paginator object

total integer

Total number of items.

count integer

Number of items on current page.

perpage integer

Items per page.

current_page integer

Current page number.

last_page integer

Last page number.

Send message to multiple users

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/message" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"title\": \"Reminder about your vaccination\",
    \"content\": \"Lorem ipsum dolor sit amet\",
    \"roles\": \"Clinician,Amputee\"
}"

const url = new URL(
    "http://localhost:8000/api/message"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "title": "Reminder about your vaccination",
    "content": "Lorem ipsum dolor sit amet",
    "roles": "Clinician,Amputee"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (202, OK):


{
    "message": "Messages sent",
    "count": 3,
    "code": "MESSAGES:SEND:SENT"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to send messages",
    "code": "MESSAGES:SEND:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/message

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

title string

Message title. MINIMUM:STRING_LENGTH:3. Example: Reminder about your vaccination

content string optional

Message content text. Example: Lorem ipsum dolor sit amet

roles string optional

Filter recipients with given role (comma-separated). Example: Clinician,Amputee

Mark message as read

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/message/1/read" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"state\": true
}"

const url = new URL(
    "http://localhost:8000/api/message/1/read"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "state": true
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (202):


{
    "id": 3,
    "user_id": 143,
    "message_id": 3,
    "is_read": 0,
    "is_archived": 0,
    "is_deleted": 0
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to mark this message as read",
    "code": "MESSAGES:READ:INSUFFICIENT_PERMISSION"
}

Example response (404, Message not found):


{
    "message": "Message not found",
    "code": "MESSAGES:READ:MESSAGE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/message/{id}/read

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

id integer

User Message ID (id from messages list; do not confuse with message_id). Example: 1

Body Parameters

state boolean optional true false

Explicit read state. Default: 1 (true). Example: true

Response

Response Fields

id integer

User message ID.

user_id integer

Recipient user ID.

message_id integer

Associated message ID.

is_read boolean

Whether the message has been read.

is_archived boolean

Whether the message is archived.

is_deleted boolean

Whether the message is deleted.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

message object

The message content.

Mark message as archived

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/message/1/archive" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"state\": true
}"

const url = new URL(
    "http://localhost:8000/api/message/1/archive"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "state": true
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (202):


{
    "id": 4,
    "user_id": 144,
    "message_id": 4,
    "is_read": 0,
    "is_archived": 0,
    "is_deleted": 0
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to mark this message as archived",
    "code": "MESSAGES:ARCHIVE:INSUFFICIENT_PERMISSION"
}

Example response (404, Message not found):


{
    "message": "Message not found",
    "code": "MESSAGES:ARCHIVE:MESSAGE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/message/{id}/archive

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

id integer

User Message ID (id from messages list; do not confuse with message_id). Example: 1

Body Parameters

state boolean optional true false

Explicit archived state. Default: 1 (true). Example: true

Response

Response Fields

id integer

User message ID.

user_id integer

Recipient user ID.

message_id integer

Associated message ID.

is_read boolean

Whether the message has been read.

is_archived boolean

Whether the message is archived.

is_deleted boolean

Whether the message is deleted.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

message object

The message content.

List of messages and tickets

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/messages-and-tickets" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/messages-and-tickets"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200, OK):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 2
    },
    "items": [
        {
            "type": "UserMessage",
            "date": "2024-11-02T10:00:00.000000Z",
            "item": {
                "id": 1,
                "user_id": 1,
                "message_id": 1,
                "is_read": 0,
                "is_archived": 0,
                "is_deleted": 0,
                "message": {
                    "id": 1,
                    "sender_id": 1,
                    "title": "Message title",
                    "content": "Message content",
                    "created_at": "2024-11-02T10:00:00.000000Z",
                    "updated_at": "2024-11-02T10:00:00.000000Z",
                    "sender": {
                        "id": 1,
                        "mrn": "MRN",
                        "name": "User name",
                        "email": "user@domain.com",
                        "language": "en",
                        "phone": "",
                        "phone_verified_at": null,
                        "address1": "",
                        "address2": "",
                        "postal_code": "",
                        "city": "",
                        "clinic_name": "Test Company",
                        "clinic_location": "Test Company Location",
                        "image": null,
                        "mfa_enabled": 0,
                        "mfa_method": "email",
                        "mfa_verified_to": null,
                        "created_by": null,
                        "active": 1,
                        "notifications_timezone": "Europe/Warsaw",
                        "notifications_at": "08:00:00",
                        "created_at": "2024-09-01T15:00:00.000000Z",
                        "updated_at": "2024-10-10T10:30:00.000000Z",
                        "invitation_status": "accepted",
                        "roles": [
                            {
                                "id": 3,
                                "name": "Clinician",
                                "guard_name": "web",
                                "created_at": "2024-01-01T12:00:00.000000Z",
                                "updated_at": "2024-01-01T12:00:00.000000Z",
                                "pivot": {
                                    "model_id": 1,
                                    "role_id": 3,
                                    "model_type": "App\\Models\\User"
                                }
                            }
                        ]
                    }
                }
            }
        },
        {
            "type": "SupportTicket",
            "date": "2024-11-01T15:15:00.000000Z",
            "item": {
                "id": 1,
                "sender_id": 1,
                "recipient_id": 999,
                "device_id": null,
                "meeting_date": "2024-11-10T15:00:00.000000Z",
                "meeting_type": "none",
                "contact_email": null,
                "status": "new",
                "created_at": "2024-11-01T15:15:00.000000Z",
                "updated_at": "2024-11-01T15:15:00.000000Z",
                "sender": {
                    "id": 1,
                    "mrn": "MRN",
                    "name": "User name",
                    "email": "user@domain.com",
                    "language": "en",
                    "phone": "",
                    "phone_verified_at": null,
                    "address1": "",
                    "address2": "",
                    "postal_code": "",
                    "city": "",
                    "clinic_name": "Test Company",
                    "clinic_location": "Test Company Location",
                    "image": null,
                    "mfa_enabled": 0,
                    "mfa_method": "email",
                    "mfa_verified_to": null,
                    "created_by": null,
                    "active": 1,
                    "notifications_timezone": "Europe/Warsaw",
                    "notifications_at": "08:00:00",
                    "created_at": "2024-09-01T15:00:00.000000Z",
                    "updated_at": "2024-10-10T10:30:00.000000Z",
                    "invitation_status": "accepted",
                    "roles": [
                        {
                            "id": 3,
                            "name": "Clinician",
                            "guard_name": "web",
                            "created_at": "2024-01-01T12:00:00.000000Z",
                            "updated_at": "2024-01-01T12:00:00.000000Z",
                            "pivot": {
                                "model_id": 1,
                                "role_id": 3,
                                "model_type": "App\\Models\\User"
                            }
                        }
                    ]
                },
                "recipient": {
                    "id": 2,
                    "mrn": "MRN2",
                    "name": "Patient",
                    "email": "patient4@domain.com",
                    "language": "en",
                    "phone": "",
                    "phone_verified_at": null,
                    "address1": "",
                    "address2": "",
                    "postal_code": "",
                    "city": "",
                    "clinic_name": null,
                    "clinic_location": null,
                    "image": null,
                    "mfa_enabled": 0,
                    "mfa_method": null,
                    "mfa_verified_to": null,
                    "created_by": 1,
                    "active": 1,
                    "notifications_timezone": null,
                    "notifications_at": null,
                    "created_at": "2024-10-01T15:00:00.000000Z",
                    "updated_at": "2024-10-10T10:30:00.000000Z",
                    "invitation_status": null,
                    "roles": [
                        {
                            "id": 5,
                            "name": "Amputee",
                            "guard_name": "web",
                            "created_at": "2024-01-01T12:00:00.000000Z",
                            "updated_at": "2024-01-01T12:00:00.000000Z",
                            "pivot": {
                                "model_id": 2,
                                "role_id": 5,
                                "model_type": "App\\Models\\User"
                            }
                        }
                    ]
                },
                "device": null,
                "messages": [
                    {
                        "id": 1,
                        "ticket_id": 1,
                        "sender_id": 1,
                        "title": "Communication channel",
                        "content": "Welcome to the digital platform. Please use this channel for communicating with your clinician.",
                        "is_read": false,
                        "created_at": "2024-11-01T15:15:00.000000Z",
                        "updated_at": "2024-11-01T15:15:00.000000Z",
                        "attachments": [],
                        "sender": {
                            "id": 1,
                            "mrn": "MRN",
                            "name": "User name",
                            "email": "user@domain.com",
                            "language": "en",
                            "phone": "",
                            "phone_verified_at": null,
                            "address1": "",
                            "address2": "",
                            "postal_code": "",
                            "city": "",
                            "clinic_name": "Test Company",
                            "clinic_location": "Test Company Location",
                            "image": null,
                            "mfa_enabled": 0,
                            "mfa_method": "email",
                            "mfa_verified_to": null,
                            "created_by": null,
                            "active": 1,
                            "notifications_timezone": "Europe/Warsaw",
                            "notifications_at": "08:00:00",
                            "created_at": "2024-09-01T15:00:00.000000Z",
                            "updated_at": "2024-10-10T10:30:00.000000Z",
                            "invitation_status": "accepted",
                            "roles": [
                                {
                                    "id": 3,
                                    "name": "Clinician",
                                    "guard_name": "web",
                                    "created_at": "2024-01-01T12:00:00.000000Z",
                                    "updated_at": "2024-01-01T12:00:00.000000Z",
                                    "pivot": {
                                        "model_id": 1,
                                        "role_id": 3,
                                        "model_type": "App\\Models\\User"
                                    }
                                }
                            ]
                        }
                    }
                ]
            }
        }
    ]
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Status of messages and tickets

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/messages-and-tickets/status" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/messages-and-tickets/status"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200, OK):


{
    "messages": 5,
    "tickets": 2
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Mobile logs

API endpoints for managing mobile logs

Store log

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/mobile-logs" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: multipart/form-data" \
    --header "Accept: application/json" \
    --form "device_id=1"\
    --form "date_start=2008-12-26 05:39:26"\
    --form "date_end=2010-10-03 22:01:57"\
    --form "encrypt_key=aliquid"\
    --form "encrypt_iv=non"\
    --form "file=@/tmp/phpiTFXl6"

const url = new URL(
    "http://localhost:8000/api/mobile-logs"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "multipart/form-data",
    "Accept": "application/json",
};

const body = new FormData();
body.append('device_id', '1');
body.append('date_start', '2008-12-26 05:39:26');
body.append('date_end', '2010-10-03 22:01:57');
body.append('encrypt_key', 'aliquid');
body.append('encrypt_iv', 'non');
body.append('file', document.querySelector('input[name="file"]').files[0]);

fetch(url, {
    method: "POST",
    headers,
    body,
}).then(response => response.json());

Example response (202):


{
    "id": 1,
    "user_id": 281,
    "device_id": 134,
    "file": "/tmp/faker9BiB3b",
    "date_start": "1974-11-29 02:46:05",
    "date_end": "1985-01-31 22:10:10",
    "created_at": "2026-06-02T13:56:35.000000Z",
    "updated_at": "2026-06-02T13:56:35.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to write mobile logs",
    "code": "MOBILE_LOGS:STORE:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/mobile-logs

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: multipart/form-data

Accept

Example: application/json

Body Parameters

device_id string optional

Device ID. The id of an existing record in the App\Models\Device table. Example: 1

file file

Log file. Must be a file. MAXIMUM:FILE_KB:102400. Example: /tmp/phpiTFXl6

date_start string

Log start date. MUST_BE_DATE Must be a valid date in the format Y-m-d H:i:s. Example: 2008-12-26 05:39:26

date_end string

Log end date. MUST_BE_DATE Must be a valid date in the format Y-m-d H:i:s. MUST_BE_AFTER:date_start. Example: 2010-10-03 22:01:57

encrypt_key string

Encryption key. Example: aliquid

encrypt_iv string

Encryption IV (Initialization Vector). Example: non

Response

Response Fields

id integer

Mobile log ID.

user_id integer

Associated user ID.

device_id integer

Associated device ID.

file string

Log file URL.

date_start string

Log start date.

date_end string

Log end date.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Get logs

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/mobile-logs" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/mobile-logs"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 2,
            "user_id": 282,
            "device_id": 135,
            "file": "/tmp/fakerWgxJJu",
            "date_start": "1983-02-05 17:56:28",
            "date_end": "1985-11-28 17:55:07",
            "created_at": "2026-06-02T13:56:35.000000Z",
            "updated_at": "2026-06-02T13:56:35.000000Z"
        },
        {
            "id": 3,
            "user_id": 283,
            "device_id": 136,
            "file": "/tmp/fakerSuTcBc",
            "date_start": "1975-02-23 05:43:05",
            "date_end": "1974-01-20 16:09:32",
            "created_at": "2026-06-02T13:56:36.000000Z",
            "updated_at": "2026-06-02T13:56:36.000000Z"
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to view mobile logs",
    "code": "MOBILE_LOGS:GET:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/mobile-logs

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Query Parameters

perpage integer optional

Elements per page (Default: 20).

page integer optional

Page number (Default: 1).

extend string optional

Comma-separated list of relation extensions (available: device).

sortby string optional

Sort by field (available: date). Default: date, desc.

sortdir string optional

Sort direction (available: asc, desc).

Response

Response Fields

items object

id integer

Mobile log ID.

user_id integer

Associated user ID.

device_id integer

Associated device ID.

file string

Log file URL.

date_start string

Log start date.

date_end string

Log end date.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

paginator object

total integer

Total number of items.

count integer

Number of items on current page.

perpage integer

Items per page.

current_page integer

Current page number.

last_page integer

Last page number.

Get logs by user

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/mobile-logs/user/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/mobile-logs/user/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 4,
            "user_id": 284,
            "device_id": 137,
            "file": "/tmp/fakerWsjsXa",
            "date_start": "1972-07-23 04:19:07",
            "date_end": "1978-07-23 14:58:19",
            "created_at": "2026-06-02T13:56:36.000000Z",
            "updated_at": "2026-06-02T13:56:36.000000Z"
        },
        {
            "id": 5,
            "user_id": 285,
            "device_id": 138,
            "file": "/tmp/fakerHfOAn3",
            "date_start": "2019-11-15 04:28:36",
            "date_end": "2012-05-10 03:48:21",
            "created_at": "2026-06-02T13:56:37.000000Z",
            "updated_at": "2026-06-02T13:56:37.000000Z"
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to view mobile logs",
    "code": "MOBILE_LOGS:GET_BY_USER:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/mobile-logs/user/{userId}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

userId integer

User ID. Example: 1

Query Parameters

perpage integer optional

Elements per page (Default: 20).

page integer optional

Page number (Default: 1).

extend string optional

Comma-separated list of relation extensions (available: device).

sortby string optional

Sort by field (available: date). Default: date, desc.

sortdir string optional

Sort direction (available: asc, desc).

Response

Response Fields

items object

id integer

Mobile log ID.

user_id integer

Associated user ID.

device_id integer

Associated device ID.

file string

Log file URL.

date_start string

Log start date.

date_end string

Log end date.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

paginator object

total integer

Total number of items.

count integer

Number of items on current page.

perpage integer

Items per page.

current_page integer

Current page number.

last_page integer

Last page number.

Get logs by device

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/mobile-logs/device/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/mobile-logs/device/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 6,
            "user_id": 286,
            "device_id": 139,
            "file": "/tmp/fakerb28uSq",
            "date_start": "2020-12-01 08:53:08",
            "date_end": "1976-09-13 20:25:11",
            "created_at": "2026-06-02T13:56:37.000000Z",
            "updated_at": "2026-06-02T13:56:37.000000Z"
        },
        {
            "id": 7,
            "user_id": 287,
            "device_id": 140,
            "file": "/tmp/fakerJynlZ0",
            "date_start": "2000-09-24 16:23:58",
            "date_end": "1989-04-20 16:25:20",
            "created_at": "2026-06-02T13:56:38.000000Z",
            "updated_at": "2026-06-02T13:56:38.000000Z"
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to view mobile logs",
    "code": "MOBILE_LOGS:GET_BY_DEVICE:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/mobile-logs/device/{deviceId}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

deviceId integer

Device ID. Example: 1

Query Parameters

perpage integer optional

Elements per page (Default: 20).

page integer optional

Page number (Default: 1).

sortby string optional

Sort by field (available: date). Default: date, desc.

sortdir string optional

Sort direction (available: asc, desc).

Response

Response Fields

items object

id integer

Mobile log ID.

user_id integer

Associated user ID.

device_id integer

Associated device ID.

file string

Log file URL.

date_start string

Log start date.

date_end string

Log end date.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

paginator object

total integer

Total number of items.

count integer

Number of items on current page.

perpage integer

Items per page.

current_page integer

Current page number.

last_page integer

Last page number.

Old Configurator Statistics

Endpoints for old configurator statistics

Create old configurator statistic

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/old-configurator-statistics" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"entry_id\": \"voluptas\",
    \"comments\": \"laudantium\"
}"

const url = new URL(
    "http://localhost:8000/api/old-configurator-statistics"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "entry_id": "voluptas",
    "comments": "laudantium"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (201):


{
    "id": 1,
    "entry_id": "ebca2cea-68af-3737-a2ff-85f06254c0e0",
    "comments": "{\"key\":\"quia\",\"value\":4625512}",
    "created_at": "2026-06-02T13:54:30.000000Z",
    "updated_at": "2026-06-02T13:54:30.000000Z"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/old-configurator-statistics

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

entry_id string

Example: voluptas

comments string optional

Example: laudantium

List old configurator statistics

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/old-configurator-statistics" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/old-configurator-statistics"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 2,
            "entry_id": "d0cb228b-1291-3123-b0da-52648e803d2e",
            "comments": "{\"key\":\"autem\",\"value\":3070269}",
            "created_at": "2026-06-02T13:56:57.000000Z",
            "updated_at": "2026-06-02T13:56:57.000000Z"
        },
        {
            "id": 3,
            "entry_id": "fef6d1dc-43e2-3233-93d2-c839b64966f8",
            "comments": "{\"key\":\"mollitia\",\"value\":9024120}",
            "created_at": "2026-06-02T13:56:57.000000Z",
            "updated_at": "2026-06-02T13:56:57.000000Z"
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to view old configurator statistics",
    "code": "OLD_CONFIGURATOR_STATISTIC:LIST:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/old-configurator-statistics

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Query Parameters

perpage integer optional

Elements per page (Default: 20).

page integer optional

Page number (Default: 1).

P2P Sessions

API endpoints for managing P2P (peer-to-peer) sessions

Get active session data

requires authentication

Returns P2P sessions with status "waiting_for_decision" or "in_progress".

Example request:

curl --request GET \
    --get "http://localhost:8000/api/p2p/user/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/p2p/user/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "id": 1,
    "amputee_id": null,
    "device_id": null,
    "clinician_id": null,
    "amputee_uuid": "3c446c3c-257a-3292-a955-605184690ee1",
    "clinician_uuid": "d3f1b73c-a263-3d27-8403-21fdd7431f1d",
    "token": "N524MC54XF3T5AXLCTSNVZAE2B82WZ5M723QFNXLRAT2HKH8K7942SGPJG95NLRJ",
    "status": "waiting_for_decision",
    "created_at": "2026-06-02T13:55:22.000000Z",
    "updated_at": "2026-06-02T13:55:22.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to view active P2P session",
    "code": "P2P_SESSIONS:GET_ACTIVE:INSUFFICIENT_PERMISSION"
}

Example response (404, Session not found):


{
    "message": "P2P session not found",
    "code": "P2P_SESSIONS:GET_ACTIVE:SESSION_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Response

Response Fields

id integer

P2P session ID.

device_id integer

Associated device ID.

amputee_id integer

Patient (amputee) user ID.

clinician_id integer

Clinician user ID.

amputee_uuid string

Amputee WebRTC UUID.

clinician_uuid string

Clinician WebRTC UUID.

token string

Session token.

status string

Session status.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

amputee object

Patient user.

clinician object

Clinician user.

Get session data

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/p2p/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/p2p/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "id": 2,
    "amputee_id": null,
    "device_id": null,
    "clinician_id": null,
    "amputee_uuid": "285a1591-817d-3bd9-9c42-c44af6caaccc",
    "clinician_uuid": "8485be3b-7b4b-3902-aac0-774d7b27ccd0",
    "token": "QC3V39TW87GGVSTK59EAS5ACLCCBEG9XZ6BZSRUU4JG4TYJRAAUVYQD484RQ7SBF",
    "status": "waiting_for_decision",
    "created_at": "2026-06-02T13:55:22.000000Z",
    "updated_at": "2026-06-02T13:55:22.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to view P2P session",
    "code": "P2P_SESSIONS:GET:INSUFFICIENT_PERMISSION"
}

Example response (404, Session not found):


{
    "message": "P2P session not found",
    "code": "P2P_SESSIONS:GET:SESSION_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Response

Response Fields

id integer

P2P session ID.

device_id integer

Associated device ID.

amputee_id integer

Patient (amputee) user ID.

clinician_id integer

Clinician user ID.

amputee_uuid string

Amputee WebRTC UUID.

clinician_uuid string

Clinician WebRTC UUID.

token string

Session token.

status string

Session status.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

amputee object

Patient user.

clinician object

Clinician user.

Create new P2P session

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/p2p/create" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"amputee_id\": 2,
    \"device_id\": 5,
    \"amputee_uuid\": \"0cbbb527-44ab-3a08-81c9-179edd42874c\",
    \"clinician_uuid\": \"e2abca07-cc68-353e-9435-a6bad11c2d0c\"
}"

const url = new URL(
    "http://localhost:8000/api/p2p/create"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "amputee_id": 2,
    "device_id": 5,
    "amputee_uuid": "0cbbb527-44ab-3a08-81c9-179edd42874c",
    "clinician_uuid": "e2abca07-cc68-353e-9435-a6bad11c2d0c"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (201):


{
    "id": 3,
    "amputee_id": 118,
    "device_id": null,
    "clinician_id": 119,
    "amputee_uuid": "3ad83de0-6b2d-3e38-99a1-0804b1d5a929",
    "clinician_uuid": "871c2f77-4ff8-3b39-954d-9baab8efb19c",
    "token": "KL9T8ZC7GVRKXKW27ZL7H92PRBCLBNJQ4MNY3GF2B8F5FBSXHLE76MFY53VAVN4W",
    "status": "waiting_for_decision",
    "created_at": "2026-06-02T13:55:22.000000Z",
    "updated_at": "2026-06-02T13:55:22.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to create P2P session",
    "code": "P2P_SESSIONS:CREATE:INSUFFICIENT_PERMISSION"
}

Example response (403, Device not assigned to patient):


{
    "message": "Device is not assigned to the patient",
    "code": "P2P_SESSIONS:CREATE:DEVICE_NOT_ASSIGNED"
}

Example response (404, User not found):


{
    "message": "User not found",
    "code": "P2P_SESSIONS:CREATE:USER_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/p2p/create

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

amputee_id string

Amputee ID. The id of an existing record in the App\Models\User table. Example: 2

device_id string

Device ID. The id of an existing record in the App\Models\Device table. Example: 5

amputee_uuid string

Amputee's UUID generated by integration platform. Example: 0cbbb527-44ab-3a08-81c9-179edd42874c

clinician_uuid string

Clinician's UUID generated by integration platform. Example: e2abca07-cc68-353e-9435-a6bad11c2d0c

Response

Response Fields

id integer

P2P session ID.

device_id integer

Associated device ID.

amputee_id integer

Patient (amputee) user ID.

clinician_id integer

Clinician user ID.

amputee_uuid string

Amputee WebRTC UUID.

clinician_uuid string

Clinician WebRTC UUID.

token string

Session token.

status string

Session status.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

amputee object

Patient user.

clinician object

Clinician user.

Update P2P session

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/p2p/1/update" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"status\": \"closed\"
}"

const url = new URL(
    "http://localhost:8000/api/p2p/1/update"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "status": "closed"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (202):


{
    "id": 4,
    "amputee_id": null,
    "device_id": null,
    "clinician_id": null,
    "amputee_uuid": "a1da0d99-0e03-3828-a060-f882a9e5ed38",
    "clinician_uuid": "1ba84622-ff23-3167-83b7-824d666dce55",
    "token": "V5EKPTLGJW6WDGYHQT6T6KCY685F9Y9SEYU9QKBQ7WCSRPWFTQCFMGTND8F8UBRD",
    "status": "waiting_for_decision",
    "created_at": "2026-06-02T13:55:22.000000Z",
    "updated_at": "2026-06-02T13:55:22.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to update P2P session",
    "code": "P2P_SESSIONS:UPDATE:INSUFFICIENT_PERMISSION"
}

Example response (404, Session not found):


{
    "message": "P2P session not found",
    "code": "P2P_SESSIONS:UPDATE:SESSION_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/p2p/{id}/update

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

id integer

P2P session ID. Example: 1

Body Parameters

status string

Session status. Example: closed

Must be one of:

waiting_for_decision
in_progress
closed

Response

Response Fields

id integer

P2P session ID.

device_id integer

Associated device ID.

amputee_id integer

Patient (amputee) user ID.

clinician_id integer

Clinician user ID.

amputee_uuid string

Amputee WebRTC UUID.

clinician_uuid string

Clinician WebRTC UUID.

token string

Session token.

status string

Session status.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

amputee object

Patient user.

clinician object

Clinician user.

Product features and toggles

API endpoints for product features and toggles management

Definitions:

Product feature - part of application which can be considered as hardware compatible (with for example specific PCB version) or software compatible (with for example specific firmware version). Product features are used in versions compatibility matrix.
Product toggle - part of application which can be enabled and disabled for current environment.

List product features

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/product/features" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/product/features"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


[
    {
        "id": 1,
        "name": "blue",
        "slug": "sed-id-in-laborum-provident-praesentium",
        "created_at": "2026-06-02T13:56:19.000000Z",
        "updated_at": "2026-06-02T13:56:19.000000Z"
    },
    {
        "id": 2,
        "name": "lime",
        "slug": "molestiae-id-ipsam-cumque-illo-placeat-pariatur-delectus",
        "created_at": "2026-06-02T13:56:19.000000Z",
        "updated_at": "2026-06-02T13:56:19.000000Z"
    }
]

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to view product features and toggles",
    "code": "PRODUCT_FEATURES:LIST:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Response

Response Fields

id integer

Product feature ID.

name string

Feature name.

slug string

Feature slug (unique identifier).

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Create product feature

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/product/features" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"name\": \"Remote config\",
    \"slug\": \"remote_config\"
}"

const url = new URL(
    "http://localhost:8000/api/product/features"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "name": "Remote config",
    "slug": "remote_config"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (201):


{
    "id": 3,
    "name": "aqua",
    "slug": "explicabo-assumenda-unde-dolorem-tempora-nihil",
    "created_at": "2026-06-02T13:56:19.000000Z",
    "updated_at": "2026-06-02T13:56:19.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage product features and toggles",
    "code": "PRODUCT_FEATURES:CREATE:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/product/features

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

name string

Name of product feature. Example: Remote config

slug string

Simplified name of product feature without spaces (e.g. remote_config for Remote config name). Example: remote_config

Response

Response Fields

id integer

Product feature ID.

name string

Feature name.

slug string

Feature slug (unique identifier).

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Update product feature

requires authentication

Example request:

curl --request PUT \
    "http://localhost:8000/api/product/features/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"name\": \"Remote config\",
    \"slug\": \"remote_config\"
}"

const url = new URL(
    "http://localhost:8000/api/product/features/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "name": "Remote config",
    "slug": "remote_config"
};

fetch(url, {
    method: "PUT",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (201):


{
    "id": 4,
    "name": "blue",
    "slug": "et-ut-aut-velit-excepturi-deserunt-ipsam-vero",
    "created_at": "2026-06-02T13:56:19.000000Z",
    "updated_at": "2026-06-02T13:56:19.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage product features and toggles",
    "code": "PRODUCT_FEATURES:UPDATE:INSUFFICIENT_PERMISSION"
}

Example response (404, Product feature not found):


{
    "message": "Product feature not found",
    "code": "PRODUCT_FEATURES:UPDATE:FEATURE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

PUT api/product/features/{id}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

id integer

Product Feature ID. Example: 1

Body Parameters

name string optional

Name of product feature. Example: Remote config

slug string optional

Simplified name of product feature without spaces (e.g. remote_config for Remote config name). Example: remote_config

Response

Response Fields

id integer

Product feature ID.

name string

Feature name.

slug string

Feature slug (unique identifier).

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Delete product feature

requires authentication

Example request:

curl --request DELETE \
    "http://localhost:8000/api/product/features/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/product/features/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "DELETE",
    headers,
}).then(response => response.json());

Example response (202, OK):


{
    "message": "Product feature deleted",
    "code": "PRODUCT_FEATURES:DELETE:DELETED"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage product features and toggles",
    "code": "PRODUCT_FEATURES:DELETE:INSUFFICIENT_PERMISSION"
}

Example response (403, Product feature belongs to compatibility entries):


{
    "message": "Cannot delete: product feature belongs to existing compatibility entries (1)",
    "code": "PRODUCT_FEATURES:DELETE:HAS_COMPATIBILITY_ENTRIES"
}

Example response (404, Product feature not found):


{
    "message": "Product feature not found",
    "code": "PRODUCT_FEATURES:DELETE:FEATURE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

List product toggles

requires authentication

This endpoint returns list of global toggles. For some users there could exist user toggle which overrides these settings.

Example request:

curl --request GET \
    --get "http://localhost:8000/api/product/toggles?global=1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/product/toggles"
);

const params = {
    "global": "1",
};
Object.keys(params)
    .forEach(key => url.searchParams.append(key, params[key]));

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


[
    {
        "id": 1,
        "name": "olive",
        "slug": "reiciendis-aperiam-expedita-maiores-dolores",
        "enabled": 1,
        "created_at": "2026-06-02T13:56:19.000000Z",
        "updated_at": "2026-06-02T13:56:19.000000Z"
    },
    {
        "id": 2,
        "name": "gray",
        "slug": "autem-quasi-nam-et-aut",
        "enabled": 1,
        "created_at": "2026-06-02T13:56:19.000000Z",
        "updated_at": "2026-06-02T13:56:19.000000Z"
    }
]

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to view product features and toggles",
    "code": "PRODUCT_TOGGLES:LIST:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Response

Response Fields

id integer

Product toggle ID.

name string

Toggle name.

slug string

Toggle slug (unique identifier).

enabled boolean

Whether the toggle is enabled globally.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Create product toggle

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/product/toggles" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"name\": \"Remote config\",
    \"slug\": \"remote_config\",
    \"enabled\": true
}"

const url = new URL(
    "http://localhost:8000/api/product/toggles"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "name": "Remote config",
    "slug": "remote_config",
    "enabled": true
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (201):


{
    "id": 3,
    "name": "navy",
    "slug": "quia-molestiae-molestias-qui-aut-autem",
    "enabled": 1,
    "created_at": "2026-06-02T13:56:19.000000Z",
    "updated_at": "2026-06-02T13:56:19.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage product features and toggles",
    "code": "PRODUCT_TOGGLES:CREATE:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/product/toggles

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

name string

Name of product toggle. Example: Remote config

slug string

Simplified name of product toggle without spaces (e.g. remote_config for Remote config name). Example: remote_config

enabled boolean true false

Is toggle enabled on this environment?. Example: true

Response

Response Fields

id integer

Product toggle ID.

name string

Toggle name.

slug string

Toggle slug (unique identifier).

enabled boolean

Whether the toggle is enabled globally.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Update product toggle

requires authentication

Example request:

curl --request PUT \
    "http://localhost:8000/api/product/toggles/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"name\": \"Remote config\",
    \"slug\": \"remote_config\",
    \"enabled\": true
}"

const url = new URL(
    "http://localhost:8000/api/product/toggles/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "name": "Remote config",
    "slug": "remote_config",
    "enabled": true
};

fetch(url, {
    method: "PUT",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (201):


{
    "id": 4,
    "name": "silver",
    "slug": "neque-qui-ratione-ut-odio-possimus-quia",
    "enabled": 1,
    "created_at": "2026-06-02T13:56:19.000000Z",
    "updated_at": "2026-06-02T13:56:19.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage product features and toggles",
    "code": "PRODUCT_TOGGLES:UPDATE:INSUFFICIENT_PERMISSION"
}

Example response (404, Product toggle not found):


{
    "message": "Product toggle not found",
    "code": "PRODUCT_TOGGLES:UPDATE:TOGGLE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

PUT api/product/toggles/{id}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

id integer

Product Toggle ID. Example: 1

Body Parameters

name string optional

Name of product toggle. Example: Remote config

slug string optional

Simplified name of product toggle without spaces (e.g. remote_config for Remote config name). Example: remote_config

enabled boolean optional true false

Is toggle enabled on this environment?. Example: true

Response

Response Fields

id integer

Product toggle ID.

name string

Toggle name.

slug string

Toggle slug (unique identifier).

enabled boolean

Whether the toggle is enabled globally.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Delete product toggle

requires authentication

Example request:

curl --request DELETE \
    "http://localhost:8000/api/product/toggles/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/product/toggles/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "DELETE",
    headers,
}).then(response => response.json());

Example response (202, OK):


{
    "message": "Product toggle deleted",
    "code": "PRODUCT_TOGGLES:DELETE:DELETED"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage product features and toggles",
    "code": "PRODUCT_TOGGLES:DELETE:INSUFFICIENT_PERMISSION"
}

Example response (404, Product toggle not found):


{
    "message": "Product toggle not found",
    "code": "PRODUCT_TOGGLES:DELETE:TOGGLE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

List product FAQ

requires authentication

This endpoint returns list of product FAQ.

Example request:

curl --request GET \
    --get "http://localhost:8000/api/product/faq" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/product/faq"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 1,
            "question": "Ut aut nobis ut et adipisci sunt est. Deserunt vitae nesciunt a ducimus adipisci porro nobis. Debitis tenetur ipsam architecto nam aut dolorem. Ab harum impedit voluptates.",
            "answer": "Cupiditate iste et repellat veniam hic. In maiores qui nihil laboriosam vel tenetur et porro. Nam quia quibusdam fugit harum quidem.",
            "created_at": "2026-06-02T13:56:19.000000Z",
            "updated_at": "2026-06-02T13:56:19.000000Z"
        },
        {
            "id": 2,
            "question": "Debitis et molestiae aliquam nihil quo temporibus. Sit et sit dolores in provident minima. Ducimus eum doloremque nulla enim quidem architecto.",
            "answer": "Corrupti et aspernatur assumenda perferendis dolorem. Labore repudiandae dolor velit temporibus est nihil. Et totam ratione a sed.",
            "created_at": "2026-06-02T13:56:19.000000Z",
            "updated_at": "2026-06-02T13:56:19.000000Z"
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to view product features and toggles",
    "code": "FAQ:LIST:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/product/faq

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Query Parameters

perpage integer optional

Elements per page (Default: 20).

page integer optional

Page number (Default: 1).

Response

Response Fields

items object

id integer

FAQ entry ID.

question string

FAQ question.

answer string

FAQ answer.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

paginator object

total integer

Total number of items.

count integer

Number of items on current page.

perpage integer

Items per page.

current_page integer

Current page number.

last_page integer

Last page number.

List user toggles

requires authentication

This endpoint returns list of user toggles with their global toggles.

Example request:

curl --request GET \
    --get "http://localhost:8000/api/user/1/toggles" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/user/1/toggles"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


[
    {
        "id": 1,
        "toggle_id": 6,
        "user_id": 251,
        "enabled": 1,
        "created_at": "2026-06-02T13:56:20.000000Z",
        "updated_at": "2026-06-02T13:56:20.000000Z",
        "toggle": {
            "id": 6,
            "name": "green",
            "slug": "dolore-et-rem-commodi-sunt-iusto-earum-corrupti-sapiente",
            "enabled": 1,
            "created_at": "2026-06-02T13:56:20.000000Z",
            "updated_at": "2026-06-02T13:56:20.000000Z"
        }
    },
    {
        "id": 2,
        "toggle_id": 8,
        "user_id": 252,
        "enabled": 1,
        "created_at": "2026-06-02T13:56:20.000000Z",
        "updated_at": "2026-06-02T13:56:20.000000Z",
        "toggle": {
            "id": 8,
            "name": "teal",
            "slug": "nesciunt-enim-ut-dolorem-qui-qui",
            "enabled": 1,
            "created_at": "2026-06-02T13:56:20.000000Z",
            "updated_at": "2026-06-02T13:56:20.000000Z"
        }
    }
]

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to view product features and toggles",
    "code": "USER_TOGGLES:LIST:INSUFFICIENT_PERMISSION"
}

Example response (404, User not found):


{
    "message": "User not found",
    "code": "USER_TOGGLES:LIST:USER_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Response

Response Fields

id integer

User product toggle ID.

toggle_id integer

Associated product toggle ID.

user_id integer

Associated user ID.

enabled boolean

Whether the toggle is enabled for this user.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

toggle object

Associated product toggle.

Create user toggle

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/user/1/toggles" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"toggle_id\": 1,
    \"enabled\": true
}"

const url = new URL(
    "http://localhost:8000/api/user/1/toggles"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "toggle_id": 1,
    "enabled": true
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (201):


{
    "id": 3,
    "toggle_id": 9,
    "user_id": 253,
    "enabled": 1,
    "created_at": "2026-06-02T13:56:21.000000Z",
    "updated_at": "2026-06-02T13:56:21.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage product features and toggles",
    "code": "USER_TOGGLES:CREATE:INSUFFICIENT_PERMISSION"
}

Example response (403, Cannot create user toggles for SuperAdmin):


{
    "message": "Cannot create user toggles for SuperAdmin",
    "code": "USER_TOGGLES:CREATE:CANNOT_CREATE_FOR_SUPER_ADMIN"
}

Example response (404, User not found):


{
    "message": "User not found",
    "code": "USER_TOGGLES:CREATE:USER_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/user/{userId}/toggles

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

userId integer

User ID. Example: 1

Body Parameters

toggle_id integer

Product toggle ID. The id of an existing record in the App\Models\ProductToggle table. Example: 1

enabled boolean true false

Is user toggle enabled on this environment?. Example: true

Response

Response Fields

id integer

User product toggle ID.

toggle_id integer

Associated product toggle ID.

user_id integer

Associated user ID.

enabled boolean

Whether the toggle is enabled for this user.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

toggle object

Associated product toggle.

Update user toggle

requires authentication

Example request:

curl --request PUT \
    "http://localhost:8000/api/user/1/toggles/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"enabled\": true
}"

const url = new URL(
    "http://localhost:8000/api/user/1/toggles/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "enabled": true
};

fetch(url, {
    method: "PUT",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (201):


{
    "id": 4,
    "toggle_id": 10,
    "user_id": 254,
    "enabled": 1,
    "created_at": "2026-06-02T13:56:21.000000Z",
    "updated_at": "2026-06-02T13:56:21.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage product features and toggles",
    "code": "USER_TOGGLES:UPDATE:INSUFFICIENT_PERMISSION"
}

Example response (404, User not found):


{
    "message": "User not found",
    "code": "USER_TOGGLES:UPDATE:USER_NOT_FOUND"
}

Example response (404, User toggle not found):


{
    "message": "User toggle not found",
    "code": "USER_TOGGLES:UPDATE:TOGGLE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

PUT api/user/{userId}/toggles/{toggleId}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

userId integer

User ID. Example: 1

toggleId integer

User Toggle ID. Example: 1

Body Parameters

enabled boolean optional true false

Is user toggle enabled on this environment?. Example: true

Response

Response Fields

id integer

User product toggle ID.

toggle_id integer

Associated product toggle ID.

user_id integer

Associated user ID.

enabled boolean

Whether the toggle is enabled for this user.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

toggle object

Associated product toggle.

Delete user toggle

requires authentication

Example request:

curl --request DELETE \
    "http://localhost:8000/api/user/1/toggles/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/user/1/toggles/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "DELETE",
    headers,
}).then(response => response.json());

Example response (202, OK):


{
    "message": "User toggle deleted",
    "code": "USER_TOGGLES:DELETE:DELETED"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage product features and toggles",
    "code": "USER_TOGGLES:DELETE:INSUFFICIENT_PERMISSION"
}

Example response (404, User not found):


{
    "message": "User not found",
    "code": "USER_TOGGLES:DELETE:USER_NOT_FOUND"
}

Example response (404, User toggle not found):


{
    "message": "User toggle not found",
    "code": "USER_TOGGLES:DELETE:TOGGLE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

DELETE api/user/{userId}/toggles/{toggleId}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

userId integer

User ID. Example: 1

toggleId integer

User Toggle ID. Example: 1

Releases

API endpoints for releases management

List releases

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/releases" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/releases"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 1,
            "version_type": "App\\Models\\SoftwareVersion",
            "version_id": 14,
            "description": "Qui unde earum consequuntur unde nulla exercitationem. Veritatis quidem eum nulla in veritatis aut. Dignissimos vitae veniam distinctio sit corrupti et.",
            "created_at": "2026-06-02T13:56:22.000000Z",
            "updated_at": "2026-06-02T13:56:22.000000Z",
            "version": {
                "id": 14,
                "name": "4.23.22",
                "created_at": "2026-06-02T13:56:22.000000Z",
                "updated_at": "2026-06-02T13:56:22.000000Z"
            }
        },
        {
            "id": 2,
            "version_type": "App\\Models\\SoftwareVersion",
            "version_id": 15,
            "description": "Vitae laboriosam recusandae quisquam omnis quia. Quod tenetur ullam est perferendis error rerum. Mollitia sit tenetur ea ut. Voluptas aspernatur et aperiam autem voluptate minus autem.",
            "created_at": "2026-06-02T13:56:22.000000Z",
            "updated_at": "2026-06-02T13:56:22.000000Z",
            "version": {
                "id": 15,
                "name": "9.69.63",
                "created_at": "2026-06-02T13:56:22.000000Z",
                "updated_at": "2026-06-02T13:56:22.000000Z"
            }
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to list releases",
    "code": "RELEASES:LIST:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/releases

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Query Parameters

perpage integer optional

Elements per page (Default: 20).

page integer optional

Page number (Default: 1).

Response

Response Fields

items object

id integer

Release ID.

version_type string

Version model type (morph class name).

version_id integer

Version model ID.

description string

Release notes.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

version object

Associated version (software, firmware or PCB).

paginator object

total integer

Total number of items.

count integer

Number of items on current page.

perpage integer

Items per page.

current_page integer

Current page number.

last_page integer

Last page number.

Get release

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/releases/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/releases/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "id": 3,
    "version_type": "App\\Models\\SoftwareVersion",
    "version_id": 16,
    "description": "Assumenda porro aut ut ratione tenetur iste quia. Quia totam incidunt eius vero aut doloremque atque magni. Architecto est omnis aspernatur consequatur itaque.",
    "created_at": "2026-06-02T13:56:22.000000Z",
    "updated_at": "2026-06-02T13:56:22.000000Z",
    "version": {
        "id": 16,
        "name": "4.77.15",
        "created_at": "2026-06-02T13:56:22.000000Z",
        "updated_at": "2026-06-02T13:56:22.000000Z"
    }
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to view release",
    "code": "RELEASES:GET:INSUFFICIENT_PERMISSION"
}

Example response (404, Release not found):


{
    "message": "Release not found",
    "code": "RELEASES:GET:RELEASE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Response

Response Fields

id integer

Release ID.

version_type string

Version model type (morph class name).

version_id integer

Version model ID.

description string

Release notes.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

version object

Associated version (software, firmware or PCB).

Create release

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/releases" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"version_type\": \"SoftwareVersion\",
    \"version_id\": 1,
    \"description\": \"This version fixes minor bugs.\"
}"

const url = new URL(
    "http://localhost:8000/api/releases"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "version_type": "SoftwareVersion",
    "version_id": 1,
    "description": "This version fixes minor bugs."
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (201):


{
    "id": 4,
    "version_type": "App\\Models\\SoftwareVersion",
    "version_id": 17,
    "description": "Enim in enim magnam voluptatem dolore iure ut temporibus. Porro optio ex debitis itaque sunt. Fugit et repellendus eos natus assumenda recusandae rem. Omnis ratione voluptates provident aliquid.",
    "created_at": "2026-06-02T13:56:22.000000Z",
    "updated_at": "2026-06-02T13:56:22.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to create release",
    "code": "RELEASES:CREATE:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/releases

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

version_type string

Version type. Example: SoftwareVersion

Must be one of:

DeviceModel
SoftwareVersion
FirmwareVersion
PCBVersion

version_id integer

Version ID. Example: 1

description string optional

Release description. Example: This version fixes minor bugs.

Response

Response Fields

id integer

Release ID.

version_type string

Version model type (morph class name).

version_id integer

Version model ID.

description string

Release notes.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

version object

Associated version (software, firmware or PCB).

Update release

requires authentication

Example request:

curl --request PUT \
    "http://localhost:8000/api/releases/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"version_type\": \"SoftwareVersion\",
    \"version_id\": 1,
    \"description\": \"This version fixes minor bugs.\"
}"

const url = new URL(
    "http://localhost:8000/api/releases/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "version_type": "SoftwareVersion",
    "version_id": 1,
    "description": "This version fixes minor bugs."
};

fetch(url, {
    method: "PUT",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (202):


{
    "id": 5,
    "version_type": "App\\Models\\SoftwareVersion",
    "version_id": 18,
    "description": "Eius qui ad aut quae maxime illo consequatur. Doloribus et eius repellat error neque doloribus. Dolorum ut quibusdam explicabo omnis in doloribus. Porro sunt et omnis ut et non rerum.",
    "created_at": "2026-06-02T13:56:23.000000Z",
    "updated_at": "2026-06-02T13:56:23.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to update release",
    "code": "RELEASES:UPDATE:INSUFFICIENT_PERMISSION"
}

Example response (404, Release not found):


{
    "message": "Release not found",
    "code": "RELEASES:UPDATE:RELEASE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

PUT api/releases/{id}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

id integer

Release ID. Example: 1

Body Parameters

version_type string optional

Version type. Example: SoftwareVersion

Must be one of:

DeviceModel
SoftwareVersion
FirmwareVersion
PCBVersion

version_id integer optional

Version ID. Example: 1

description string optional

Release description. Example: This version fixes minor bugs.

Response

Response Fields

id integer

Release ID.

version_type string

Version model type (morph class name).

version_id integer

Version model ID.

description string

Release notes.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

version object

Associated version (software, firmware or PCB).

Delete release

requires authentication

Example request:

curl --request DELETE \
    "http://localhost:8000/api/releases/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/releases/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "DELETE",
    headers,
}).then(response => response.json());

Example response (202, OK):


{
    "message": "Version deleted",
    "code": "RELEASES:DELETE:DELETED"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to delete release",
    "code": "RELEASES:DELETE:INSUFFICIENT_PERMISSION"
}

Example response (404, Release not found):


{
    "message": "Release not found",
    "code": "RELEASES:DELETE:RELEASE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Search

API endpoints for search

Search

requires authentication

Searches in:

users (by name and email)
devices (by serial number)

Returned collection contains entries of type User or Device.

If the device has a patient assigned, this patient is included in the results as an entry of type User. If the device has no patient, the device is included in the results.

Users included in the results, but not found directly have "devices" relation filled in with the devices that match the search query.

Example request:

curl --request GET \
    --get "http://localhost:8000/api/search?query=Tom" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"query\": \"jguzrhoswryoscsnbllgxquhxvvfgctedmvdnwqsbxmyfvmcsmddoqhgrosrsadiitseeteigfxlpiazulxxcohqc\"
}"

const url = new URL(
    "http://localhost:8000/api/search"
);

const params = {
    "query": "Tom",
};
Object.keys(params)
    .forEach(key => url.searchParams.append(key, params[key]));

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "query": "jguzrhoswryoscsnbllgxquhxvvfgctedmvdnwqsbxmyfvmcsmddoqhgrosrsadiitseeteigfxlpiazulxxcohqc"
};

fetch(url, {
    method: "GET",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (200, OK):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "type": "User",
            "item": {
                "id": 1,
                "mrn": "MRN",
                "name": "User name",
                "email": "user@domain.com",
                "language": "en",
                "phone": "",
                "phone_verified_at": null,
                "address1": "",
                "address2": "",
                "postal_code": "",
                "city": "",
                "clinic_name": "Test Company",
                "clinic_location": "Test Company Location",
                "image": null,
                "mfa_enabled": 0,
                "mfa_method": "email",
                "mfa_verified_to": null,
                "created_by": null,
                "active": 1,
                "notifications_timezone": "Europe/Warsaw",
                "notifications_at": "08:00:00",
                "created_at": "2024-09-01T15:00:00.000000Z",
                "updated_at": "2024-10-10T10:30:00.000000Z",
                "invitation_status": "accepted",
                "pivot": {
                    "assigned_user_id": 2,
                    "user_id": 1
                },
                "devices": [],
                "roles": [
                    {
                        "id": 5,
                        "name": "Amputee",
                        "guard_name": "web",
                        "created_at": "2024-01-01T12:00:00.000000Z",
                        "updated_at": "2024-01-01T12:00:00.000000Z",
                        "pivot": {
                            "model_id": 1,
                            "role_id": 5,
                            "model_type": "App\\Models\\User"
                        }
                    }
                ]
            }
        },
        {
            "type": "Device",
            "item": {
                "id": 1,
                "serial": "SERIAL-NUMBER",
                "bluetooth_id": "BLUETOOTH_ID",
                "model_id": 1,
                "amputee_id": 1,
                "firmware_version_id": 1,
                "pcb_version_id": 1,
                "active": 1,
                "last_activity_at": "2024-11-11 12:00:00",
                "created_at": "2024-08-30T15:00:00.000000Z",
                "updated_at": "2024-09-01T16:00:00.000000Z",
                "pivot": {
                    "user_id": 2,
                    "device_id": 1
                }
            }
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to search",
    "code": "SEARCH:SEARCH:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/search

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Query Parameters

query string optional

Search query. Example: Tom

Body Parameters

query string

MINIMUM:STRING_LENGTH:3. Example: jguzrhoswryoscsnbllgxquhxvvfgctedmvdnwqsbxmyfvmcsmddoqhgrosrsadiitseeteigfxlpiazulxxcohqc

Servicing

API endpoints for servicing

List of parts

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/servicing/parts" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/servicing/parts"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 1,
            "device_model": null,
            "name": "Visa",
            "created_at": "2026-06-02T13:55:29.000000Z",
            "updated_at": "2026-06-02T13:55:29.000000Z"
        },
        {
            "id": 2,
            "device_model": null,
            "name": "American Express",
            "created_at": "2026-06-02T13:55:29.000000Z",
            "updated_at": "2026-06-02T13:55:29.000000Z"
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to list service parts",
    "code": "SERVICING:LIST_PARTS:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/servicing/parts

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Query Parameters

perpage integer optional

Elements per page (Default: 20).

page integer optional

Page number (Default: 1).

Response

Response Fields

items object

id integer

Service part ID.

device_model integer

Associated device model ID.

name string

Part name.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

paginator object

total integer

Total number of items.

count integer

Number of items on current page.

perpage integer

Items per page.

current_page integer

Current page number.

last_page integer

Last page number.

Report service repair

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/servicing/repair" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: multipart/form-data" \
    --header "Accept: application/json" \
    --form "user_id=1"\
    --form "device_id=1"\
    --form "parts[][part_id]=1"\
    --form "parts[][reason]=Mechanical issue"\
    --form "files[]=@/tmp/phplQfzDp"

const url = new URL(
    "http://localhost:8000/api/servicing/repair"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "multipart/form-data",
    "Accept": "application/json",
};

const body = new FormData();
body.append('user_id', '1');
body.append('device_id', '1');
body.append('parts[][part_id]', '1');
body.append('parts[][reason]', 'Mechanical issue');
body.append('files[]', document.querySelector('input[name="files[]"]').files[0]);

fetch(url, {
    method: "POST",
    headers,
    body,
}).then(response => response.json());

Example response (201):


{
    "id": 1,
    "user_id": 136,
    "device_id": 115,
    "created_at": "2026-06-02T13:55:30.000000Z",
    "updated_at": "2026-06-02T13:55:30.000000Z",
    "parts": [
        {
            "id": 1,
            "repair_id": 1,
            "part_id": 3,
            "reason": "Quo et ipsum nobis culpa eaque et voluptates. Hic eum quo est aspernatur. Est tempore voluptatem sequi excepturi sed voluptate. Necessitatibus reprehenderit quod aut maxime est consequatur.",
            "created_at": "2026-06-02T13:55:30.000000Z",
            "updated_at": "2026-06-02T13:55:30.000000Z",
            "part": {
                "id": 3,
                "device_model": null,
                "name": "MasterCard",
                "created_at": "2026-06-02T13:55:30.000000Z",
                "updated_at": "2026-06-02T13:55:30.000000Z"
            }
        },
        {
            "id": 2,
            "repair_id": 1,
            "part_id": 4,
            "reason": "Tempore sed natus vero quas in. Ut consequatur totam officia ut laboriosam a. Aliquid odio et ea numquam soluta consequatur repellendus.",
            "created_at": "2026-06-02T13:55:31.000000Z",
            "updated_at": "2026-06-02T13:55:31.000000Z",
            "part": {
                "id": 4,
                "device_model": null,
                "name": "MasterCard",
                "created_at": "2026-06-02T13:55:31.000000Z",
                "updated_at": "2026-06-02T13:55:31.000000Z"
            }
        },
        {
            "id": 3,
            "repair_id": 1,
            "part_id": 5,
            "reason": "Beatae quod et quis quia repellat tempora. Suscipit maxime delectus explicabo quisquam. Dolorum nobis vel reiciendis consequatur odit quis voluptate.",
            "created_at": "2026-06-02T13:55:31.000000Z",
            "updated_at": "2026-06-02T13:55:31.000000Z",
            "part": {
                "id": 5,
                "device_model": null,
                "name": "Visa",
                "created_at": "2026-06-02T13:55:31.000000Z",
                "updated_at": "2026-06-02T13:55:31.000000Z"
            }
        }
    ],
    "attachments": [
        {
            "id": 1,
            "repair_id": 1,
            "file": "/tmp/faker3AT7wd",
            "created_at": "2026-06-02T13:55:31.000000Z",
            "updated_at": "2026-06-02T13:55:31.000000Z"
        },
        {
            "id": 2,
            "repair_id": 1,
            "file": "/tmp/fakerJmbIZA",
            "created_at": "2026-06-02T13:55:32.000000Z",
            "updated_at": "2026-06-02T13:55:32.000000Z"
        },
        {
            "id": 3,
            "repair_id": 1,
            "file": "/tmp/fakerQairvK",
            "created_at": "2026-06-02T13:55:32.000000Z",
            "updated_at": "2026-06-02T13:55:32.000000Z"
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to report service repair",
    "code": "SERVICING:REPORT_REPAIR:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/servicing/repair

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: multipart/form-data

Accept

Example: application/json

Body Parameters

user_id integer

User ID. Example: 1

device_id integer

Device ID. Example: 1

files file[] optional

Array of attachment files.

parts object[] optional

Array of replaced parts.

part_id integer optional

Service part ID. Example: 1

reason string optional

Reason of part replacement. Example: Mechanical issue

Response

Response Fields

id integer

Service repair ID.

user_id integer

Associated user ID.

device_id integer

Associated device ID.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

parts object[]

Service parts included in the repair.

attachments object[]

Repair attachments.

Settings

API endpoints for app settings

Get app version

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/settings/app-version" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/settings/app-version"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200, OK):


{
    "version": "1.6.0"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Get silent push timeout

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/settings/silent-push" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/settings/silent-push"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200, OK):


{
    "timeout": "15"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Get available languages

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/settings/languages" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/settings/languages"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200, OK):


{
    "languages": [
        "de",
        "en",
        "es",
        "it",
        "pl",
        "ru",
        "uk"
    ]
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Get mobile stores versions

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/mobile/versions" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/mobile/versions"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200, OK):


{
    "ios": "1.0",
    "android": "1.0"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Update app version

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/settings/app-version" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"version\": \"1.6.0\"
}"

const url = new URL(
    "http://localhost:8000/api/settings/app-version"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "version": "1.6.0"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (200, OK):


{
    "version": "1.6.0"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to update settings",
    "code": "SETTINGS:UPDATE_APP_VERSION:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Update silent push timeout

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/settings/silent-push" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"timeout\": 15
}"

const url = new URL(
    "http://localhost:8000/api/settings/silent-push"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "timeout": 15
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (200, OK):


{
    "timeout": "15"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to update settings",
    "code": "SETTINGS:UPDATE_SILENT_PUSH:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/settings/silent-push

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

timeout integer optional

Silent push timeout in minutes. Minimum value is 1 minute (15 for production environment), maximum is 60 minutes. MINIMUM:NUMBER:1 MAXIMUM:NUMBER:60. Example: 15

Update mobile stores versions

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/mobile/versions" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"ios\": \"1.1\",
    \"android\": \"1.1\"
}"

const url = new URL(
    "http://localhost:8000/api/mobile/versions"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "ios": "1.1",
    "android": "1.1"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (200, OK):


{
    "ios": "1.0",
    "android": "1.0"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to update settings",
    "code": "SETTINGS:UPDATE_MOBILE_STORES_VERSION:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/mobile/versions

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

ios string optional

Apple AppStore current version. Example: 1.1

android string optional

Google Play current version. Example: 1.1

Support Ticket

API endpoints for managing support tickets

Get tickets list

requires authentication

Possible extend options:

sender - the user who created ticket
recipient - the user who was ticket recipient
device - the device assigned to ticket
messages - message allocated to ticket
messages.attachments - list of attachments assigned to message and ticket
messages.sender - the user who wrote the message

Example request:

curl --request GET \
    --get "http://localhost:8000/api/tickets?status=new&sender=1&recipient=1&device=1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/tickets"
);

const params = {
    "status": "new",
    "sender": "1",
    "recipient": "1",
    "device": "1",
};
Object.keys(params)
    .forEach(key => url.searchParams.append(key, params[key]));

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 27,
            "sender_id": 145,
            "recipient_id": 146,
            "device_id": 122,
            "meeting_date": "2026-06-02 13:55:34",
            "meeting_type": "online_meeting",
            "contact_email": "antonietta01@gmail.com",
            "status": "new",
            "created_at": "2026-06-02T13:55:34.000000Z",
            "updated_at": "2026-06-02T13:55:34.000000Z",
            "sender": {
                "id": 145,
                "mrn": "KGXK7HQR1780408534",
                "name": "Mrs. Naomie Runolfsdottir",
                "email": "1780408534cornelius.bailey@example.net",
                "language": "en",
                "phone": "1-220-724-7047",
                "phone_country": "DZ",
                "phone_verified_at": null,
                "address1": "59285 Jermain Views",
                "address2": "Lake Everthaven, CT 58651-2026",
                "postal_code": "42165-8433",
                "city": "Fritsch-Mertz",
                "country": "US",
                "clinic_name": "Misaelview",
                "clinic_location": "412 Stehr Spurs Apt. 255\nPurdytown, MT 14021-0427",
                "image": null,
                "mfa_enabled": 0,
                "mfa_method": null,
                "mfa_verified_to": null,
                "location_id": null,
                "created_by": null,
                "active": 1,
                "notifications_timezone": null,
                "notifications_at": null,
                "created_at": "2026-06-02T13:55:34.000000Z",
                "updated_at": "2026-06-02T13:55:34.000000Z",
                "invitation_status": null,
                "acadle_invitation_status": null,
                "roles": []
            },
            "recipient": {
                "id": 146,
                "mrn": "Y2PCEP881780408534",
                "name": "Dr. Kenny Macejkovic IV",
                "email": "1780408534leannon.earl@example.com",
                "language": "en",
                "phone": "+17015586451",
                "phone_country": "MD",
                "phone_verified_at": null,
                "address1": "3621 Elvis Tunnel",
                "address2": "North Dereck, ME 52859",
                "postal_code": "42851",
                "city": "Schinner-Reichert",
                "country": "SK",
                "clinic_name": "Pasqualeton",
                "clinic_location": "9430 Helmer Forge Apt. 197\nWest Bartonton, TN 42727-4916",
                "image": null,
                "mfa_enabled": 0,
                "mfa_method": null,
                "mfa_verified_to": null,
                "location_id": null,
                "created_by": null,
                "active": 1,
                "notifications_timezone": null,
                "notifications_at": null,
                "created_at": "2026-06-02T13:55:34.000000Z",
                "updated_at": "2026-06-02T13:55:34.000000Z",
                "invitation_status": null,
                "acadle_invitation_status": null,
                "roles": []
            },
            "device": {
                "id": 122,
                "serial": "0c4daa5f-76bf-35ad-819d-2a862f27e5c7",
                "bluetooth_id": "af452cbc-b00d-33ea-af73-fbf99a8b8afb",
                "company_id": null,
                "model_id": null,
                "amputee_id": null,
                "clinician_id": null,
                "firmware_version_id": null,
                "pcb_version_id": null,
                "reverse_magnets": 0,
                "is_electrode": 0,
                "active": 1,
                "last_activity_at": "0000-00-00 00:00:00",
                "created_at": "2026-06-02T13:55:34.000000Z",
                "updated_at": "2026-06-02T13:55:34.000000Z"
            },
            "messages": [
                {
                    "id": 15,
                    "ticket_id": 27,
                    "sender_id": 147,
                    "title": "Prof.",
                    "content": "Consequatur et quia esse laudantium consequatur praesentium ullam.",
                    "is_read": false,
                    "created_at": "2026-06-02T13:55:35.000000Z",
                    "updated_at": "2026-06-02T13:55:35.000000Z"
                }
            ]
        },
        {
            "id": 35,
            "sender_id": 159,
            "recipient_id": 160,
            "device_id": 123,
            "meeting_date": "2026-06-02 13:55:40",
            "meeting_type": "online_meeting",
            "contact_email": "hubert.ratke@smitham.org",
            "status": "new",
            "created_at": "2026-06-02T13:55:40.000000Z",
            "updated_at": "2026-06-02T13:55:40.000000Z",
            "sender": {
                "id": 159,
                "mrn": "PB82C36W1780408539",
                "name": "Dagmar Wiza",
                "email": "1780408539odeckow@example.com",
                "language": "en",
                "phone": "+1-332-961-7568",
                "phone_country": "CF",
                "phone_verified_at": null,
                "address1": "1183 Okuneva Grove",
                "address2": "South Nicholauston, NY 31905",
                "postal_code": "25492",
                "city": "Runolfsson, Steuber and Hessel",
                "country": "FR",
                "clinic_name": "West Gwenberg",
                "clinic_location": "60321 Meda Lodge\nIsaiahfurt, ME 41823",
                "image": null,
                "mfa_enabled": 0,
                "mfa_method": null,
                "mfa_verified_to": null,
                "location_id": null,
                "created_by": null,
                "active": 1,
                "notifications_timezone": null,
                "notifications_at": null,
                "created_at": "2026-06-02T13:55:39.000000Z",
                "updated_at": "2026-06-02T13:55:39.000000Z",
                "invitation_status": null,
                "acadle_invitation_status": null,
                "roles": []
            },
            "recipient": {
                "id": 160,
                "mrn": "5F96A7VC1780408540",
                "name": "Prof. Raphaelle Jenkins IV",
                "email": "1780408540monahan.amina@example.org",
                "language": "en",
                "phone": "+1 (510) 487-7824",
                "phone_country": "GD",
                "phone_verified_at": null,
                "address1": "3928 Leonora Greens Apt. 299",
                "address2": "New Julesfort, NM 94653-0804",
                "postal_code": "30957-4975",
                "city": "Roob LLC",
                "country": "IT",
                "clinic_name": "New Lucas",
                "clinic_location": "4152 Hahn Mountain\nEast Marielafurt, OR 70382",
                "image": null,
                "mfa_enabled": 0,
                "mfa_method": null,
                "mfa_verified_to": null,
                "location_id": null,
                "created_by": null,
                "active": 1,
                "notifications_timezone": null,
                "notifications_at": null,
                "created_at": "2026-06-02T13:55:40.000000Z",
                "updated_at": "2026-06-02T13:55:40.000000Z",
                "invitation_status": null,
                "acadle_invitation_status": null,
                "roles": []
            },
            "device": {
                "id": 123,
                "serial": "8db8b8ba-8030-3fbc-9c49-85608bd5dc20",
                "bluetooth_id": "0f044ed6-7aa3-3b65-860f-fa1d082de4dd",
                "company_id": null,
                "model_id": null,
                "amputee_id": null,
                "clinician_id": null,
                "firmware_version_id": null,
                "pcb_version_id": null,
                "reverse_magnets": 0,
                "is_electrode": 0,
                "active": 1,
                "last_activity_at": "0000-00-00 00:00:00",
                "created_at": "2026-06-02T13:55:40.000000Z",
                "updated_at": "2026-06-02T13:55:40.000000Z"
            },
            "messages": [
                {
                    "id": 19,
                    "ticket_id": 35,
                    "sender_id": 161,
                    "title": "Prof.",
                    "content": "Veniam dolore nulla deserunt libero modi.",
                    "is_read": false,
                    "created_at": "2026-06-02T13:55:41.000000Z",
                    "updated_at": "2026-06-02T13:55:41.000000Z"
                }
            ]
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to list support tickets",
    "code": "TICKETS:LIST:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/tickets

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Query Parameters

status string optional

Filter tickets by status (available: new, in_progress, closed, reopened. Example: new

sender integer optional

Filter tickets by sender. Example: 1

recipient integer optional

Filter tickets by recipient. Example: 1

device string optional

Filter tickets by devices. Provide single ID (device=1), array of IDs (device[]=1&device[]=2) or comma-separated list of IDs (device=1,2). Pass value 0 to get tickets without device. Note: tickets without a device are also included when filtering by specific device IDs. Example: 1

perpage integer optional

Elements per page (Default: 20).

page integer optional

Page number (Default: 1).

extend string optional

Comma-separated list of relation extensions (available: sender, recipient, device, messages, messages.attachments).

sortby string optional

Sort by field (available: sender_name, recipient_name, date, last_message). Default: last_message, desc.

sortdir string optional

Sort direction (available: asc, desc).

Response

Response Fields

items object

id integer

Support ticket ID.

sender_id integer

ID of the user who created the ticket.

recipient_id integer

ID of the recipient user.

device_id integer

Associated device ID.

meeting_date string

Scheduled meeting date.

meeting_type string

Meeting type.

Must be one of:

online
in-person

contact_email string

Contact email address.

status string

Ticket status.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

sender object

User who created the ticket.

recipient object

Recipient user.

device object

Associated device.

messages object[]

Ticket messages.

paginator object

total integer

Total number of items.

count integer

Number of items on current page.

perpage integer

Items per page.

current_page integer

Current page number.

last_page integer

Last page number.

Get tickets status

requires authentication

Counts tickets by their status

Example request:

curl --request GET \
    --get "http://localhost:8000/api/tickets/status" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/tickets/status"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200, OK):


{
    "unread": 1
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to list support tickets",
    "code": "TICKETS:STATUS:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Get support ticket

requires authentication

Returns single support ticket in the response.

Example request:

curl --request GET \
    --get "http://localhost:8000/api/ticket/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/ticket/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "id": 43,
    "sender_id": 173,
    "recipient_id": 174,
    "device_id": 124,
    "meeting_date": "2026-06-02 13:55:46",
    "meeting_type": "online_meeting",
    "contact_email": "katheryn.mcdermott@wolff.com",
    "status": "new",
    "created_at": "2026-06-02T13:55:46.000000Z",
    "updated_at": "2026-06-02T13:55:46.000000Z",
    "sender": {
        "id": 173,
        "mrn": "2TWMQJMH1780408546",
        "name": "Cameron Haag",
        "email": "1780408546rossie.flatley@example.com",
        "language": "en",
        "phone": "+1.252.227.3252",
        "phone_country": "NL",
        "phone_verified_at": null,
        "address1": "524 Jenkins Squares Apt. 783",
        "address2": "Blickbury, NJ 63024-1829",
        "postal_code": "69934-1779",
        "city": "Emmerich PLC",
        "country": "LU",
        "clinic_name": "Port Forestshire",
        "clinic_location": "873 Williamson Garden\nAydenland, KS 66186-5117",
        "image": null,
        "mfa_enabled": 0,
        "mfa_method": null,
        "mfa_verified_to": null,
        "location_id": null,
        "created_by": null,
        "active": 1,
        "notifications_timezone": null,
        "notifications_at": null,
        "created_at": "2026-06-02T13:55:46.000000Z",
        "updated_at": "2026-06-02T13:55:46.000000Z",
        "invitation_status": null,
        "acadle_invitation_status": null,
        "roles": []
    },
    "recipient": {
        "id": 174,
        "mrn": "7MYPFUYF1780408546",
        "name": "Mr. Moriah Rolfson",
        "email": "1780408546carlo99@example.org",
        "language": "en",
        "phone": "+1.616.219.0437",
        "phone_country": "SD",
        "phone_verified_at": null,
        "address1": "513 Kshlerin Pass Apt. 469",
        "address2": "Annamaeshire, WV 12724-9300",
        "postal_code": "61017",
        "city": "Hoppe Group",
        "country": "IE",
        "clinic_name": "Shanahanbury",
        "clinic_location": "330 Margarette Branch Apt. 646\nQuigleyland, NH 03532",
        "image": null,
        "mfa_enabled": 0,
        "mfa_method": null,
        "mfa_verified_to": null,
        "location_id": null,
        "created_by": null,
        "active": 1,
        "notifications_timezone": null,
        "notifications_at": null,
        "created_at": "2026-06-02T13:55:46.000000Z",
        "updated_at": "2026-06-02T13:55:46.000000Z",
        "invitation_status": null,
        "acadle_invitation_status": null,
        "roles": []
    },
    "device": {
        "id": 124,
        "serial": "e10bb41c-9f59-34e9-95f4-48036a0f3e3a",
        "bluetooth_id": "d33fae1b-9966-34d4-a629-6c1413f64f09",
        "company_id": null,
        "model_id": null,
        "amputee_id": null,
        "clinician_id": null,
        "firmware_version_id": null,
        "pcb_version_id": null,
        "reverse_magnets": 0,
        "is_electrode": 0,
        "active": 1,
        "last_activity_at": "0000-00-00 00:00:00",
        "created_at": "2026-06-02T13:55:46.000000Z",
        "updated_at": "2026-06-02T13:55:46.000000Z"
    },
    "messages": [
        {
            "id": 23,
            "ticket_id": 43,
            "sender_id": 175,
            "title": "Dr.",
            "content": "Et veritatis fugit soluta placeat dolor laborum dolorum.",
            "is_read": false,
            "created_at": "2026-06-02T13:55:48.000000Z",
            "updated_at": "2026-06-02T13:55:48.000000Z"
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to view support ticket",
    "code": "TICKETS:GET:INSUFFICIENT_PERMISSION"
}

Example response (404, Support ticket not found):


{
    "message": "Support ticket not found",
    "code": "TICKETS:GET:TICKET_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/ticket/{id}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

id integer

Support ticket ID. Example: 1

Query Parameters

extend string optional

Comma-separated list of relation extensions (available: sender, recipient, device, messages, messages.attachments, messages.sender).

Response

Response Fields

id integer

Support ticket ID.

sender_id integer

ID of the user who created the ticket.

recipient_id integer

ID of the recipient user.

device_id integer

Associated device ID.

meeting_date string

Scheduled meeting date.

meeting_type string

Meeting type.

Must be one of:

online
in-person

contact_email string

Contact email address.

status string

Ticket status.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

sender object

User who created the ticket.

recipient object

Recipient user.

device object

Associated device.

messages object[]

Ticket messages.

Get support ticket history

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/ticket/1/history" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/ticket/1/history"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 1,
            "ticket_id": 51,
            "author_id": 188,
            "action": "sunt",
            "reason": "Error amet dolores eos optio et aut cumque.",
            "created_at": "2026-06-02T13:55:52.000000Z",
            "updated_at": "2026-06-02T13:55:52.000000Z"
        },
        {
            "id": 2,
            "ticket_id": 52,
            "author_id": 190,
            "action": "molestiae",
            "reason": "Et et quis assumenda eaque at laboriosam quos sed.",
            "created_at": "2026-06-02T13:55:53.000000Z",
            "updated_at": "2026-06-02T13:55:53.000000Z"
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to view support ticket",
    "code": "TICKETS:HISTORY:INSUFFICIENT_PERMISSION"
}

Example response (404, Support ticket not found):


{
    "message": "Support ticket not found",
    "code": "TICKETS:HISTORY:TICKET_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/ticket/{id}/history

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

id integer

Support ticket ID. Example: 1

Query Parameters

perpage integer optional

Elements per page (Default: 20).

page integer optional

Page number (Default: 1).

sortby string optional

Sort by field (available: date). Default: date, desc.

sortdir string optional

Sort direction (available: asc, desc).

Response

Response Fields

items object

id integer

History entry ID.

ticket_id integer

Associated support ticket ID.

author_id integer

ID of the user who made this change.

action string

Action performed.

reason string

Reason for the action.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

author object

User who made this change.

paginator object

total integer

Total number of items.

count integer

Number of items on current page.

perpage integer

Items per page.

current_page integer

Current page number.

last_page integer

Last page number.

Get support ticket available filters

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/tickets/available-filters" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/tickets/available-filters"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200, OK):


{
    "clinicians": [
        {
            "id": 95,
            "mrn": null,
            "name": "Name",
            "email": "email",
            "region": "us",
            "language": "pl",
            "phone": "+48-555555555",
            "phone_verified_at": null,
            "address1": "Address",
            "address2": "Address 2",
            "postal_code": "",
            "city": "",
            "clinic_name": "Name",
            "clinic_location": "Name",
            "image": "https://aether-dev-bucket.s3.amazonaws.com/users/LDueuv1uG218G7owaiLAaWRkpaGxjB0jEFwzZsT1.png",
            "mfa_enabled": 0,
            "mfa_method": "sms",
            "mfa_verified_to": null,
            "location_id": 2,
            "created_by": 1,
            "active": 1,
            "notifications_timezone": "America/Adak",
            "notifications_at": null,
            "created_at": "2022-07-19T14:43:37.000000Z",
            "updated_at": "2024-09-27T05:52:51.000000Z",
            "invitation_status": "expired",
            "roles": [
                {
                    "id": 2,
                    "name": "Clinician",
                    "guard_name": "web",
                    "created_at": "2022-03-21T17:15:47.000000Z",
                    "updated_at": "2022-03-21T17:15:47.000000Z",
                    "pivot": {
                        "model_id": 95,
                        "role_id": 2,
                        "model_type": "App\\Models\\User"
                    }
                }
            ]
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to create support ticket",
    "code": "TICKETS:AVAILABLE_FILTERS:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Create new support ticket

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/tickets" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: multipart/form-data" \
    --header "Accept: application/json" \
    --form "recipient=1"\
    --form "device=1"\
    --form "meeting_type=online_meeting"\
    --form "meeting_date=2026-06-02 13:55:53"\
    --form "contact_email=cmclaughlin@hermiston.net"\
    --form "message[content]=Ut distinctio molestiae voluptatum eum aliquid velit quibusdam."\
    --form "message[title]=Consequatur perferendis quis aut."\
    --form "message[attachments][]=@/tmp/phpXkQzbL"

const url = new URL(
    "http://localhost:8000/api/tickets"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "multipart/form-data",
    "Accept": "application/json",
};

const body = new FormData();
body.append('recipient', '1');
body.append('device', '1');
body.append('meeting_type', 'online_meeting');
body.append('meeting_date', '2026-06-02 13:55:53');
body.append('contact_email', 'cmclaughlin@hermiston.net');
body.append('message[content]', 'Ut distinctio molestiae voluptatum eum aliquid velit quibusdam.');
body.append('message[title]', 'Consequatur perferendis quis aut.');
body.append('message[attachments][]', document.querySelector('input[name="message[attachments][]"]').files[0]);

fetch(url, {
    method: "POST",
    headers,
    body,
}).then(response => response.json());

Example response (201):


{
    "id": 53,
    "sender_id": 191,
    "recipient_id": 192,
    "device_id": 125,
    "meeting_date": "2026-06-02 13:55:54",
    "meeting_type": "online_meeting",
    "contact_email": "tromp.jeramie@breitenberg.com",
    "status": "new",
    "created_at": "2026-06-02T13:55:54.000000Z",
    "updated_at": "2026-06-02T13:55:54.000000Z",
    "sender": {
        "id": 191,
        "mrn": "P8N5EQSJ1780408553",
        "name": "Stephany Terry DDS",
        "email": "1780408553rlowe@example.org",
        "language": "en",
        "phone": "1-352-687-1270",
        "phone_country": "SI",
        "phone_verified_at": null,
        "address1": "124 Funk Forks Suite 157",
        "address2": "New Jazlynmouth, VT 53352",
        "postal_code": "28658-4580",
        "city": "Cronin, Hammes and Monahan",
        "country": "LU",
        "clinic_name": "Chaimland",
        "clinic_location": "803 Rachael Field Suite 845\nErdmanfurt, WA 45715",
        "image": null,
        "mfa_enabled": 0,
        "mfa_method": null,
        "mfa_verified_to": null,
        "location_id": null,
        "created_by": null,
        "active": 1,
        "notifications_timezone": null,
        "notifications_at": null,
        "created_at": "2026-06-02T13:55:53.000000Z",
        "updated_at": "2026-06-02T13:55:53.000000Z",
        "invitation_status": null,
        "acadle_invitation_status": null,
        "roles": []
    },
    "recipient": {
        "id": 192,
        "mrn": "A3RZFVE21780408554",
        "name": "Cathy Graham",
        "email": "1780408554padberg.alexandre@example.net",
        "language": "en",
        "phone": "281-302-4888",
        "phone_country": "HU",
        "phone_verified_at": null,
        "address1": "9172 Rippin Curve",
        "address2": "West Romaville, CO 03928",
        "postal_code": "09807",
        "city": "Herzog Group",
        "country": "ES",
        "clinic_name": "Lake Annalise",
        "clinic_location": "126 Elnora Prairie\nSouth Jerome, PA 50005",
        "image": null,
        "mfa_enabled": 0,
        "mfa_method": null,
        "mfa_verified_to": null,
        "location_id": null,
        "created_by": null,
        "active": 1,
        "notifications_timezone": null,
        "notifications_at": null,
        "created_at": "2026-06-02T13:55:54.000000Z",
        "updated_at": "2026-06-02T13:55:54.000000Z",
        "invitation_status": null,
        "acadle_invitation_status": null,
        "roles": []
    },
    "device": {
        "id": 125,
        "serial": "c84622bf-8e60-3e5d-8466-0d4846eb8b25",
        "bluetooth_id": "2d6f9faa-5350-3fc3-8f5d-a90c02fe9748",
        "company_id": null,
        "model_id": null,
        "amputee_id": null,
        "clinician_id": null,
        "firmware_version_id": null,
        "pcb_version_id": null,
        "reverse_magnets": 0,
        "is_electrode": 0,
        "active": 1,
        "last_activity_at": "0000-00-00 00:00:00",
        "created_at": "2026-06-02T13:55:54.000000Z",
        "updated_at": "2026-06-02T13:55:54.000000Z"
    },
    "messages": [
        {
            "id": 27,
            "ticket_id": 53,
            "sender_id": 193,
            "title": "Prof.",
            "content": "Debitis est aut aperiam aspernatur qui porro.",
            "is_read": false,
            "created_at": "2026-06-02T13:55:55.000000Z",
            "updated_at": "2026-06-02T13:55:55.000000Z"
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to create support ticket",
    "code": "TICKETS:CREATE:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/tickets

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: multipart/form-data

Accept

Example: application/json

Body Parameters

recipient integer

User the support ticket is assigned to. For Amputee role main clinician will be automatically assigned instead. The id of an existing record in the App\Models\User table. Example: 1

device integer optional

Device the support ticket is assigned to. The id of an existing record in the App\Models\Device table. Example: 1

meeting_type string

Type of support meeting. Example: online_meeting

Must be one of:

online_meeting
phone_call
personally
none

meeting_date string

Date of support meeting. MUST_BE_DATE. Example: 2026-06-02 13:55:53

contact_email string optional

Email address for later contact. MUST_BE_EMAIL. Example: cmclaughlin@hermiston.net

message object optional

content string optional

Content of message. Example: Ut distinctio molestiae voluptatum eum aliquid velit quibusdam.

title string optional

Message title. Example: Consequatur perferendis quis aut.

attachments file[] optional

Must be a file.

Response

Response Fields

id integer

Support ticket ID.

sender_id integer

ID of the user who created the ticket.

recipient_id integer

ID of the recipient user.

device_id integer

Associated device ID.

meeting_date string

Scheduled meeting date.

meeting_type string

Meeting type.

Must be one of:

online
in-person

contact_email string

Contact email address.

status string

Ticket status.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

sender object

User who created the ticket.

recipient object

Recipient user.

device object

Associated device.

messages object[]

Ticket messages.

Close support ticket

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/ticket/1/close" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/ticket/1/close"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "POST",
    headers,
}).then(response => response.json());

Example response (202):


{
    "id": 61,
    "sender_id": 205,
    "recipient_id": 206,
    "device_id": 126,
    "meeting_date": "2026-06-02 13:56:00",
    "meeting_type": "online_meeting",
    "contact_email": "mcglynn.kiarra@hotmail.com",
    "status": "new",
    "created_at": "2026-06-02T13:56:00.000000Z",
    "updated_at": "2026-06-02T13:56:00.000000Z",
    "sender": {
        "id": 205,
        "mrn": "5U9TWGDK1780408559",
        "name": "Ellie Skiles",
        "email": "1780408559bins.fidel@example.org",
        "language": "en",
        "phone": "(360) 632-4336",
        "phone_country": "CW",
        "phone_verified_at": null,
        "address1": "38794 Nils Glen",
        "address2": "Franeckiport, GA 44753",
        "postal_code": "89578",
        "city": "Von, Dietrich and Lueilwitz",
        "country": "CY",
        "clinic_name": "Danielbury",
        "clinic_location": "8436 Erika Centers\nRaphaelchester, NM 03639",
        "image": null,
        "mfa_enabled": 0,
        "mfa_method": null,
        "mfa_verified_to": null,
        "location_id": null,
        "created_by": null,
        "active": 1,
        "notifications_timezone": null,
        "notifications_at": null,
        "created_at": "2026-06-02T13:55:59.000000Z",
        "updated_at": "2026-06-02T13:55:59.000000Z",
        "invitation_status": null,
        "acadle_invitation_status": null,
        "roles": []
    },
    "recipient": {
        "id": 206,
        "mrn": "T2SLUCXY1780408560",
        "name": "Mrs. Adela Gulgowski",
        "email": "1780408560jcronin@example.net",
        "language": "en",
        "phone": "(802) 471-6907",
        "phone_country": "BF",
        "phone_verified_at": null,
        "address1": "1022 Larson Common Suite 095",
        "address2": "New Delphiamouth, IL 68541",
        "postal_code": "99363-3105",
        "city": "Tremblay-Shanahan",
        "country": "AT",
        "clinic_name": "Cristchester",
        "clinic_location": "79868 Angel Dale Suite 359\nPearlineton, DC 03985-9646",
        "image": null,
        "mfa_enabled": 0,
        "mfa_method": null,
        "mfa_verified_to": null,
        "location_id": null,
        "created_by": null,
        "active": 1,
        "notifications_timezone": null,
        "notifications_at": null,
        "created_at": "2026-06-02T13:56:00.000000Z",
        "updated_at": "2026-06-02T13:56:00.000000Z",
        "invitation_status": null,
        "acadle_invitation_status": null,
        "roles": []
    },
    "device": {
        "id": 126,
        "serial": "a828de70-cd0b-3de6-b606-59c077b62058",
        "bluetooth_id": "94ac2ef3-79b2-3921-9af0-498e39fc7f2c",
        "company_id": null,
        "model_id": null,
        "amputee_id": null,
        "clinician_id": null,
        "firmware_version_id": null,
        "pcb_version_id": null,
        "reverse_magnets": 0,
        "is_electrode": 0,
        "active": 1,
        "last_activity_at": "0000-00-00 00:00:00",
        "created_at": "2026-06-02T13:56:00.000000Z",
        "updated_at": "2026-06-02T13:56:00.000000Z"
    },
    "messages": []
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to close support ticket",
    "code": "TICKETS:CLOSE:INSUFFICIENT_PERMISSION"
}

Example response (404, Support ticket not found):


{
    "message": "Support ticket not found",
    "code": "TICKETS:CLOSE:TICKET_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Response

Response Fields

id integer

Support ticket ID.

sender_id integer

ID of the user who created the ticket.

recipient_id integer

ID of the recipient user.

device_id integer

Associated device ID.

meeting_date string

Scheduled meeting date.

meeting_type string

Meeting type.

Must be one of:

online
in-person

contact_email string

Contact email address.

status string

Ticket status.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

sender object

User who created the ticket.

recipient object

Recipient user.

device object

Associated device.

messages object[]

Ticket messages.

Reopen support ticket

requires authentication

Patient (Amputee) role can reopen only non-config tickets. For config tickets patients will get "Insufficient permission" response. For patients role reason field is required.

Example request:

curl --request POST \
    "http://localhost:8000/api/ticket/1/reopen" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"reason\": \"Something is still not working\"
}"

const url = new URL(
    "http://localhost:8000/api/ticket/1/reopen"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "reason": "Something is still not working"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (202):


{
    "id": 3,
    "ticket_id": 62,
    "author_id": 208,
    "action": "est",
    "reason": "Animi eos labore nostrum magnam et.",
    "created_at": "2026-06-02T13:56:01.000000Z",
    "updated_at": "2026-06-02T13:56:01.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to reopen support ticket",
    "code": "TICKETS:REOPEN:INSUFFICIENT_PERMISSION"
}

Example response (404, Support ticket not found):


{
    "message": "Support ticket not found",
    "code": "TICKETS:REOPEN:TICKET_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/ticket/{id}/reopen

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

id integer

Support ticket ID. Example: 1

Body Parameters

reason string optional

Reason for reopen action. Example: Something is still not working

Response

Response Fields

id integer

History entry ID.

ticket_id integer

Associated support ticket ID.

author_id integer

ID of the user who made this change.

action string

Action performed.

reason string

Reason for the action.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

author object

User who made this change.

Create new support ticket message

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/ticket/1/messages" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: multipart/form-data" \
    --header "Accept: application/json" \
    --form "title=Debitis sed dolorem iste."\
    --form "content=Possimus sunt qui quod aut expedita praesentium et."\
    --form "attachments[]=@/tmp/phpqrNXT8"

const url = new URL(
    "http://localhost:8000/api/ticket/1/messages"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "multipart/form-data",
    "Accept": "application/json",
};

const body = new FormData();
body.append('title', 'Debitis sed dolorem iste.');
body.append('content', 'Possimus sunt qui quod aut expedita praesentium et.');
body.append('attachments[]', document.querySelector('input[name="attachments[]"]').files[0]);

fetch(url, {
    method: "POST",
    headers,
    body,
}).then(response => response.json());

Example response (201):


{
    "id": 63,
    "sender_id": 209,
    "recipient_id": 210,
    "device_id": 127,
    "meeting_date": "2026-06-02 13:56:02",
    "meeting_type": "online_meeting",
    "contact_email": "angela20@gmail.com",
    "status": "new",
    "created_at": "2026-06-02T13:56:02.000000Z",
    "updated_at": "2026-06-02T13:56:02.000000Z",
    "sender": {
        "id": 209,
        "mrn": "6WWZGKN21780408561",
        "name": "Mrs. Marguerite Moore DVM",
        "email": "1780408561rgutmann@example.net",
        "language": "en",
        "phone": "(231) 363-3776",
        "phone_country": "RE",
        "phone_verified_at": null,
        "address1": "88101 Murphy Ranch",
        "address2": "Port Kellen, AK 73775",
        "postal_code": "53414",
        "city": "Anderson, Botsford and Prosacco",
        "country": "LT",
        "clinic_name": "West Jovan",
        "clinic_location": "5930 Joanny Unions\nPort Litzy, IA 74574-1352",
        "image": null,
        "mfa_enabled": 0,
        "mfa_method": null,
        "mfa_verified_to": null,
        "location_id": null,
        "created_by": null,
        "active": 1,
        "notifications_timezone": null,
        "notifications_at": null,
        "created_at": "2026-06-02T13:56:01.000000Z",
        "updated_at": "2026-06-02T13:56:01.000000Z",
        "invitation_status": null,
        "acadle_invitation_status": null,
        "roles": []
    },
    "recipient": {
        "id": 210,
        "mrn": "NV27GKSQ1780408562",
        "name": "Brendan Zboncak PhD",
        "email": "1780408562mbrakus@example.com",
        "language": "en",
        "phone": "279.835.9220",
        "phone_country": "GP",
        "phone_verified_at": null,
        "address1": "8522 Borer Ferry Apt. 919",
        "address2": "Francescabury, IA 40416-9429",
        "postal_code": "43637",
        "city": "Stiedemann Group",
        "country": "IE",
        "clinic_name": "Gradyburgh",
        "clinic_location": "46084 Nels Causeway\nLake Brockborough, TN 33183",
        "image": null,
        "mfa_enabled": 0,
        "mfa_method": null,
        "mfa_verified_to": null,
        "location_id": null,
        "created_by": null,
        "active": 1,
        "notifications_timezone": null,
        "notifications_at": null,
        "created_at": "2026-06-02T13:56:02.000000Z",
        "updated_at": "2026-06-02T13:56:02.000000Z",
        "invitation_status": null,
        "acadle_invitation_status": null,
        "roles": []
    },
    "device": {
        "id": 127,
        "serial": "553a3391-1a4d-36de-90f7-c438b99eaed8",
        "bluetooth_id": "26e9a862-e5db-32cc-8011-d53c7231e4a4",
        "company_id": null,
        "model_id": null,
        "amputee_id": null,
        "clinician_id": null,
        "firmware_version_id": null,
        "pcb_version_id": null,
        "reverse_magnets": 0,
        "is_electrode": 0,
        "active": 1,
        "last_activity_at": "0000-00-00 00:00:00",
        "created_at": "2026-06-02T13:56:02.000000Z",
        "updated_at": "2026-06-02T13:56:02.000000Z"
    },
    "messages": [
        {
            "id": 31,
            "ticket_id": 63,
            "sender_id": 211,
            "title": "Dr.",
            "content": "Consectetur voluptatem necessitatibus et ut ad.",
            "is_read": false,
            "created_at": "2026-06-02T13:56:03.000000Z",
            "updated_at": "2026-06-02T13:56:03.000000Z"
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to create support ticket",
    "code": "TICKETS:CREATE_MESSAGE:INSUFFICIENT_PERMISSION"
}

Example response (404, Support ticket not found):


{
    "message": "Support ticket not found",
    "code": "TICKETS:CREATE_MESSAGE:TICKET_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/ticket/{id}/messages

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: multipart/form-data

Accept

Example: application/json

URL Parameters

id integer

Support ticket ID. Example: 1

Body Parameters

title string optional

Message title. Example: Debitis sed dolorem iste.

content string optional

Content of message. Example: Possimus sunt qui quod aut expedita praesentium et.

attachments file[] optional

Must be a file.

Response

Response Fields

id integer

Support ticket ID.

sender_id integer

ID of the user who created the ticket.

recipient_id integer

ID of the recipient user.

device_id integer

Associated device ID.

meeting_date string

Scheduled meeting date.

meeting_type string

Meeting type.

Must be one of:

online
in-person

contact_email string

Contact email address.

status string

Ticket status.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

sender object

User who created the ticket.

recipient object

Recipient user.

device object

Associated device.

messages object[]

Ticket messages.

Mark all messages as read

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/ticket/1/read" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/ticket/1/read"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "POST",
    headers,
}).then(response => response.json());

Example response (202):


{
    "id": 71,
    "sender_id": 223,
    "recipient_id": 224,
    "device_id": 128,
    "meeting_date": "2026-06-02 13:56:08",
    "meeting_type": "online_meeting",
    "contact_email": "herta.oreilly@corkery.com",
    "status": "new",
    "created_at": "2026-06-02T13:56:08.000000Z",
    "updated_at": "2026-06-02T13:56:08.000000Z",
    "sender": {
        "id": 223,
        "mrn": "ESGPHMQ71780408567",
        "name": "Casandra Quitzon",
        "email": "1780408567waters.brenna@example.net",
        "language": "en",
        "phone": "+1 (516) 672-9299",
        "phone_country": "MT",
        "phone_verified_at": null,
        "address1": "8136 Audra Fall",
        "address2": "Abshireborough, WY 09159",
        "postal_code": "09960-2068",
        "city": "Feest-Corkery",
        "country": "DE",
        "clinic_name": "Hartmannport",
        "clinic_location": "96237 Hamill Wall Apt. 246\nNorth Abby, MD 73746-6887",
        "image": null,
        "mfa_enabled": 0,
        "mfa_method": null,
        "mfa_verified_to": null,
        "location_id": null,
        "created_by": null,
        "active": 1,
        "notifications_timezone": null,
        "notifications_at": null,
        "created_at": "2026-06-02T13:56:07.000000Z",
        "updated_at": "2026-06-02T13:56:07.000000Z",
        "invitation_status": null,
        "acadle_invitation_status": null,
        "roles": []
    },
    "recipient": {
        "id": 224,
        "mrn": "UDZ366XC1780408568",
        "name": "Stephen McDermott",
        "email": "1780408568vickie.bergstrom@example.net",
        "language": "en",
        "phone": "301-629-9260",
        "phone_country": "IN",
        "phone_verified_at": null,
        "address1": "1197 Braxton Passage Apt. 487",
        "address2": "Port Calechester, MS 88499-8184",
        "postal_code": "65170-3806",
        "city": "Bins Ltd",
        "country": "AT",
        "clinic_name": "East Lyla",
        "clinic_location": "1408 Karelle Lights\nTurcottemouth, OK 81929-2396",
        "image": null,
        "mfa_enabled": 0,
        "mfa_method": null,
        "mfa_verified_to": null,
        "location_id": null,
        "created_by": null,
        "active": 1,
        "notifications_timezone": null,
        "notifications_at": null,
        "created_at": "2026-06-02T13:56:08.000000Z",
        "updated_at": "2026-06-02T13:56:08.000000Z",
        "invitation_status": null,
        "acadle_invitation_status": null,
        "roles": []
    },
    "device": {
        "id": 128,
        "serial": "ebf1012b-1a15-3d24-823f-1eb13ddc2ce6",
        "bluetooth_id": "a5b8b4c1-0ea7-311c-a6fe-c91d57121a52",
        "company_id": null,
        "model_id": null,
        "amputee_id": null,
        "clinician_id": null,
        "firmware_version_id": null,
        "pcb_version_id": null,
        "reverse_magnets": 0,
        "is_electrode": 0,
        "active": 1,
        "last_activity_at": "0000-00-00 00:00:00",
        "created_at": "2026-06-02T13:56:08.000000Z",
        "updated_at": "2026-06-02T13:56:08.000000Z"
    },
    "messages": [
        {
            "id": 35,
            "ticket_id": 71,
            "sender_id": 225,
            "title": "Prof.",
            "content": "Voluptas quis unde qui adipisci in nesciunt cupiditate.",
            "is_read": false,
            "created_at": "2026-06-02T13:56:09.000000Z",
            "updated_at": "2026-06-02T13:56:09.000000Z"
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to read message",
    "code": "TICKETS:READ_ALL:INSUFFICIENT_PERMISSION"
}

Example response (404, Support ticket not found):


{
    "message": "Support ticket not found",
    "code": "TICKETS:READ_ALL:TICKET_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Response

Response Fields

id integer

Support ticket ID.

sender_id integer

ID of the user who created the ticket.

recipient_id integer

ID of the recipient user.

device_id integer

Associated device ID.

meeting_date string

Scheduled meeting date.

meeting_type string

Meeting type.

Must be one of:

online
in-person

contact_email string

Contact email address.

status string

Ticket status.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

sender object

User who created the ticket.

recipient object

Recipient user.

device object

Associated device.

messages object[]

Ticket messages.

Mark single message as read

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/ticket/1/read/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/ticket/1/read/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "POST",
    headers,
}).then(response => response.json());

Example response (202):


{
    "id": 79,
    "sender_id": 237,
    "recipient_id": 238,
    "device_id": 129,
    "meeting_date": "2026-06-02 13:56:13",
    "meeting_type": "online_meeting",
    "contact_email": "kautzer.muriel@gmail.com",
    "status": "new",
    "created_at": "2026-06-02T13:56:14.000000Z",
    "updated_at": "2026-06-02T13:56:14.000000Z",
    "sender": {
        "id": 237,
        "mrn": "9ELDA25T1780408573",
        "name": "Houston Rowe",
        "email": "1780408573ondricka.katrina@example.org",
        "language": "en",
        "phone": "(412) 380-2659",
        "phone_country": "CV",
        "phone_verified_at": null,
        "address1": "253 Pat Shoals Suite 068",
        "address2": "Meggieville, UT 32337-8229",
        "postal_code": "47462",
        "city": "Steuber-Monahan",
        "country": "HR",
        "clinic_name": "Alethamouth",
        "clinic_location": "5629 Marks Springs\nPort Oscarside, WY 11963-9339",
        "image": null,
        "mfa_enabled": 0,
        "mfa_method": null,
        "mfa_verified_to": null,
        "location_id": null,
        "created_by": null,
        "active": 1,
        "notifications_timezone": null,
        "notifications_at": null,
        "created_at": "2026-06-02T13:56:13.000000Z",
        "updated_at": "2026-06-02T13:56:13.000000Z",
        "invitation_status": null,
        "acadle_invitation_status": null,
        "roles": []
    },
    "recipient": {
        "id": 238,
        "mrn": "3QTG4V2R1780408573",
        "name": "Vickie Haag",
        "email": "1780408573hirthe.cheyenne@example.com",
        "language": "en",
        "phone": "(541) 541-5577",
        "phone_country": "SB",
        "phone_verified_at": null,
        "address1": "70148 Alverta Street Suite 331",
        "address2": "Lake Cindyburgh, AZ 46953",
        "postal_code": "97651",
        "city": "Ortiz-Nader",
        "country": "FR",
        "clinic_name": "Emmiemouth",
        "clinic_location": "808 Ayana Trace Suite 754\nJulienville, MI 48277",
        "image": null,
        "mfa_enabled": 0,
        "mfa_method": null,
        "mfa_verified_to": null,
        "location_id": null,
        "created_by": null,
        "active": 1,
        "notifications_timezone": null,
        "notifications_at": null,
        "created_at": "2026-06-02T13:56:14.000000Z",
        "updated_at": "2026-06-02T13:56:14.000000Z",
        "invitation_status": null,
        "acadle_invitation_status": null,
        "roles": []
    },
    "device": {
        "id": 129,
        "serial": "f0d3d2d7-6e97-321e-b397-4023734e24ed",
        "bluetooth_id": "eee869b3-09d7-3188-87a0-bd589cd902ac",
        "company_id": null,
        "model_id": null,
        "amputee_id": null,
        "clinician_id": null,
        "firmware_version_id": null,
        "pcb_version_id": null,
        "reverse_magnets": 0,
        "is_electrode": 0,
        "active": 1,
        "last_activity_at": "0000-00-00 00:00:00",
        "created_at": "2026-06-02T13:56:14.000000Z",
        "updated_at": "2026-06-02T13:56:14.000000Z"
    },
    "messages": [
        {
            "id": 39,
            "ticket_id": 79,
            "sender_id": 239,
            "title": "Mr.",
            "content": "Ipsa consequatur libero similique eius id voluptatibus.",
            "is_read": false,
            "created_at": "2026-06-02T13:56:15.000000Z",
            "updated_at": "2026-06-02T13:56:15.000000Z"
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to read message",
    "code": "TICKETS:READ_MESSAGE:INSUFFICIENT_PERMISSION"
}

Example response (404, Message not found):


{
    "message": "Message not found",
    "code": "TICKETS:READ_MESSAGE:MESSAGE_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/ticket/{id}/read/{messageId}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

id integer

Support ticket ID (id from ticket list; do not confuse with messages.id). Example: 1

messageId integer

Message ID. Example: 1

Response

Response Fields

id integer

Support ticket ID.

sender_id integer

ID of the user who created the ticket.

recipient_id integer

ID of the recipient user.

device_id integer

Associated device ID.

meeting_date string

Scheduled meeting date.

meeting_type string

Meeting type.

Must be one of:

online
in-person

contact_email string

Contact email address.

status string

Ticket status.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

sender object

User who created the ticket.

recipient object

Recipient user.

device object

Associated device.

messages object[]

Ticket messages.

Tooltips

API endpoints for managing tooltips

List tooltips

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/tooltips" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/tooltips"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 1,
            "name": "Mavis Sawayn",
            "type": "video",
            "language": "nl",
            "file": "0",
            "created_by": 301,
            "created_at": "2026-06-02T13:56:46.000000Z",
            "updated_at": "2026-06-02T13:56:46.000000Z",
            "deleted_at": null
        },
        {
            "id": 2,
            "name": "Dr. Terrill Braun DVM",
            "type": "image",
            "language": "az",
            "file": "0",
            "created_by": 302,
            "created_at": "2026-06-02T13:56:46.000000Z",
            "updated_at": "2026-06-02T13:56:46.000000Z",
            "deleted_at": null
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to list tooltips",
    "code": "TOOLTIPS:LIST:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/tooltips

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Query Parameters

perpage integer optional

Elements per page (Default: 20).

page integer optional

Page number (Default: 1).

Response

Response Fields

items object

id integer

Tooltip ID.

name string

Tooltip identifier name.

type string

Media type.

Must be one of:

image
video

language string

Language code (ISO 639-1).

file string

File path or URL.

created_by integer

ID of the user who created the tooltip.

deleted_at string

Soft delete timestamp.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

paginator object

total integer

Total number of items.

count integer

Number of items on current page.

perpage integer

Items per page.

current_page integer

Current page number.

last_page integer

Last page number.

List archived tooltips

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/tooltips/archive" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/tooltips/archive"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 3,
            "name": "Micaela Hintz I",
            "type": "image",
            "language": "et",
            "file": "0",
            "created_by": 303,
            "created_at": "2026-06-02T13:56:47.000000Z",
            "updated_at": "2026-06-02T13:56:47.000000Z",
            "deleted_at": null
        },
        {
            "id": 4,
            "name": "Anabel Bartoletti",
            "type": "video",
            "language": "qu",
            "file": "0",
            "created_by": 304,
            "created_at": "2026-06-02T13:56:47.000000Z",
            "updated_at": "2026-06-02T13:56:47.000000Z",
            "deleted_at": null
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage tooltips",
    "code": "TOOLTIPS:LIST_ARCHIVE:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/tooltips/archive

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Query Parameters

perpage integer optional

Elements per page (Default: 20).

page integer optional

Page number (Default: 1).

Response

Response Fields

items object

id integer

Tooltip ID.

name string

Tooltip identifier name.

type string

Media type.

Must be one of:

image
video

language string

Language code (ISO 639-1).

file string

File path or URL.

created_by integer

ID of the user who created the tooltip.

deleted_at string

Soft delete timestamp.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

paginator object

total integer

Total number of items.

count integer

Number of items on current page.

perpage integer

Items per page.

current_page integer

Current page number.

last_page integer

Last page number.

Create new tooltip

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/tooltips" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: multipart/form-data" \
    --header "Accept: application/json" \
    --form "name=Fletcher Island"\
    --form "type=video"\
    --form "language=ta"\
    --form "file=@/tmp/phpX6wILE"

const url = new URL(
    "http://localhost:8000/api/tooltips"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "multipart/form-data",
    "Accept": "application/json",
};

const body = new FormData();
body.append('name', 'Fletcher Island');
body.append('type', 'video');
body.append('language', 'ta');
body.append('file', document.querySelector('input[name="file"]').files[0]);

fetch(url, {
    method: "POST",
    headers,
    body,
}).then(response => response.json());

Example response (201):


{
    "id": 5,
    "name": "Prof. Candelario Gerlach DDS",
    "type": "video",
    "language": "gu",
    "file": "0",
    "created_by": 305,
    "created_at": "2026-06-02T13:56:48.000000Z",
    "updated_at": "2026-06-02T13:56:48.000000Z",
    "deleted_at": null
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage tooltips",
    "code": "TOOLTIPS:CREATE:INSUFFICIENT_PERMISSION"
}

Example response (500, Server error):


{
    "message": "Server error: tooltip not created",
    "code": "TOOLTIPS:CREATE:SERVER_ERROR"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/tooltips

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: multipart/form-data

Accept

Example: application/json

Body Parameters

name string

Tooltip name. Example: Fletcher Island

type string

Tooltip content type. Example: video

Must be one of:

image
video

language string

Tooltip content language. Example: ta

file file

Tooltip content file. Must have one of the following MIME types: webp, png, jpg, jpeg, mp4. Must be a file. MAXIMUM:FILE_KB:102400. Example: /tmp/phpX6wILE

Response

Response Fields

id integer

Tooltip ID.

name string

Tooltip identifier name.

type string

Media type.

Must be one of:

image
video

language string

Language code (ISO 639-1).

file string

File path or URL.

created_by integer

ID of the user who created the tooltip.

deleted_at string

Soft delete timestamp.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Archive tooltip

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/tooltips/1/archive" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/tooltips/1/archive"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "POST",
    headers,
}).then(response => response.json());

Example response (202, OK):


{
    "message": "Tooltip archived",
    "code": "TOOLTIPS:ARCHIVE:ARCHIVED"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage tooltips",
    "code": "TOOLTIPS:ARCHIVE:INSUFFICIENT_PERMISSION"
}

Example response (404, Tooltip not found):


{
    "message": "Tooltip not found",
    "code": "TOOLTIPS:ARCHIVE:TOOLTIP_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Restore archived tooltip

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/tooltips/1/restore" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/tooltips/1/restore"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "POST",
    headers,
}).then(response => response.json());

Example response (202, OK):


{
    "message": "Tooltip restored",
    "code": "TOOLTIPS:RESTORE:RESTORED"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage tooltips",
    "code": "TOOLTIPS:RESTORE:INSUFFICIENT_PERMISSION"
}

Example response (404, Tooltip not found):


{
    "message": "Tooltip not found",
    "code": "TOOLTIPS:RESTORE:TOOLTIP_NOT_FOUND"
}

Example response (404, Tooltip is not archived):


{
    "message": "Tooltip is not archived",
    "code": "TOOLTIPS:RESTORE:TOOLTIP_NOT_ARCHIVED"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Trainings

API endpoints for trainings

Get user trainings

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/trainings" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/trainings"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


[
    {
        "id": 1,
        "user_id": 309,
        "training_id": 2,
        "notifications_enabled": 1,
        "created_at": "2026-06-02T13:56:50.000000Z",
        "updated_at": "2026-06-02T13:56:50.000000Z",
        "training": {
            "id": 2,
            "name": "autem quia",
            "created_at": "2026-06-02T13:56:50.000000Z",
            "updated_at": "2026-06-02T13:56:50.000000Z"
        }
    },
    {
        "id": 2,
        "user_id": 310,
        "training_id": 4,
        "notifications_enabled": 1,
        "created_at": "2026-06-02T13:56:50.000000Z",
        "updated_at": "2026-06-02T13:56:50.000000Z",
        "training": {
            "id": 4,
            "name": "a sunt",
            "created_at": "2026-06-02T13:56:50.000000Z",
            "updated_at": "2026-06-02T13:56:50.000000Z"
        }
    }
]

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage user trainings",
    "code": "TRAININGS:LIST:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Response

Response Fields

id integer

User training ID.

user_id integer

Associated user ID.

training_id integer

Associated training ID.

notifications_enabled boolean

Whether notifications are enabled for this training.

streak integer

Current training streak (days).

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

training object

Training details.

Get trainings for specific user (clinician access)

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/trainings/user/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/trainings/user/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


[
    {
        "id": 3,
        "user_id": 311,
        "training_id": 6,
        "notifications_enabled": 1,
        "created_at": "2026-06-02T13:56:51.000000Z",
        "updated_at": "2026-06-02T13:56:51.000000Z",
        "training": {
            "id": 6,
            "name": "et vel",
            "created_at": "2026-06-02T13:56:51.000000Z",
            "updated_at": "2026-06-02T13:56:51.000000Z"
        }
    },
    {
        "id": 4,
        "user_id": 312,
        "training_id": 8,
        "notifications_enabled": 1,
        "created_at": "2026-06-02T13:56:51.000000Z",
        "updated_at": "2026-06-02T13:56:51.000000Z",
        "training": {
            "id": 8,
            "name": "est vero",
            "created_at": "2026-06-02T13:56:51.000000Z",
            "updated_at": "2026-06-02T13:56:51.000000Z"
        }
    }
]

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to access patient training",
    "code": "TRAININGS:LIST:INSUFFICIENT_PERMISSION"
}

Example response (404, User not found):


{
    "message": "User not found",
    "code": "TRAININGS:LIST:USER_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Response

Response Fields

id integer

User training ID.

user_id integer

Associated user ID.

training_id integer

Associated training ID.

notifications_enabled boolean

Whether notifications are enabled for this training.

streak integer

Current training streak (days).

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

training object

Training details.

Get user badges

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/trainings/1/user-badges" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/trainings/1/user-badges"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


[
    {
        "id": 1,
        "user_id": 313,
        "badge_id": 1,
        "created_at": "2026-06-02T13:56:52.000000Z",
        "updated_at": "2026-06-02T13:56:52.000000Z"
    },
    {
        "id": 2,
        "user_id": 314,
        "badge_id": 2,
        "created_at": "2026-06-02T13:56:52.000000Z",
        "updated_at": "2026-06-02T13:56:52.000000Z"
    }
]

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage user trainings",
    "code": "TRAININGS:BADGES:INSUFFICIENT_PERMISSION"
}

Example response (403, User has no training started):


{
    "message": "User has no training started",
    "code": "TRAININGS:BADGES:NO_USER_TRAINING"
}

Example response (404, Training not found):


{
    "message": "Training not found",
    "code": "TRAININGS:BADGES:TRAINING_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Response

Response Fields

id integer

User badge record ID.

user_id integer

Associated user ID.

badge_id integer

Associated badge ID.

created_at string

Awarded timestamp.

updated_at string

Last update timestamp.

Start user training

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/trainings/start/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/trainings/start/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "POST",
    headers,
}).then(response => response.json());

Example response (201):


{
    "id": 5,
    "user_id": 315,
    "training_id": 9,
    "notifications_enabled": 1,
    "created_at": "2026-06-02T13:56:53.000000Z",
    "updated_at": "2026-06-02T13:56:53.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage user trainings",
    "code": "TRAININGS:START:INSUFFICIENT_PERMISSION"
}

Example response (403, User training already started):


{
    "message": "Cannot start: training already started",
    "code": "TRAININGS:START:ALREADY_STARTED"
}

Example response (404, Training not found):


{
    "message": "Training not found",
    "code": "TRAININGS:START:TRAINING_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Response

Response Fields

id integer

User training ID.

user_id integer

Associated user ID.

training_id integer

Associated training ID.

notifications_enabled boolean

Whether notifications are enabled for this training.

streak integer

Current training streak (days).

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

training object

Training details.

Update training

requires authentication

Example request:

curl --request PUT \
    "http://localhost:8000/api/trainings/update/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"notifications_enabled\": false
}"

const url = new URL(
    "http://localhost:8000/api/trainings/update/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "notifications_enabled": false
};

fetch(url, {
    method: "PUT",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (200):


{
    "id": 6,
    "user_id": 316,
    "training_id": 10,
    "notifications_enabled": 1,
    "created_at": "2026-06-02T13:56:53.000000Z",
    "updated_at": "2026-06-02T13:56:53.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage user trainings",
    "code": "TRAININGS:UPDATE:INSUFFICIENT_PERMISSION"
}

Example response (403, User has no training started):


{
    "message": "User has no training started",
    "code": "TRAININGS:UPDATE:NO_USER_TRAINING"
}

Example response (404, Training not found):


{
    "message": "Training not found",
    "code": "TRAININGS:UPDATE:TRAINING_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

PUT api/trainings/update/{trainingId}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

trainingId integer

Training ID. Example: 1

Body Parameters

notifications_enabled boolean optional true false

Notifications (reminders) status. Example: false

Response

Response Fields

id integer

User training ID.

user_id integer

Associated user ID.

training_id integer

Associated training ID.

notifications_enabled boolean

Whether notifications are enabled for this training.

streak integer

Current training streak (days).

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

training object

Training details.

Get training progress

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/trainings/progress/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/trainings/progress/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "id": 7,
    "user_id": 317,
    "training_id": 11,
    "notifications_enabled": 1,
    "created_at": "2026-06-02T13:56:53.000000Z",
    "updated_at": "2026-06-02T13:56:53.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage user trainings",
    "code": "TRAININGS:PROGRESS:INSUFFICIENT_PERMISSION"
}

Example response (403, User has no training started):


{
    "message": "User has no training started",
    "code": "TRAININGS:PROGRESS:NO_USER_TRAINING"
}

Example response (404, Training not found):


{
    "message": "Training not found",
    "code": "TRAININGS:PROGRESS:TRAINING_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Response

Response Fields

id integer

User training ID.

user_id integer

Associated user ID.

training_id integer

Associated training ID.

notifications_enabled boolean

Whether notifications are enabled for this training.

streak integer

Current training streak (days).

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

training object

Training details.

Mark training task done

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/trainings/1/day/2/task/3" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/trainings/1/day/2/task/3"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "POST",
    headers,
}).then(response => response.json());

Example response (200):


{
    "id": 8,
    "user_id": 318,
    "training_id": 12,
    "notifications_enabled": 1,
    "created_at": "2026-06-02T13:56:54.000000Z",
    "updated_at": "2026-06-02T13:56:54.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage user trainings",
    "code": "TRAININGS:MARK_DONE:INSUFFICIENT_PERMISSION"
}

Example response (403, User has no training started):


{
    "message": "User has no training started",
    "code": "TRAININGS:MARK_DONE:NO_USER_TRAINING"
}

Example response (404, Training not found):


{
    "message": "Training not found",
    "code": "TRAININGS:MARK_DONE:TRAINING_NOT_FOUND"
}

Example response (404, Training day not found):


{
    "message": "Training day not found",
    "code": "TRAININGS:MARK_DONE:TRAINING_DAY_NOT_FOUND"
}

Example response (404, Training task not found):


{
    "message": "Training task not found",
    "code": "TRAININGS:MARK_DONE:TRAINING_TASK_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/trainings/{trainingId}/day/{trainingDayId}/task/{trainingTaskId}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

trainingId integer

Training ID. Example: 1

trainingDayId integer

Training Day ID. Example: 2

trainingTaskId integer

Training Task ID. Example: 3

Response

Response Fields

id integer

User training ID.

user_id integer

Associated user ID.

training_id integer

Associated training ID.

notifications_enabled boolean

Whether notifications are enabled for this training.

streak integer

Current training streak (days).

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

training object

Training details.

Save training exercises attempts

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/trainings/1/day/2/task/3/attempts" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: multipart/form-data" \
    --header "Accept: application/json" \
    --form "exercises[][date_start]=1990-03-01 07:19:23"\
    --form "exercises[][date_end]=2007-06-29 14:25:27"\
    --form "exercises[][end_reason]=success"\
    --form "exercises[][config][common][fingerStrength][]=1"\
    --form "exercises[][config][common][gripPositions][_]=0"\
    --form "exercises[][config][common][gripPositions][0][initial][]=26"\
    --form "exercises[][config][common][gripPositions][0][limit][]=84"\
    --form "exercises[][config][common][gripPositions][1][initial][]=30"\
    --form "exercises[][config][common][gripPositions][1][limit][]=46"\
    --form "exercises[][config][common][gripPositions][2][initial][]=75"\
    --form "exercises[][config][common][gripPositions][2][limit][]=78"\
    --form "exercises[][config][common][gripPositions][3][initial][]=17"\
    --form "exercises[][config][common][gripPositions][3][limit][]=82"\
    --form "exercises[][config][common][gripPositions][4][initial][]=13"\
    --form "exercises[][config][common][gripPositions][4][limit][]=15"\
    --form "exercises[][config][common][gripPositions][5][initial][]=3"\
    --form "exercises[][config][common][gripPositions][5][limit][]=14"\
    --form "exercises[][config][common][gripPositions][6][initial][]=56"\
    --form "exercises[][config][common][gripPositions][6][limit][]=66"\
    --form "exercises[][config][common][gripPositions][7][initial][]=35"\
    --form "exercises[][config][common][gripPositions][7][limit][]=60"\
    --form "exercises[][config][common][gripPositions][8][initial][]=18"\
    --form "exercises[][config][common][gripPositions][8][limit][]=85"\
    --form "exercises[][config][common][gripPositions][9][initial][]=14"\
    --form "exercises[][config][common][gripPositions][9][limit][]=83"\
    --form "exercises[][config][common][gripPositions][10][initial][]=24"\
    --form "exercises[][config][common][gripPositions][10][limit][]=66"\
    --form "exercises[][config][common][gripPositions][11][initial][]=38"\
    --form "exercises[][config][common][gripPositions][11][limit][]=81"\
    --form "exercises[][config][common][gripPositions][12][initial][]=5"\
    --form "exercises[][config][common][gripPositions][12][limit][]=39"\
    --form "exercises[][config][common][gripPositions][13][initial][]=11"\
    --form "exercises[][config][common][gripPositions][13][limit][]=29"\
    --form "exercises[][config][common][inputSite][]=0"\
    --form "exercises[][config][modes][][id]=83"\
    --form "exercises[][config][modes][][name]=Sint temporibus laboriosam voluptatem iste occaecati est."\
    --form "exercises[][config][modes][][slot]=0"\
    --form "exercises[][config][modes][][config][autoGrasp][]=0"\
    --form "exercises[][config][modes][][config][coContractionTimings][]=500"\
    --form "exercises[][config][modes][][config][controlMode][]=0"\
    --form "exercises[][config][modes][][config][emgGains][]=100"\
    --form "exercises[][config][modes][][config][emgSpike][]=0"\
    --form "exercises[][config][modes][][config][emgThresholds][]=90"\
    --form "exercises[][config][modes][][config][gripPairsConfig][]=8"\
    --form "exercises[][config][modes][][config][gripSequentialConfig][]=2"\
    --form "exercises[][config][modes][][config][gripSwitchingMode][]=1"\
    --form "exercises[][config][modes][][config][holdOpen][]=2000"\
    --form "exercises[][config][modes][][config][pulseTimings][]=470"\
    --form "exercises[][config][modes][][config][softGrip][]=1"\
    --form "exercises[][config][modes][][config][speedControlStrategy][]=1"\
    --form "exercises[][firmware_id]=136"\
    --form "exercises[][app_version]=2.72.48"\
    --form "exercises[][attempts][][date_start]=1990-01-04 22:09:07"\
    --form "exercises[][attempts][][date_end]=1990-11-05 14:01:06"\
    --form "exercises[][attempts][][result]=success"\
    --form "exercises[][emg_file]=@/tmp/phpIwp89o"

const url = new URL(
    "http://localhost:8000/api/trainings/1/day/2/task/3/attempts"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "multipart/form-data",
    "Accept": "application/json",
};

const body = new FormData();
body.append('exercises[][date_start]', '1990-03-01 07:19:23');
body.append('exercises[][date_end]', '2007-06-29 14:25:27');
body.append('exercises[][end_reason]', 'success');
body.append('exercises[][config][common][fingerStrength][]', '1');
body.append('exercises[][config][common][gripPositions][_]', '0');
body.append('exercises[][config][common][gripPositions][0][initial][]', '26');
body.append('exercises[][config][common][gripPositions][0][limit][]', '84');
body.append('exercises[][config][common][gripPositions][1][initial][]', '30');
body.append('exercises[][config][common][gripPositions][1][limit][]', '46');
body.append('exercises[][config][common][gripPositions][2][initial][]', '75');
body.append('exercises[][config][common][gripPositions][2][limit][]', '78');
body.append('exercises[][config][common][gripPositions][3][initial][]', '17');
body.append('exercises[][config][common][gripPositions][3][limit][]', '82');
body.append('exercises[][config][common][gripPositions][4][initial][]', '13');
body.append('exercises[][config][common][gripPositions][4][limit][]', '15');
body.append('exercises[][config][common][gripPositions][5][initial][]', '3');
body.append('exercises[][config][common][gripPositions][5][limit][]', '14');
body.append('exercises[][config][common][gripPositions][6][initial][]', '56');
body.append('exercises[][config][common][gripPositions][6][limit][]', '66');
body.append('exercises[][config][common][gripPositions][7][initial][]', '35');
body.append('exercises[][config][common][gripPositions][7][limit][]', '60');
body.append('exercises[][config][common][gripPositions][8][initial][]', '18');
body.append('exercises[][config][common][gripPositions][8][limit][]', '85');
body.append('exercises[][config][common][gripPositions][9][initial][]', '14');
body.append('exercises[][config][common][gripPositions][9][limit][]', '83');
body.append('exercises[][config][common][gripPositions][10][initial][]', '24');
body.append('exercises[][config][common][gripPositions][10][limit][]', '66');
body.append('exercises[][config][common][gripPositions][11][initial][]', '38');
body.append('exercises[][config][common][gripPositions][11][limit][]', '81');
body.append('exercises[][config][common][gripPositions][12][initial][]', '5');
body.append('exercises[][config][common][gripPositions][12][limit][]', '39');
body.append('exercises[][config][common][gripPositions][13][initial][]', '11');
body.append('exercises[][config][common][gripPositions][13][limit][]', '29');
body.append('exercises[][config][common][inputSite][]', '0');
body.append('exercises[][config][modes][][id]', '83');
body.append('exercises[][config][modes][][name]', 'Sint temporibus laboriosam voluptatem iste occaecati est.');
body.append('exercises[][config][modes][][slot]', '0');
body.append('exercises[][config][modes][][config][autoGrasp][]', '0');
body.append('exercises[][config][modes][][config][coContractionTimings][]', '500');
body.append('exercises[][config][modes][][config][controlMode][]', '0');
body.append('exercises[][config][modes][][config][emgGains][]', '100');
body.append('exercises[][config][modes][][config][emgSpike][]', '0');
body.append('exercises[][config][modes][][config][emgThresholds][]', '90');
body.append('exercises[][config][modes][][config][gripPairsConfig][]', '8');
body.append('exercises[][config][modes][][config][gripSequentialConfig][]', '2');
body.append('exercises[][config][modes][][config][gripSwitchingMode][]', '1');
body.append('exercises[][config][modes][][config][holdOpen][]', '2000');
body.append('exercises[][config][modes][][config][pulseTimings][]', '470');
body.append('exercises[][config][modes][][config][softGrip][]', '1');
body.append('exercises[][config][modes][][config][speedControlStrategy][]', '1');
body.append('exercises[][firmware_id]', '136');
body.append('exercises[][app_version]', '2.72.48');
body.append('exercises[][attempts][][date_start]', '1990-01-04 22:09:07');
body.append('exercises[][attempts][][date_end]', '1990-11-05 14:01:06');
body.append('exercises[][attempts][][result]', 'success');
body.append('exercises[][emg_file]', document.querySelector('input[name="exercises[][emg_file]"]').files[0]);

fetch(url, {
    method: "POST",
    headers,
    body,
}).then(response => response.json());

Example response (200):


[
    {
        "id": 1,
        "user_id": 319,
        "training_task_id": 1,
        "date_start": "2019-11-06 18:50:33",
        "date_end": "1995-08-10 06:15:04",
        "end_reason": "back",
        "config": "{\"common\":{\"fingerStrength\":[1,400],\"gripPositions\":{\"_\":0,\"0\":{\"initial\":[85,12,46,17,4],\"limit\":[86,18,68,24,93]},\"1\":{\"initial\":[6,4,33,68,66],\"limit\":[28,13,74,86,88]},\"2\":{\"initial\":[22,9,62,56,54],\"limit\":[85,62,95,74,84]},\"3\":{\"initial\":[36,5,2,38,63],\"limit\":[44,73,34,50,89]},\"4\":{\"initial\":[2,19,48,51,23],\"limit\":[8,85,56,76,47]},\"5\":{\"initial\":[8,67,71,22,6],\"limit\":[95,90,78,89,68]},\"6\":{\"initial\":[67,64,43,9,6],\"limit\":[74,73,59,53,49]},\"7\":{\"initial\":[41,29,10,30,28],\"limit\":[76,34,54,51,64]},\"8\":{\"initial\":[33,6,24,16,68],\"limit\":[83,89,88,22,95]},\"9\":{\"initial\":[26,13,20,14,55],\"limit\":[81,30,36,75,68]},\"10\":{\"initial\":[41,40,12,12,60],\"limit\":[63,63,51,81,91]},\"11\":{\"initial\":[5,33,55,45,30],\"limit\":[65,44,82,94,40]},\"12\":{\"initial\":[9,40,70,61,62],\"limit\":[29,65,77,93,74]},\"13\":{\"initial\":[68,61,24,34,77],\"limit\":[87,70,95,94,78]}},\"inputSite\":[1]},\"modes\":[{\"id\":86,\"name\":\"Labore aut sit et consequatur id.\",\"slot\":0,\"config\":{\"autoGrasp\":[0,100],\"coContractionTimings\":[300,200],\"controlMode\":[0],\"emgGains\":[100,100],\"emgSpike\":[1,300],\"emgThresholds\":[20,10,0,20,90,20,10,0,80,70],\"gripPairsConfig\":[4,9,5,10,2,13,11,8],\"gripSequentialConfig\":[1,4,8,255,7,255,255,255,2,10,3,13],\"gripSwitchingMode\":[1],\"holdOpen\":[1500,2500],\"pulseTimings\":[690,830,790,860],\"softGrip\":[1],\"speedControlStrategy\":[0]}},{\"id\":87,\"name\":\"Dolor eius dicta culpa veritatis blanditiis in magni.\",\"slot\":1,\"config\":{\"autoGrasp\":[1,100],\"coContractionTimings\":[200,200],\"controlMode\":[0],\"emgGains\":[100,100],\"emgSpike\":[0,300],\"emgThresholds\":[60,0,10,40,0,10,30,90,80,0],\"gripPairsConfig\":[3,13,5,4,2,11,9,6],\"gripSequentialConfig\":[255,5,6,11,9,255,7,10,13,2,255,12],\"gripSwitchingMode\":[1],\"holdOpen\":[1500,2500],\"pulseTimings\":[960,960,10,970],\"softGrip\":[1],\"speedControlStrategy\":[0]}},{\"id\":88,\"name\":\"Quam nulla expedita magni et dolore iste ipsam fuga.\",\"slot\":2,\"config\":{\"autoGrasp\":[1,100],\"coContractionTimings\":[300,100],\"controlMode\":[1],\"emgGains\":[100,100],\"emgSpike\":[1,300],\"emgThresholds\":[80,20,60,100,70,60,0,80,60,40],\"gripPairsConfig\":[1,9,6,8,13,5,4,10],\"gripSequentialConfig\":[255,255,13,255,11,8,1,255,255,4,10,255],\"gripSwitchingMode\":[3],\"holdOpen\":[1500,1500],\"pulseTimings\":[620,920,190,850],\"softGrip\":[0],\"speedControlStrategy\":[0]}}]}",
        "firmware_id": 24,
        "app_version": "8.1.27",
        "emg_file": "/tmp/fakerklgeYs",
        "created_at": "2026-06-02T13:56:54.000000Z",
        "updated_at": "2026-06-02T13:56:54.000000Z",
        "attempts": [
            {
                "id": 1,
                "training_log_id": 1,
                "date_start": "1973-09-12 10:19:26",
                "date_end": "2009-06-20 10:03:17",
                "result": "success",
                "created_at": "2026-06-02T13:56:55.000000Z",
                "updated_at": "2026-06-02T13:56:55.000000Z"
            }
        ]
    },
    {
        "id": 3,
        "user_id": 321,
        "training_task_id": 3,
        "date_start": "2022-09-15 11:12:25",
        "date_end": "1992-06-24 01:10:06",
        "end_reason": "back",
        "config": "{\"common\":{\"fingerStrength\":[1,100],\"gripPositions\":{\"_\":0,\"0\":{\"initial\":[31,75,75,39,11],\"limit\":[38,86,84,69,12]},\"1\":{\"initial\":[14,68,5,38,51],\"limit\":[19,74,55,86,63]},\"2\":{\"initial\":[79,2,50,14,66],\"limit\":[91,51,73,33,92]},\"3\":{\"initial\":[44,18,28,3,50],\"limit\":[66,22,38,5,90]},\"4\":{\"initial\":[47,3,26,5,10],\"limit\":[76,40,62,53,17]},\"5\":{\"initial\":[24,31,60,1,18],\"limit\":[91,58,81,25,57]},\"6\":{\"initial\":[13,42,47,7,22],\"limit\":[32,64,64,30,22]},\"7\":{\"initial\":[9,26,49,29,47],\"limit\":[36,68,93,87,60]},\"8\":{\"initial\":[19,14,1,27,14],\"limit\":[64,95,43,61,68]},\"9\":{\"initial\":[4,33,72,7,33],\"limit\":[83,70,85,70,40]},\"10\":{\"initial\":[23,29,43,35,53],\"limit\":[35,44,62,71,61]},\"11\":{\"initial\":[56,16,63,46,55],\"limit\":[76,31,85,52,56]},\"12\":{\"initial\":[61,38,45,53,78],\"limit\":[95,68,73,90,93]},\"13\":{\"initial\":[16,10,50,46,12],\"limit\":[72,21,85,49,39]}},\"inputSite\":[1]},\"modes\":[{\"id\":92,\"name\":\"Enim debitis quidem similique sed animi possimus non iste.\",\"slot\":0,\"config\":{\"autoGrasp\":[1,0],\"coContractionTimings\":[200,200],\"controlMode\":[1],\"emgGains\":[100,100],\"emgSpike\":[1,300],\"emgThresholds\":[80,100,100,60,40,70,50,50,70,90],\"gripPairsConfig\":[8,13,6,10,7,4,9,11],\"gripSequentialConfig\":[11,255,255,255,13,255,10,4,12,3,9,2],\"gripSwitchingMode\":[2],\"holdOpen\":[1500,2000],\"pulseTimings\":[810,650,530,980],\"softGrip\":[1],\"speedControlStrategy\":[0]}},{\"id\":93,\"name\":\"Sit pariatur ipsum sed maiores porro.\",\"slot\":1,\"config\":{\"autoGrasp\":[0,100],\"coContractionTimings\":[400,400],\"controlMode\":[1],\"emgGains\":[100,100],\"emgSpike\":[0,300],\"emgThresholds\":[100,80,50,80,90,80,100,30,0,80],\"gripPairsConfig\":[4,11,9,7,3,10,12,13],\"gripSequentialConfig\":[12,255,3,8,5,6,255,255,11,4,255,255],\"gripSwitchingMode\":[2],\"holdOpen\":[2000,2000],\"pulseTimings\":[80,900,340,790],\"softGrip\":[0],\"speedControlStrategy\":[1]}},{\"id\":94,\"name\":\"Necessitatibus qui est natus provident tenetur qui animi.\",\"slot\":2,\"config\":{\"autoGrasp\":[0,0],\"coContractionTimings\":[300,200],\"controlMode\":[1],\"emgGains\":[100,100],\"emgSpike\":[0,300],\"emgThresholds\":[40,60,10,10,70,30,70,50,40,80],\"gripPairsConfig\":[2,10,7,3,12,4,8,5],\"gripSequentialConfig\":[255,255,12,8,1,7,13,4,255,2,11,5],\"gripSwitchingMode\":[3],\"holdOpen\":[1500,2500],\"pulseTimings\":[750,340,990,290],\"softGrip\":[0],\"speedControlStrategy\":[0]}}]}",
        "firmware_id": 26,
        "app_version": "7.50.56",
        "emg_file": "/tmp/fakerZNRis5",
        "created_at": "2026-06-02T13:56:55.000000Z",
        "updated_at": "2026-06-02T13:56:55.000000Z",
        "attempts": [
            {
                "id": 2,
                "training_log_id": 3,
                "date_start": "2005-08-22 21:43:45",
                "date_end": "1998-07-11 14:41:12",
                "result": "success",
                "created_at": "2026-06-02T13:56:56.000000Z",
                "updated_at": "2026-06-02T13:56:56.000000Z"
            }
        ]
    }
]

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage user trainings",
    "code": "TRAININGS:SAVE_ATTEMPTS:INSUFFICIENT_PERMISSION"
}

Example response (403, User has no training started):


{
    "message": "User has no training started",
    "code": "TRAININGS:SAVE_ATTEMPTS:NO_USER_TRAINING"
}

Example response (404, Training not found):


{
    "message": "Training not found",
    "code": "TRAININGS:SAVE_ATTEMPTS:TRAINING_NOT_FOUND"
}

Example response (404, Training day not found):


{
    "message": "Training day not found",
    "code": "TRAININGS:SAVE_ATTEMPTS:TRAINING_DAY_NOT_FOUND"
}

Example response (404, Training task not found):


{
    "message": "Training task not found",
    "code": "TRAININGS:SAVE_ATTEMPTS:TRAINING_TASK_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/trainings/{trainingId}/day/{trainingDayId}/task/{trainingTaskId}/attempts

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: multipart/form-data

Accept

Example: application/json

URL Parameters

trainingId integer

Training ID. Example: 1

trainingDayId integer

Training Day ID. Example: 2

trainingTaskId integer

Training Task ID. Example: 3

Body Parameters

exercises object[] optional

date_start string

Exercise start date. MUST_BE_DATE. Example: 1990-03-01 07:19:23

date_end string optional

Exercise end date. MUST_BE_DATE. Example: 2007-06-29 14:25:27

end_reason string optional

Exercise end reason. Example: success

Must be one of:

success
back
ticketCreated
fail
null

config string

Device config during exercise.

firmware_id integer

Device Firmware Version ID during exercise. The id of an existing record in the App\Models\FirmwareVersion table. Example: 136

app_version string

Mobile app version during exercise. Example: 2.72.48

emg_file file optional

EMG file created during exercise. Must be a file. MAXIMUM:FILE_KB:102400. Example: /tmp/phpIwp89o

attempts object[] optional

date_start string

Exercise attempt start date. MUST_BE_DATE. Example: 1990-01-04 22:09:07

date_end string

Exercise attempt end date. MUST_BE_DATE. Example: 1990-11-05 14:01:06

result string

Exercise attempt result. Example: success

Must be one of:

success
failure

Response

Response Fields

id integer

Training log entry ID.

user_id integer

Associated user ID.

training_task_id integer

Associated training task ID.

date_start string

Session start datetime.

date_end string

Session end datetime.

end_reason string

Reason the session ended.

config string

Device config snapshot at time of session.

firmware_id integer

Firmware version ID used during session.

app_version string

App version used during session.

emg_file string

EMG data file URL.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

attempts object[]

Training log attempts.

Get reward status

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/trainings/1/reward" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/trainings/1/reward"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200, Reward status):


{
    "status": true
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage user trainings",
    "code": "TRAININGS:REWARD_STATUS:INSUFFICIENT_PERMISSION"
}

Example response (404, Training not found):


{
    "message": "Training not found",
    "code": "TRAININGS:REWARD_STATUS:TRAINING_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Save reward details

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/trainings/1/reward" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"type\": \"digital\",
    \"country\": \"PL\",
    \"delivery\": \"home_delivery\",
    \"email\": \"shields.elmer@bernier.com\",
    \"phone\": \"239.241.6662\",
    \"full_name\": \"Roselyn Smith\",
    \"address1\": \"7383 Reilly Ports Suite 974\",
    \"address2\": \"Suite 157\",
    \"city\": \"Port Salliechester\",
    \"postal_code\": \"72050-3292\",
    \"state\": \"UT\",
    \"parcel_locker_code\": \"GNGJYZNB\",
    \"pin_code\": \"700195\"
}"

const url = new URL(
    "http://localhost:8000/api/trainings/1/reward"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "type": "digital",
    "country": "PL",
    "delivery": "home_delivery",
    "email": "shields.elmer@bernier.com",
    "phone": "239.241.6662",
    "full_name": "Roselyn Smith",
    "address1": "7383 Reilly Ports Suite 974",
    "address2": "Suite 157",
    "city": "Port Salliechester",
    "postal_code": "72050-3292",
    "state": "UT",
    "parcel_locker_code": "GNGJYZNB",
    "pin_code": "700195"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (200):


{
    "id": 1,
    "user_id": 323,
    "training_id": 21,
    "type": "physical",
    "country": "SE",
    "delivery": "ua_nova_poshta_parcel_locker",
    "email": "jschmeler@gmail.com",
    "phone": "616.950.6137",
    "full_name": "Cleora Konopelski PhD",
    "address1": "4937 Yundt Creek Suite 146",
    "address2": "7810 Runolfsson Pine Apt. 888\nSouth Rasheed, WI 65584-2013",
    "city": "East Jaydonmouth",
    "postal_code": "07198-6544",
    "state": "NEMO",
    "parcel_locker_code": "QNYCZY8B",
    "pin_code": "995621",
    "created_at": "2026-06-02T13:56:56.000000Z",
    "updated_at": "2026-06-02T13:56:56.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage user trainings",
    "code": "TRAININGS:REWARD_SAVE:INSUFFICIENT_PERMISSION"
}

Example response (403, Reward details already exists):


{
    "message": "Reward details already exists",
    "code": "TRAININGS:REWARD_SAVE:ALREADY_EXISTS"
}

Example response (404, Training not found):


{
    "message": "Training not found",
    "code": "TRAININGS:REWARD_SAVE:TRAINING_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/trainings/{trainingId}/reward

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

trainingId integer

Training ID. Example: 1

Body Parameters

type string

Reward type. Example: digital

Must be one of:

digital
physical

country string

Country code. SIZE:STRING_LENGTH:2. Example: PL

Must be one of:

AF
AX
AL
DZ
AS
AD
AO
AI
AQ
AG
AR
AM
AW
AU
AT
AZ
BS
BH
BD
BB
BY
BE
BZ
BJ
BM
BT
BO
BQ
BA
BW
BV
BR
IO
BN
BG
BF
BI
CV
KH
CM
CA
KY
CF
TD
CL
CN
CX
CC
CO
KM
CD
CG
CK
CR
CI
HR
CU
CW
CY
CZ
DK
DJ
DM
DO
EC
EG
SV
GQ
ER
EE
SZ
ET
FK
FO
FJ
FI
FR
GF
PF
TF
GA
GM
GE
DE
GH
GI
GR
GL
GD
GP
GU
GT
GG
GN
GW
GY
HT
HM
VA
HN
HK
HU
IS
IN
ID
IR
IQ
IE
IM
IL
IT
JM
JP
JE
JO
KZ
KE
KI
KP
KR
KW
KG
LA
LV
LB
LS
LR
LY
LI
LT
LU
MO
MG
MW
MY
MV
ML
MT
MH
MQ
MR
MU
YT
MX
FM
MD
MC
MN
ME
MS
MA
MZ
MM
NA
NR
NP
NL
NC
NZ
NI
NE
NG
NU
NF
MK
MP
NO
OM
PK
PW
PS
PA
PG
PY
PE
PH
PN
PL
PT
PR
QA
RE
RO
RU
RW
BL
SH
KN
LC
MF
PM
VC
WS
SM
ST
SA
SN
RS
SC
SL
SG
SX
SK
SI
SB
SO
ZA
GS
SS
ES
LK
SD
SR
SJ
SE
CH
SY
TW
TJ
TZ
TH
TL
TG
TK
TO
TT
TN
TR
TM
TC
TV
UG
UA
AE
GB
UM
US
UY
UZ
VU
VE
VN
VG
VI
WF
EH
YE
ZM
ZW

delivery string optional

Delivery method. Default: home_delivery. Example: home_delivery

Must be one of:

home_delivery
pl_inpost_parcel_locker
ua_nova_poshta_branch_pickup
ua_nova_poshta_parcel_locker

email string

Contact email. MUST_BE_EMAIL. Example: shields.elmer@bernier.com

phone string

Contact phone. Example: 239.241.6662

full_name string

Full name. Example: Roselyn Smith

address1 string optional

Address line 1. Example: 7383 Reilly Ports Suite 974

address2 string optional

Address line 2. Example: Suite 157

city string optional

City. Example: Port Salliechester

postal_code string optional

Postal code/ZIP code/Postcode. Example: 72050-3292

state string optional

State/Province. Example: UT

parcel_locker_code string optional

Parcel locker code/Branch pickup number (for: InPost parcel locker, Nova Poshta branch pickup, Nova Poshta parcel locker). Example: GNGJYZNB

pin_code string optional

PIN code (India delivery). Example: 700195

Response

Response Fields

id integer

User reward ID.

user_id integer

Associated user ID.

training_id integer

Associated training ID.

type string

Reward type.

Must be one of:

digital
physical

country string

Delivery country code.

delivery string

Delivery method.

Must be one of:

home_delivery
parcel_locker

email string

Recipient email.

phone string

Recipient phone.

full_name string

Recipient full name.

address1 string

Delivery address line 1.

address2 string

Delivery address line 2.

city string

Delivery city.

postal_code string

Delivery postal code.

state string

Delivery state.

parcel_locker_code string

Parcel locker code.

pin_code string

PIN code for delivery.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Get user progress (clinician view)

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/trainings/progress/soluta/user/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/trainings/progress/soluta/user/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200, OK):


[
    {
        "number": 1,
        "key": "openClose",
        "status": "completed",
        "status_updated_at": "2026-02-04 11:00:00"
    },
    {
        "number": 2,
        "key": "holdOpen",
        "status": "in_progress",
        "status_updated_at": "2026-02-05 09:00:00"
    },
    {
        "number": 3,
        "key": "changeSignal",
        "status": "not_started",
        "status_updated_at": null
    },
    {
        "number": 4,
        "key": "thumbPositioning",
        "status": "not_started",
        "status_updated_at": null
    },
    {
        "number": 5,
        "key": "sequentialAndPairingMode",
        "status": "not_started",
        "status_updated_at": null
    },
    {
        "number": 6,
        "key": "fingerSpeedTraining",
        "status": "not_started",
        "status_updated_at": null
    },
    {
        "number": 7,
        "key": "freezeMode",
        "status": "not_started",
        "status_updated_at": null
    },
    {
        "number": 8,
        "key": "coreSkillsTest",
        "status": "not_started",
        "status_updated_at": null
    },
    {
        "number": 9,
        "key": "powerSoftGrip",
        "status": "not_started",
        "status_updated_at": null
    },
    {
        "number": 10,
        "key": "precisionGrip",
        "status": "not_started",
        "status_updated_at": null
    },
    {
        "number": 11,
        "key": "tripodGrip",
        "status": "not_started",
        "status_updated_at": null
    },
    {
        "number": 12,
        "key": "keyGrip",
        "status": "not_started",
        "status_updated_at": null
    },
    {
        "number": 13,
        "key": "gripSelection",
        "status": "not_started",
        "status_updated_at": null
    },
    {
        "number": 14,
        "key": "finalGripAndControlTest",
        "status": "not_started",
        "status_updated_at": null
    }
]

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to access patient training",
    "code": "TRAININGS:PROGRESS_CLINICIAN:INSUFFICIENT_PERMISSION"
}

Example response (404, Training not found):


{
    "message": "Training not found",
    "code": "TRAININGS:PROGRESS_CLINICIAN:TRAINING_NOT_FOUND"
}

Example response (404, User not found):


{
    "message": "User not found",
    "code": "TRAININGS:PROGRESS_CLINICIAN:USER_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/trainings/progress/{trainingId}/user/{userId}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

trainingId string

Example: soluta

userId integer

User ID. Example: 1

User preferences

API endpoints for user preferences

List user preferences

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/preferences" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/preferences"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200, OK):


{
    "preference1": "value1",
    "preference2": null,
    "preference3": 1
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage user preferences",
    "code": "USERS_PREFERENCES:LIST:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Get user preference

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/preferences/sidebar_enabled" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/preferences/sidebar_enabled"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "id": 1,
    "user_id": 324,
    "name": "RosyBrown",
    "value": "1",
    "created_at": "2026-06-02T13:56:57.000000Z",
    "updated_at": "2026-06-02T13:56:57.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage user preferences",
    "code": "USERS_PREFERENCES:GET:INSUFFICIENT_PERMISSION"
}

Example response (404, User preference not found):


{
    "message": "User preference not found",
    "code": "USERS_PREFERENCES:GET:NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Set user preference

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/preferences" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"name\": \"sidebar_enabled\",
    \"value\": \"1\"
}"

const url = new URL(
    "http://localhost:8000/api/preferences"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "name": "sidebar_enabled",
    "value": "1"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (202):


{
    "id": 2,
    "user_id": 325,
    "name": "DarkSlateGray",
    "value": "1",
    "created_at": "2026-06-02T13:56:57.000000Z",
    "updated_at": "2026-06-02T13:56:57.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to manage user preferences",
    "code": "USERS_PREFERENCES:SET:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/preferences

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

name string

Preference name. Example: sidebar_enabled

value string

Preference value. Example: 1

Users

API endpoints for user management

Get users list

requires authentication

Possible extend options:

clinicians - users assigned to this user as clinicians (for Amputee role)
patients - users assigned to this user as patients (for ClinicAdmin/Clinician/ClinicianSupport role)
devices - products assigned to user (for Amputee role)
devicesAsClinician - products assigned to user as clinician (for ClinicAdmin/Clinician/ClinicianSupport role)
roles - user roles
permissions - user permissions (for ClinicianSupport role)

Example request:

curl --request GET \
    --get "http://localhost:8000/api/users?search=Tom&active=-1&clinician[]=12&roles=Clinician%2CAmputee&has_devices=1&user_toggles=goals%2Ctrainings" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/users"
);

const params = {
    "search": "Tom",
    "active": "-1",
    "clinician[0]": "12",
    "roles": "Clinician,Amputee",
    "has_devices": "1",
    "user_toggles": "goals,trainings",
};
Object.keys(params)
    .forEach(key => url.searchParams.append(key, params[key]));

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 7,
            "mrn": "83XLYYRT1780408470",
            "name": "Mrs. Vivienne Little Sr.",
            "email": "1780408470arielle78@example.com",
            "language": "en",
            "phone": "+1.223.627.8214",
            "phone_country": "PH",
            "phone_verified_at": null,
            "address1": "209 Friesen Cove",
            "address2": "Carleeview, MS 38715",
            "postal_code": "51192",
            "city": "Beahan-Jerde",
            "country": "RO",
            "clinic_name": "New Anahifort",
            "clinic_location": "860 Joannie Parkway Apt. 014\nJastview, LA 17420",
            "image": null,
            "mfa_enabled": 0,
            "mfa_method": null,
            "mfa_verified_to": null,
            "location_id": null,
            "created_by": null,
            "active": 1,
            "notifications_timezone": null,
            "notifications_at": null,
            "created_at": "2026-06-02T13:54:30.000000Z",
            "updated_at": "2026-06-02T13:54:30.000000Z",
            "invitation_status": null,
            "acadle_invitation_status": null,
            "clinicians": [
                {
                    "id": 8,
                    "mrn": "XWWJZWPG1780408471",
                    "name": "Miss Sydnee Herzog",
                    "email": "1780408471legros.rubye@example.net",
                    "language": "en",
                    "phone": "(706) 999-7375",
                    "phone_country": "AU",
                    "phone_verified_at": null,
                    "address1": "294 Daren Mall Apt. 413",
                    "address2": "Elisamouth, SD 16808",
                    "postal_code": "04727",
                    "city": "Durgan-Lubowitz",
                    "country": "LU",
                    "clinic_name": "Fadelport",
                    "clinic_location": "47672 Lorine Divide\nNorth Vicentehaven, AR 34916",
                    "image": null,
                    "mfa_enabled": 0,
                    "mfa_method": null,
                    "mfa_verified_to": null,
                    "location_id": null,
                    "created_by": null,
                    "active": 1,
                    "notifications_timezone": null,
                    "notifications_at": null,
                    "created_at": "2026-06-02T13:54:31.000000Z",
                    "updated_at": "2026-06-02T13:54:31.000000Z",
                    "invitation_status": null,
                    "acadle_invitation_status": null,
                    "pivot": {
                        "user_id": 7,
                        "assigned_user_id": 8
                    },
                    "roles": []
                }
            ],
            "devices": [
                {
                    "id": 1,
                    "serial": "eb1fa1b5-1a89-3438-9882-9a78236eb8eb",
                    "bluetooth_id": "4b952d46-d75f-30aa-ad66-339c469fb8ba",
                    "company_id": null,
                    "model_id": null,
                    "amputee_id": 7,
                    "clinician_id": null,
                    "firmware_version_id": null,
                    "pcb_version_id": null,
                    "reverse_magnets": 0,
                    "is_electrode": 0,
                    "active": 1,
                    "last_activity_at": "0000-00-00 00:00:00",
                    "created_at": "2026-06-02T13:54:31.000000Z",
                    "updated_at": "2026-06-02T13:54:31.000000Z"
                }
            ],
            "roles": [
                {
                    "id": 1,
                    "name": "SuperAdmin"
                }
            ]
        },
        {
            "id": 9,
            "mrn": "DT6ANEPW1780408471",
            "name": "Lavern Cruickshank",
            "email": "1780408471qadams@example.org",
            "language": "en",
            "phone": "563.734.1787",
            "phone_country": "KI",
            "phone_verified_at": null,
            "address1": "21623 Pouros Meadows",
            "address2": "Schadenville, CT 54492-5475",
            "postal_code": "20618-9648",
            "city": "Schamberger Group",
            "country": "IN",
            "clinic_name": "Daytonmouth",
            "clinic_location": "815 Schroeder Prairie Suite 800\nSouth Nickolasville, AR 01225",
            "image": null,
            "mfa_enabled": 0,
            "mfa_method": null,
            "mfa_verified_to": null,
            "location_id": null,
            "created_by": null,
            "active": 1,
            "notifications_timezone": null,
            "notifications_at": null,
            "created_at": "2026-06-02T13:54:31.000000Z",
            "updated_at": "2026-06-02T13:54:31.000000Z",
            "invitation_status": null,
            "acadle_invitation_status": "accepted",
            "clinicians": [
                {
                    "id": 10,
                    "mrn": "3PW49QHE1780408472",
                    "name": "Katelin Oberbrunner",
                    "email": "1780408472gusikowski.justen@example.com",
                    "language": "en",
                    "phone": "970.414.6108",
                    "phone_country": "MM",
                    "phone_verified_at": null,
                    "address1": "146 Roberts Courts",
                    "address2": "Windlerchester, WI 82979-3697",
                    "postal_code": "22669-4283",
                    "city": "Muller-Jones",
                    "country": "UA",
                    "clinic_name": "New Fermin",
                    "clinic_location": "6295 Swift Spur\nDanielview, WA 68534",
                    "image": null,
                    "mfa_enabled": 0,
                    "mfa_method": null,
                    "mfa_verified_to": null,
                    "location_id": null,
                    "created_by": null,
                    "active": 1,
                    "notifications_timezone": null,
                    "notifications_at": null,
                    "created_at": "2026-06-02T13:54:32.000000Z",
                    "updated_at": "2026-06-02T13:54:32.000000Z",
                    "invitation_status": null,
                    "acadle_invitation_status": null,
                    "pivot": {
                        "user_id": 9,
                        "assigned_user_id": 10
                    },
                    "roles": []
                }
            ],
            "devices": [
                {
                    "id": 2,
                    "serial": "57a62966-7a2b-3d98-b5fe-37501c8d0c54",
                    "bluetooth_id": "4b76a5b3-47b3-3a94-80c8-8cbe42103c9c",
                    "company_id": null,
                    "model_id": null,
                    "amputee_id": 9,
                    "clinician_id": null,
                    "firmware_version_id": null,
                    "pcb_version_id": null,
                    "reverse_magnets": 0,
                    "is_electrode": 0,
                    "active": 1,
                    "last_activity_at": "0000-00-00 00:00:00",
                    "created_at": "2026-06-02T13:54:32.000000Z",
                    "updated_at": "2026-06-02T13:54:32.000000Z"
                }
            ],
            "roles": [
                {
                    "id": 6,
                    "name": "AcadleUser"
                }
            ]
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to view user list",
    "code": "USERS:LIST:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/users

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Query Parameters

search string optional

Filter users by name. For SuperAdmin role it filters by UUID. Example: Tom

active integer optional

Filter users by active status (available: 0 - only inactive, 1 - only active, -1 - all users). Default: 1. Example: -1

clinician integer[] optional

Filter users by clinician. Provide single ID (clinician=1), array of IDs (clinician[]=1&clinician[]=2) or comma-separated list of IDs (clinician=1,2).

roles string optional

Filter users by roles (comma-separated). Example: Clinician,Amputee

has_devices integer optional

Filter users who has at least one device assigned. Example: 1

user_toggles string optional

Filter users by their user-specific product toggles (comma-separated). Example: goals,trainings

perpage integer optional

Elements per page (Default: 20).

page integer optional

Page number (Default: 1).

extend string optional

Comma-separated list of relation extensions (available: clinicians, patients, devices, devices.model, devicesAsClinician, devicesAsClinician.model, roles, permissions, userToggles).

sortby string optional

Sort by field (available: user_mrn, user_name, role_name, date). Default: date, desc.

sortdir string optional

Sort direction (available: asc, desc).

Response

Response Fields

items object

id integer

User ID.

mrn string

Medical Record Number.

name string

User full name.

email string

User email address.

language string

User preferred language.

phone string

User phone number.

phone_country string

Phone country code.

phone_verified_at string

Phone verification date.

address1 string

Address line 1.

address2 string

Address line 2.

postal_code string

Postal code.

city string

City.

country string

Country code (ISO 3166 Alpha-2).

clinic_name string

Clinic name.

clinic_location string

Clinic location.

image string

User profile image URL.

mfa_enabled boolean

Whether MFA is enabled.

mfa_method string

Preferred MFA method.

mfa_verified_to string

MFA session verified until.

location_id integer

Location ID.

created_by integer

ID of the user who created this account.

active boolean

Whether the user account is active.

notifications_timezone string

Timezone for notifications.

notifications_at string

Preferred notification time.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

invitation_status string

User invitation status.

acadle_invitation_status string

Acadle invitation status.

roles object[]

User roles.

id integer

Role ID.

name string

Role name.

permissions object[]

User permissions.

clinicians object[]

Assigned clinicians.

devices object[]

Assigned devices.

patients object[]

Assigned patients.

invitations object[]

User invitations.

paginator object

total integer

Total number of items.

count integer

Number of items on current page.

perpage integer

Items per page.

current_page integer

Current page number.

last_page integer

Last page number.

Get current user data

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/me" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/me"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "id": 11,
    "mrn": "CL2GML771780408472",
    "name": "Guillermo Grimes",
    "email": "1780408472shanahan.brittany@example.net",
    "language": "en",
    "phone": "+1-930-936-9288",
    "phone_country": "PY",
    "phone_verified_at": null,
    "address1": "36009 Lexi Extension Suite 996",
    "address2": "West Aurorechester, MS 82732",
    "postal_code": "70834-9529",
    "city": "Corkery PLC",
    "country": "NL",
    "clinic_name": "Lake Pollyland",
    "clinic_location": "999 Ettie Light\nDemariomouth, OH 77012",
    "image": null,
    "mfa_enabled": 0,
    "mfa_method": null,
    "mfa_verified_to": null,
    "location_id": null,
    "created_by": null,
    "active": 1,
    "notifications_timezone": null,
    "notifications_at": null,
    "created_at": "2026-06-02T13:54:32.000000Z",
    "updated_at": "2026-06-02T13:54:32.000000Z",
    "invitation_status": "accepted",
    "acadle_invitation_status": null,
    "roles": [
        {
            "id": 3,
            "name": "Clinician"
        }
    ]
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/me

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Query Parameters

extend string optional

Comma-separated list of relation extensions (available: clinicians, patients, devices, devicesAsClinician, roles, permissions).

Response

Response Fields

id integer

User ID.

mrn string

Medical Record Number.

name string

User full name.

email string

User email address.

language string

User preferred language.

phone string

User phone number.

phone_country string

Phone country code.

phone_verified_at string

Phone verification date.

address1 string

Address line 1.

address2 string

Address line 2.

postal_code string

Postal code.

city string

City.

country string

Country code (ISO 3166 Alpha-2).

clinic_name string

Clinic name.

clinic_location string

Clinic location.

image string

User profile image URL.

mfa_enabled boolean

Whether MFA is enabled.

mfa_method string

Preferred MFA method.

mfa_verified_to string

MFA session verified until.

location_id integer

Location ID.

created_by integer

ID of the user who created this account.

active boolean

Whether the user account is active.

notifications_timezone string

Timezone for notifications.

notifications_at string

Preferred notification time.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

invitation_status string

User invitation status.

acadle_invitation_status string

Acadle invitation status.

roles object[]

User roles.

id integer

Role ID.

name string

Role name.

permissions object[]

User permissions.

clinicians object[]

Assigned clinicians.

devices object[]

Assigned devices.

patients object[]

Assigned patients.

invitations object[]

User invitations.

Get other user data

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/user/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/user/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "id": 12,
    "mrn": "JGWK7KAW1780408473",
    "name": "Tressie Baumbach",
    "email": "1780408473prudence29@example.com",
    "language": "en",
    "phone": "(820) 918-8100",
    "phone_country": "YT",
    "phone_verified_at": null,
    "address1": "8774 Jonas Pass",
    "address2": "Port Alyssonview, MT 97748",
    "postal_code": "17705",
    "city": "Feeney PLC",
    "country": "CZ",
    "clinic_name": "North Jordan",
    "clinic_location": "580 Waelchi Plaza\nAshtynborough, SC 41556-2131",
    "image": null,
    "mfa_enabled": 0,
    "mfa_method": null,
    "mfa_verified_to": null,
    "location_id": null,
    "created_by": null,
    "active": 1,
    "notifications_timezone": null,
    "notifications_at": null,
    "created_at": "2026-06-02T13:54:33.000000Z",
    "updated_at": "2026-06-02T13:54:33.000000Z",
    "invitation_status": "accepted",
    "acadle_invitation_status": null,
    "roles": [
        {
            "id": 3,
            "name": "Clinician"
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to view user data",
    "code": "USERS:GET:INSUFFICIENT_PERMISSION"
}

Example response (404, User not found):


{
    "message": "User not found",
    "code": "USERS:GET:USER_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/user/{id}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

id integer

User ID. Example: 1

Query Parameters

extend string optional

Comma-separated list of relation extensions (available: clinicians, patients, devices, devicesAsClinician, roles, permissions).

Response

Response Fields

id integer

User ID.

mrn string

Medical Record Number.

name string

User full name.

email string

User email address.

language string

User preferred language.

phone string

User phone number.

phone_country string

Phone country code.

phone_verified_at string

Phone verification date.

address1 string

Address line 1.

address2 string

Address line 2.

postal_code string

Postal code.

city string

City.

country string

Country code (ISO 3166 Alpha-2).

clinic_name string

Clinic name.

clinic_location string

Clinic location.

image string

User profile image URL.

mfa_enabled boolean

Whether MFA is enabled.

mfa_method string

Preferred MFA method.

mfa_verified_to string

MFA session verified until.

location_id integer

Location ID.

created_by integer

ID of the user who created this account.

active boolean

Whether the user account is active.

notifications_timezone string

Timezone for notifications.

notifications_at string

Preferred notification time.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

invitation_status string

User invitation status.

acadle_invitation_status string

Acadle invitation status.

roles object[]

User roles.

id integer

Role ID.

name string

Role name.

permissions object[]

User permissions.

clinicians object[]

Assigned clinicians.

devices object[]

Assigned devices.

patients object[]

Assigned patients.

invitations object[]

User invitations.

Create new user account

requires authentication

Predefined permissions:

user.view - access to view users' data (GET /user/{id} endpoint)
user.update - access to update users' data (PUT /user/{id} and POST /user/{id}/phone endpoints)
user.passwordChange - access to change users' passwords (POST /user/{id}/password endpoint)
user.devices - access to list of users' devices (GET /user/{id}/devices endpoint)
user.tickets.view - access to listing and viewing tickets
user.tickets.update - access to updating tickets (marking messages as read)
user.tickets.send - access to sending messages in tickets
user.tickets.close - access to closing tickets
user.goals - access to view or manage users' goals

Example request:

curl --request POST \
    "http://localhost:8000/api/user" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: multipart/form-data" \
    --header "Accept: application/json" \
    --form "mrn=MRN12345678"\
    --form "name=Tom Smith"\
    --form "email=test@example.com"\
    --form "language=en"\
    --form "address1=417 Schiller Extensions"\
    --form "address2=West Alan, VT 14538"\
    --form "postal_code=60174-5384"\
    --form "city=Lake Adelle"\
    --form "country=AT"\
    --form "clinic_name=Aether"\
    --form "clinic_location=417 Schiller Extensions"\
    --form "mfa_enabled=1"\
    --form "mfa_method=email"\
    --form "clinicians[]=2"\
    --form "notifications_timezone=Europe/Warsaw"\
    --form "notifications_at=8:00"\
    --form "role=Amputee"\
    --form "image=@/tmp/phpgI8vRT"

const url = new URL(
    "http://localhost:8000/api/user"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "multipart/form-data",
    "Accept": "application/json",
};

const body = new FormData();
body.append('mrn', 'MRN12345678');
body.append('name', 'Tom Smith');
body.append('email', 'test@example.com');
body.append('language', 'en');
body.append('address1', '417 Schiller Extensions');
body.append('address2', 'West Alan, VT 14538');
body.append('postal_code', '60174-5384');
body.append('city', 'Lake Adelle');
body.append('country', 'AT');
body.append('clinic_name', 'Aether');
body.append('clinic_location', '417 Schiller Extensions');
body.append('mfa_enabled', '1');
body.append('mfa_method', 'email');
body.append('clinicians[]', '2');
body.append('notifications_timezone', 'Europe/Warsaw');
body.append('notifications_at', '8:00');
body.append('role', 'Amputee');
body.append('image', document.querySelector('input[name="image"]').files[0]);

fetch(url, {
    method: "POST",
    headers,
    body,
}).then(response => response.json());

Example response (201):


{
    "id": 13,
    "mrn": "VQLSJLH91780408473",
    "name": "Prof. Letitia Feeney I",
    "email": "1780408473carolanne.beer@example.org",
    "language": "en",
    "phone": "1-680-839-1167",
    "phone_country": "PM",
    "phone_verified_at": null,
    "address1": "1994 Marlee Rue",
    "address2": "Bogisichstad, FL 56411-3688",
    "postal_code": "72345",
    "city": "Von-Kunde",
    "country": "PL",
    "clinic_name": "North Golda",
    "clinic_location": "740 Moore Streets\nJanachester, AZ 90467-3255",
    "image": null,
    "mfa_enabled": 0,
    "mfa_method": null,
    "mfa_verified_to": null,
    "location_id": null,
    "created_by": null,
    "active": 1,
    "notifications_timezone": null,
    "notifications_at": null,
    "created_at": "2026-06-02T13:54:33.000000Z",
    "updated_at": "2026-06-02T13:54:33.000000Z",
    "invitation_status": null,
    "acadle_invitation_status": null,
    "roles": [
        {
            "id": 5,
            "name": "Amputee"
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to create user with given role",
    "code": "USERS:CREATE:INSUFFICIENT_PERMISSION"
}

Example response (403, E-mail in use (in another region)):


{
    "message": "E-mail address already in use (in another region)",
    "code": "USERS:CREATE:EMAIL_IN_USE"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/user

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: multipart/form-data

Accept

Example: application/json

Body Parameters

mrn string optional

Medical Record Number. Example: MRN12345678

name string optional

User full name. Example: Tom Smith

email string

User email. MUST_BE_EMAIL. Example: test@example.com

language string optional

User language. Example: en

address1 string optional

Address line 1. MAXIMUM:STRING_LENGTH:100. Example: 417 Schiller Extensions

address2 string optional

Address line 2. MAXIMUM:STRING_LENGTH:100. Example: West Alan, VT 14538

postal_code string optional

Postal code. MAXIMUM:STRING_LENGTH:100. Example: 60174-5384

city string optional

City. MAXIMUM:STRING_LENGTH:100. Example: Lake Adelle

country string optional

Country. MAXIMUM:STRING_LENGTH:2. Example: AT

clinic_name string optional

Clinic name. MAXIMUM:STRING_LENGTH:100. Example: Aether

clinic_location string optional

Clinic location. MAXIMUM:STRING_LENGTH:100. Example: 417 Schiller Extensions

image file optional

Attached user image. MUST_BE_IMAGE MAXIMUM:FILE_KB:5120. Example: /tmp/phpgI8vRT

mfa_enabled boolean optional true false

Super Admin only: MFA enabled. Example: true

mfa_method string optional

Super Admin only: MFA method. Example: email

Must be one of:

email
sms

clinicians string[] optional

Clinician ID. The id of an existing record in the App\Models\User table.

notifications_timezone string optional

User notifications timezone. Example: Europe/Warsaw

notifications_at string optional

Time when notifications and reminders should be sent. Format: HH:MM. Set null to notify at default time. Must be a valid date in the format H:i. Example: 8:00

role string

Role name. Example: Amputee

Must be one of:

Amputee
ClinicianSupport
Clinician
ClinicAdmin
SuperAdmin
AcadleUser

permissions object optional

List of permissions given to this user. For now, it is used for ClinicianSupport role to give access to specific actions (for example user.update means that user can update users). You can assign both predefined permissions (already checked by some endpoints) and custom permissions (check them on your own). You can also use wildcards like user.* to give access to all actions for given scope.

Response

Response Fields

id integer

User ID.

mrn string

Medical Record Number.

name string

User full name.

email string

User email address.

language string

User preferred language.

phone string

User phone number.

phone_country string

Phone country code.

phone_verified_at string

Phone verification date.

address1 string

Address line 1.

address2 string

Address line 2.

postal_code string

Postal code.

city string

City.

country string

Country code (ISO 3166 Alpha-2).

clinic_name string

Clinic name.

clinic_location string

Clinic location.

image string

User profile image URL.

mfa_enabled boolean

Whether MFA is enabled.

mfa_method string

Preferred MFA method.

mfa_verified_to string

MFA session verified until.

location_id integer

Location ID.

created_by integer

ID of the user who created this account.

active boolean

Whether the user account is active.

notifications_timezone string

Timezone for notifications.

notifications_at string

Preferred notification time.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

invitation_status string

User invitation status.

acadle_invitation_status string

Acadle invitation status.

roles object[]

User roles.

id integer

Role ID.

name string

Role name.

permissions object[]

User permissions.

clinicians object[]

Assigned clinicians.

devices object[]

Assigned devices.

patients object[]

Assigned patients.

invitations object[]

User invitations.

Update user account

requires authentication

Example request:

curl --request PUT \
    "http://localhost:8000/api/user/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: multipart/form-data" \
    --header "Accept: application/json" \
    --form "mrn=MRN12345678"\
    --form "name=Tom Smith"\
    --form "email=test@example.com"\
    --form "language=en"\
    --form "address1=213 Monahan Plaza"\
    --form "address2=Garettfurt, IN 16453"\
    --form "postal_code=07414"\
    --form "city=Elissafort"\
    --form "country=US"\
    --form "clinic_name=Aether"\
    --form "clinic_location=213 Monahan Plaza"\
    --form "image_delete=1"\
    --form "mfa_enabled=1"\
    --form "mfa_method=email"\
    --form "active=1"\
    --form "clinicians[]=2"\
    --form "notifications_timezone=Europe/Warsaw"\
    --form "notifications_at=8:00"\
    --form "role=Amputee"\
    --form "image=@/tmp/phpizRvgd"

const url = new URL(
    "http://localhost:8000/api/user/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "multipart/form-data",
    "Accept": "application/json",
};

const body = new FormData();
body.append('mrn', 'MRN12345678');
body.append('name', 'Tom Smith');
body.append('email', 'test@example.com');
body.append('language', 'en');
body.append('address1', '213 Monahan Plaza');
body.append('address2', 'Garettfurt, IN 16453');
body.append('postal_code', '07414');
body.append('city', 'Elissafort');
body.append('country', 'US');
body.append('clinic_name', 'Aether');
body.append('clinic_location', '213 Monahan Plaza');
body.append('image_delete', '1');
body.append('mfa_enabled', '1');
body.append('mfa_method', 'email');
body.append('active', '1');
body.append('clinicians[]', '2');
body.append('notifications_timezone', 'Europe/Warsaw');
body.append('notifications_at', '8:00');
body.append('role', 'Amputee');
body.append('image', document.querySelector('input[name="image"]').files[0]);

fetch(url, {
    method: "PUT",
    headers,
    body,
}).then(response => response.json());

Example response (202):


{
    "id": 14,
    "mrn": "XBLUZ4BG1780408474",
    "name": "Gabrielle Cruickshank",
    "email": "1780408474kamron.renner@example.net",
    "language": "en",
    "phone": "938-203-2021",
    "phone_country": "PR",
    "phone_verified_at": null,
    "address1": "6554 Dante Valley Suite 393",
    "address2": "Donnellybury, OH 46597-4945",
    "postal_code": "39205-3961",
    "city": "Dicki, Predovic and Flatley",
    "country": "GB",
    "clinic_name": "Tremblaymouth",
    "clinic_location": "5129 Sadie Club\nTerrenceview, CO 15841",
    "image": null,
    "mfa_enabled": 0,
    "mfa_method": null,
    "mfa_verified_to": null,
    "location_id": null,
    "created_by": null,
    "active": 1,
    "notifications_timezone": null,
    "notifications_at": null,
    "created_at": "2026-06-02T13:54:34.000000Z",
    "updated_at": "2026-06-02T13:54:34.000000Z",
    "invitation_status": null,
    "acadle_invitation_status": null,
    "roles": [
        {
            "id": 5,
            "name": "Amputee"
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to update user data",
    "code": "USERS:UPDATE:INSUFFICIENT_PERMISSION"
}

Example response (403, Insufficient permission to assign role):


{
    "message": "Insufficient permission to assign this role as ClinicAdmin",
    "code": "USERS:UPDATE:INSUFFICIENT_PERMISSION_ASSIGN_ROLE"
}

Example response (404, User not found):


{
    "message": "User not found",
    "code": "USERS:UPDATE:USER_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

PUT api/user/{id}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: multipart/form-data

Accept

Example: application/json

URL Parameters

id integer

User ID. Example: 1

Body Parameters

mrn string optional

Medical Record Number. Example: MRN12345678

name string optional

User full name. Example: Tom Smith

email string optional

User email. MUST_BE_EMAIL. Example: test@example.com

language string optional

User language. Example: en

address1 string optional

Address line 1. MAXIMUM:STRING_LENGTH:100. Example: 213 Monahan Plaza

address2 string optional

Address line 2. MAXIMUM:STRING_LENGTH:100. Example: Garettfurt, IN 16453

postal_code string optional

Postal code. MAXIMUM:STRING_LENGTH:100. Example: 07414

city string optional

City. MAXIMUM:STRING_LENGTH:100. Example: Elissafort

country string optional

Country. MAXIMUM:STRING_LENGTH:2. Example: US

clinic_name string optional

Clinic name. MAXIMUM:STRING_LENGTH:100. Example: Aether

clinic_location string optional

Clinic location. MAXIMUM:STRING_LENGTH:100. Example: 213 Monahan Plaza

image file optional

Attached user image. MUST_BE_IMAGE MAXIMUM:FILE_KB:5120. Example: /tmp/phpizRvgd

image_delete boolean optional true false

Send this parameter instead of image to remove previously added image. Example: true

mfa_enabled boolean optional true false

Super Admin only: MFA enabled. Example: true

mfa_method string optional

Super Admin only: MFA method. Example: email

Must be one of:

email
sms

active boolean optional true false

User active status (0 - inactive, 1 - active). Example: true

clinicians string[] optional

Clinician ID. The id of an existing record in the App\Models\User table.

notifications_timezone string optional

User notifications timezone. Example: Europe/Warsaw

notifications_at string optional

Time when notifications and reminders should be sent. Format: HH:MM. Set null to notify at default time. Must be a valid date in the format H:i. Example: 8:00

role string optional

Role name. Example: Amputee

Must be one of:

Amputee
ClinicianSupport
Clinician
ClinicAdmin
SuperAdmin
AcadleUser

permissions object optional

Response

Response Fields

id integer

User ID.

mrn string

Medical Record Number.

name string

User full name.

email string

User email address.

language string

User preferred language.

phone string

User phone number.

phone_country string

Phone country code.

phone_verified_at string

Phone verification date.

address1 string

Address line 1.

address2 string

Address line 2.

postal_code string

Postal code.

city string

City.

country string

Country code (ISO 3166 Alpha-2).

clinic_name string

Clinic name.

clinic_location string

Clinic location.

image string

User profile image URL.

mfa_enabled boolean

Whether MFA is enabled.

mfa_method string

Preferred MFA method.

mfa_verified_to string

MFA session verified until.

location_id integer

Location ID.

created_by integer

ID of the user who created this account.

active boolean

Whether the user account is active.

notifications_timezone string

Timezone for notifications.

notifications_at string

Preferred notification time.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

invitation_status string

User invitation status.

acadle_invitation_status string

Acadle invitation status.

roles object[]

User roles.

id integer

Role ID.

name string

Role name.

permissions object[]

User permissions.

clinicians object[]

Assigned clinicians.

devices object[]

Assigned devices.

patients object[]

Assigned patients.

invitations object[]

User invitations.

Update user phone number

requires authentication

Phone number has to be verified after update. Call /api/mfa/phone/verify with user-filled code after performing this operation. If value is "0" phone number will be removed without any verification.

Example request:

curl --request POST \
    "http://localhost:8000/api/user/1/phone" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"phone\": \"+1 (208) 892-0242\",
    \"phone_country\": \"US\"
}"

const url = new URL(
    "http://localhost:8000/api/user/1/phone"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "phone": "+1 (208) 892-0242",
    "phone_country": "US"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (200, Phone number removed):


{
    "message": "Phone number removed",
    "code": "USERS:SET_PHONE:REMOVED"
}

Example response (200, Phone number updated):


{
    "message": "Verification code sent. Call /api/mfa/phone/verify to verify phone number.",
    "code": "USERS:SET_PHONE:UPDATED"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to update user data",
    "code": "USERS:SET_PHONE:INSUFFICIENT_PERMISSION"
}

Example response (404, User not found):


{
    "message": "User not found",
    "code": "USERS:SET_PHONE:USER_NOT_FOUND"
}

Example response (500, Code send failed):


{
    "message": "Verification code sending failed",
    "code": "USERS:SET_PHONE:SEND_FAILED"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/user/{id}/phone

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

id integer

User ID. Example: 1

Body Parameters

phone string optional

User phone number. Pass "0" to remove current one. Example: +1 (208) 892-0242

phone_country string optional

Phone number's country (2 characters). SIZE:STRING_LENGTH:2. Example: US

Delete user account

requires authentication

Example request:

curl --request DELETE \
    "http://localhost:8000/api/user/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/user/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "DELETE",
    headers,
}).then(response => response.json());

Example response (202, OK):


{
    "message": "User deleted",
    "code": "USERS:DELETE:DELETED"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to delete user",
    "code": "USERS:DELETE:INSUFFICIENT_PERMISSION"
}

Example response (403, User has existing patients or chat rooms):


{
    "message": "Cannot delete: user has existing patients or chat rooms (patients: 1, chat rooms: 0)",
    "code": "USERS:DELETE:HAS_PATIENTS"
}

Example response (403, User has existing devices):


{
    "message": "Cannot delete: user has existing devices (as patient: 1, as clinician: 0)",
    "code": "USERS:DELETE:HAS_DEVICES"
}

Example response (403, User has open P2P sessions):


{
    "message": "Cannot delete: user has open P2P sessions (as patient: 0, as clinician: 1)",
    "code": "USERS:DELETE:HAS_P2P_SESSIONS"
}

Example response (404, User not found):


{
    "message": "User not found",
    "code": "USERS:DELETE:USER_NOT_FOUND"
}

Example response (500, Server error):


{
    "message": "Server error: user not deleted",
    "code": "USERS:DELETE:SERVER_ERROR"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Delete own user account

requires authentication

Example request:

curl --request DELETE \
    "http://localhost:8000/api/user" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"password\": \"password\"
}"

const url = new URL(
    "http://localhost:8000/api/user"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "password": "password"
};

fetch(url, {
    method: "DELETE",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (202, OK):


{
    "message": "User deleted",
    "code": "USERS:SELF_DELETE:DELETED"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to delete user",
    "code": "USERS:SELF_DELETE:INSUFFICIENT_PERMISSION"
}

Example response (422, Invalid password):


{
    "message": "Invalid password",
    "code": "USERS:SELF_DELETE:INVALID_PASSWORD"
}

Example response (500, Server error):


{
    "message": "Server error: user not deleted",
    "code": "USERS:SELF_DELETE:SERVER_ERROR"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Change other user password

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/user/1/password" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"password\": \"et\"
}"

const url = new URL(
    "http://localhost:8000/api/user/1/password"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "password": "et"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (202, OK):


{
    "message": "User password changed",
    "code": "USERS:PASSWORD_CHANGE:CHANGED"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to change user password",
    "code": "USERS:PASSWORD_CHANGE:INSUFFICIENT_PERMISSION"
}

Example response (404, User not found):


{
    "message": "User not found",
    "code": "USERS:PASSWORD_CHANGE:USER_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/user/{id}/password

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

id integer

User ID. Example: 1

Body Parameters

password string

Example: et

Get user devices list

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/user/1/devices" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/user/1/devices"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 3,
            "serial": "1c4a6d52-e550-3636-b8f3-dfdaba19a6de",
            "bluetooth_id": "6b828bd0-29e5-30ea-b243-1916c677d490",
            "company_id": null,
            "model_id": 1,
            "amputee_id": null,
            "clinician_id": null,
            "firmware_version_id": null,
            "pcb_version_id": null,
            "reverse_magnets": 0,
            "is_electrode": 0,
            "active": 1,
            "last_activity_at": "0000-00-00 00:00:00",
            "created_at": "2026-06-02T13:54:34.000000Z",
            "updated_at": "2026-06-02T13:54:34.000000Z",
            "model": {
                "id": 1,
                "name": "Zeus hand v1",
                "type": "leg",
                "orientation": "right",
                "active": 1,
                "created_at": "2026-06-02T13:54:34.000000Z",
                "updated_at": "2026-06-02T13:54:34.000000Z"
            }
        },
        {
            "id": 4,
            "serial": "73599bd7-a08d-3597-be1e-96e248b2c6ce",
            "bluetooth_id": "4cd3ce62-1ff2-357b-a66f-a96e871cec3c",
            "company_id": null,
            "model_id": 2,
            "amputee_id": null,
            "clinician_id": null,
            "firmware_version_id": null,
            "pcb_version_id": null,
            "reverse_magnets": 0,
            "is_electrode": 0,
            "active": 1,
            "last_activity_at": "0000-00-00 00:00:00",
            "created_at": "2026-06-02T13:54:34.000000Z",
            "updated_at": "2026-06-02T13:54:34.000000Z",
            "model": {
                "id": 2,
                "name": "Zeus hand v1",
                "type": "leg",
                "orientation": "right",
                "active": 1,
                "created_at": "2026-06-02T13:54:34.000000Z",
                "updated_at": "2026-06-02T13:54:34.000000Z"
            }
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to view user devices",
    "code": "USERS:DEVICES:INSUFFICIENT_PERMISSION"
}

Example response (404, User not found):


{
    "message": "User not found",
    "code": "USERS:DEVICES:USER_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/user/{id}/devices

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

id integer

User ID. Example: 1

Query Parameters

perpage integer optional

Elements per page (Default: 20).

page integer optional

Page number (Default: 1).

extend string optional

Comma-separated list of relation extensions (available: model, firmwareVersion, pcbVersion, joinedDevices, joinedElectrodes).

Response

Response Fields

items object

id integer

Device ID.

serial string

Device serial number.

bluetooth_id string

Bluetooth identifier.

model_id integer

Device model ID.

amputee_id integer

Assigned patient (amputee) user ID.

firmware_version_id integer

Firmware version ID.

pcb_version_id integer

PCB version ID.

company_id integer

Company ID.

reverse_magnets boolean

Whether magnets are reversed.

is_electrode boolean

Whether this device is an electrode.

active boolean

Whether the device is active.

last_activity_at string

Last activity timestamp.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

model object

Device model details.

id integer

Device model ID.

name string

Model name.

type string

Model type.

orientation string

Model orientation.

active boolean

Whether the model is active.

amputee object

Assigned patient (amputee) user.

id integer

User ID.

name string

User full name.

email string

User email address.

clinicians object[]

Clinicians assigned to this device.

firmwareVersion object

Firmware version details.

id integer

Firmware version ID.

name string

Version name.

file_firmware string

Firmware file URL.

file_firmware_v2 string

Firmware v2 file URL.

file_firmware_v3 string

Firmware v3 file URL.

file_firmware_v4 string

Firmware v4 file URL.

file_firmware_v5 string

Firmware v5 file URL.

file_firmware_new_pcb string

New PCB firmware file URL.

file_bootloader string

Bootloader file URL.

file_bootloader_v2 string

Bootloader v2 file URL.

file_bootloader_v3 string

Bootloader v3 file URL.

file_bootloader_v4 string

Bootloader v4 file URL.

changelog string

Changelog file URL.

pcbVersion object

PCB version details.

id integer

PCB version ID.

name string

Version name.

hardware_id string

Hardware identifier.

joinedDevices object[]

Joined hand devices.

joinedElectrodes object[]

Joined electrode devices.

paginator object

total integer

Total number of items.

count integer

Number of items on current page.

perpage integer

Items per page.

current_page integer

Current page number.

last_page integer

Last page number.

Attach patient to clinician

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/user/attach" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"email\": \"name@domain.com\"
}"

const url = new URL(
    "http://localhost:8000/api/user/attach"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "email": "name@domain.com"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (202, OK):


{
    "message": "Patient attached",
    "code": "USERS:ATTACH:ATTACHED"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to attach patients",
    "code": "USERS:ATTACH:INSUFFICIENT_PERMISSION"
}

Example response (403, Patient is already assigned to another clinician):


{
    "message": "Patient is already assigned to another clinician",
    "code": "USERS:ATTACH:ALREADY_ASSIGNED"
}

Example response (403, User reached the temporary limit of attached devices):


{
    "message": "Reached the limit of assigned devices",
    "code": "USERS:ATTACH:LIMIT_REACHED"
}

Example response (404, User not found):


{
    "message": "User not found",
    "code": "USERS:ATTACH:USER_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Detach patient from clinician

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/user/1/detach" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/user/1/detach"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "POST",
    headers,
}).then(response => response.json());

Example response (202, OK):


{
    "message": "Patient detached",
    "code": "USERS:DETACH:DETACHED"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to detach patient",
    "code": "USERS:DETACH:INSUFFICIENT_PERMISSION"
}

Example response (403, Cannot detach last clinician):


{
    "message": "Cannot detach patient's last clinician",
    "code": "USERS:DETACH:CANNOT_DETACH_LAST_CLINICIAN"
}

Example response (404, User not found):


{
    "message": "User not found",
    "code": "USERS:DETACH:USER_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Admin access to MFA codes

requires authentication

Requires admin.mfa_access permission.

Example request:

curl --request GET \
    --get "http://localhost:8000/api/user/1/mfa-codes" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/user/1/mfa-codes"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200, OK):


[
    {
        "id": 1,
        "user_id": 1,
        "code": "123456",
        "channel": "email",
        "expires": "2025-05-09 12:00:00"
    }
]

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to access MFA codes",
    "code": "USERS:ADMIN_MFA_ACCESS:INSUFFICIENT_PERMISSION"
}

Example response (404, User not found):


{
    "message": "User not found",
    "code": "USERS:ADMIN_MFA_ACCESS:USER_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Get user mobile consents

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/consents" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/consents"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


[
    {
        "id": 1,
        "user_id": 1,
        "name": "consequatur",
        "value": "eaque",
        "created_at": "1999-02-07T12:57:40.000000Z",
        "updated_at": "1988-01-15T05:51:38.000000Z"
    },
    {
        "id": 2,
        "user_id": 1,
        "name": "ea",
        "value": "fuga",
        "created_at": "1986-12-13T16:47:37.000000Z",
        "updated_at": "1971-01-01T06:38:01.000000Z"
    }
]

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to use mobile consents",
    "code": "USERS:GET_MOBILE_CONSENTS:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Response

Response Fields

id integer

Consent record ID.

user_id integer

Associated user ID.

name string

Consent name/key.

value string

Consent value.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Set user mobile consent

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/consents" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"name\": \"Push notifications\",
    \"value\": 1
}"

const url = new URL(
    "http://localhost:8000/api/consents"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "name": "Push notifications",
    "value": 1
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (200):


[
    {
        "id": 3,
        "user_id": 1,
        "name": "dignissimos",
        "value": "dignissimos",
        "created_at": "1995-12-28T03:52:57.000000Z",
        "updated_at": "2009-05-23T22:37:10.000000Z"
    },
    {
        "id": 4,
        "user_id": 1,
        "name": "exercitationem",
        "value": "dolore",
        "created_at": "2006-05-11T04:46:38.000000Z",
        "updated_at": "2012-09-24T08:44:22.000000Z"
    }
]

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to use mobile consents",
    "code": "USERS:SET_MOBILE_CONSENTS:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/consents

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

name string

Consent name. Example: Push notifications

value string

Consent value. Example: 1

Response

Response Fields

id integer

Consent record ID.

user_id integer

Associated user ID.

name string

Consent name/key.

value string

Consent value.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Clear user notifications

requires authentication

Clearing notifications allow to receive another notification on same day. This endpoint deletes notifications of type:

daily activity reminders
goals daily summary

    This endpoint is intended for testing use only.

Example request:

curl --request DELETE \
    "http://localhost:8000/api/notifications/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/notifications/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "DELETE",
    headers,
}).then(response => response.json());

Example response (202, OK):


{
    "messages": "1 notifications deleted",
    "code": "USERS:CLEAR_NOTIFICATIONS:CLEARED"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to update user data",
    "code": "USERS:CLEAR_NOTIFICATIONS:INSUFFICIENT_PERMISSION"
}

Example response (404, User not found):


{
    "message": "User not found",
    "code": "USERS:CLEAR_NOTIFICATIONS:USER_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Versions

API endpoints for versions management

Get software versions

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/versions/software" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/versions/software"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


[
    {
        "id": 1,
        "name": "1.4.19",
        "created_at": "2026-06-02T13:56:21.000000Z",
        "updated_at": "2026-06-02T13:56:21.000000Z"
    },
    {
        "id": 2,
        "name": "4.13.38",
        "created_at": "2026-06-02T13:56:22.000000Z",
        "updated_at": "2026-06-02T13:56:22.000000Z"
    }
]

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to list versions",
    "code": "SOFTWARE_VERSION:LIST:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Response

Response Fields

id integer

Software version ID.

name string

Version name.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Create software version

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/versions/software" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"name\": \"1.0\"
}"

const url = new URL(
    "http://localhost:8000/api/versions/software"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "name": "1.0"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (201):


{
    "id": 3,
    "name": "6.76.73",
    "created_at": "2026-06-02T13:56:22.000000Z",
    "updated_at": "2026-06-02T13:56:22.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to create versions",
    "code": "SOFTWARE_VERSION:CREATE:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Response

Response Fields

id integer

Software version ID.

name string

Version name.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Delete software version

requires authentication

Example request:

curl --request DELETE \
    "http://localhost:8000/api/versions/software/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/versions/software/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "DELETE",
    headers,
}).then(response => response.json());

Example response (202, OK):


{
    "message": "Version deleted",
    "code": "SOFTWARE_VERSION:DELETE:DELETED"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to delete versions",
    "code": "SOFTWARE_VERSION:DELETE:INSUFFICIENT_PERMISSION"
}

Example response (403, Version in use (compatibility)):


{
    "message": "Cannot delete: version is used in compatibility entries (1)",
    "code": "SOFTWARE_VERSION:DELETE:VERSION_IN_USE_COMPATIBILITY"
}

Example response (404, Version not found):


{
    "message": "Version not found",
    "code": "SOFTWARE_VERSION:DELETE:VERSION_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Get firmware versions

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/versions/firmware" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/versions/firmware"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


[
    {
        "id": 2,
        "name": "4.58.20",
        "file_firmware": "/tmp/faker791Lz2",
        "file_firmware_v2": "/tmp/faker4ui1qM",
        "file_firmware_v3": "/tmp/fakerLnmkbP",
        "file_firmware_v4": "/tmp/fakerkN1BTG",
        "file_firmware_v5": "/tmp/fakerRgaTzx",
        "file_firmware_new_pcb": "/tmp/fakerS5Eqfm",
        "file_bootloader": "/tmp/fakerYhAvxG",
        "file_bootloader_v2": "/tmp/fakerU61STQ",
        "file_bootloader_v3": "/tmp/fakerd7O2Vl",
        "file_bootloader_v4": "/tmp/faker9YeBhd",
        "changelog": "Facilis qui ut tempore quia. Repellendus eum et voluptatem iure. Sed hic consequatur et quis incidunt.",
        "created_at": "2026-06-02T13:56:22.000000Z",
        "updated_at": "2026-06-02T13:56:22.000000Z"
    },
    {
        "id": 3,
        "name": "9.22.78",
        "file_firmware": "/tmp/fakerWQzLQp",
        "file_firmware_v2": "/tmp/fakerQYGWSC",
        "file_firmware_v3": "/tmp/fakerHBLC0u",
        "file_firmware_v4": "/tmp/fakert3qN9Y",
        "file_firmware_v5": "/tmp/fakeryggB9R",
        "file_firmware_new_pcb": "/tmp/fakerUf7a9S",
        "file_bootloader": "/tmp/faker2mxzaf",
        "file_bootloader_v2": "/tmp/fakerrFYe6j",
        "file_bootloader_v3": "/tmp/fakereACfvr",
        "file_bootloader_v4": "/tmp/fakerPSILSY",
        "changelog": "Aut aut minus sint minus quia pariatur. Blanditiis alias temporibus qui. Molestias cupiditate sunt et quas iure. Id fuga architecto non cumque. Vitae expedita maiores ullam est consequatur rerum.",
        "created_at": "2026-06-02T13:56:22.000000Z",
        "updated_at": "2026-06-02T13:56:22.000000Z"
    }
]

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to list versions",
    "code": "FIRMWARE_VERSION:LIST:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Response

Response Fields

id integer

Firmware version ID.

name string

Version name.

file_firmware string

Firmware file URL.

file_firmware_v2 string

Firmware v2 file URL.

file_firmware_v3 string

Firmware v3 file URL.

file_firmware_v4 string

Firmware v4 file URL.

file_firmware_v5 string

Firmware v5 file URL.

file_firmware_new_pcb string

New PCB firmware file URL.

file_bootloader string

Bootloader file URL.

file_bootloader_v2 string

Bootloader v2 file URL.

file_bootloader_v3 string

Bootloader v3 file URL.

file_bootloader_v4 string

Bootloader v4 file URL.

changelog string

Changelog file URL.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Create firmware version

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/versions/firmware" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: multipart/form-data" \
    --header "Accept: application/json" \
    --form "name=1.0"\
    --form "models[]=1"\
    --form "changelog[][language]=en"\
    --form "changelog[][changelog]=Fixed bug with the connection"\
    --form "file_firmware=@/tmp/php8HnvjS" \
    --form "file_firmware_v2=@/tmp/phpOFJV8s" \
    --form "file_firmware_v3=@/tmp/phpoHIa9z" \
    --form "file_firmware_v4=@/tmp/php14tb6l" \
    --form "file_firmware_v5=@/tmp/phpoTMMZu" \
    --form "file_firmware_new_pcb=@/tmp/phpEDYI0X" \
    --form "file_bootloader=@/tmp/phpfKmDLV" \
    --form "file_bootloader_v2=@/tmp/phptqAUeX" \
    --form "file_bootloader_v3=@/tmp/phpo73ITB" \
    --form "file_bootloader_v4=@/tmp/phpVl7Scn"

const url = new URL(
    "http://localhost:8000/api/versions/firmware"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "multipart/form-data",
    "Accept": "application/json",
};

const body = new FormData();
body.append('name', '1.0');
body.append('models[]', '1');
body.append('changelog[][language]', 'en');
body.append('changelog[][changelog]', 'Fixed bug with the connection');
body.append('file_firmware', document.querySelector('input[name="file_firmware"]').files[0]);
body.append('file_firmware_v2', document.querySelector('input[name="file_firmware_v2"]').files[0]);
body.append('file_firmware_v3', document.querySelector('input[name="file_firmware_v3"]').files[0]);
body.append('file_firmware_v4', document.querySelector('input[name="file_firmware_v4"]').files[0]);
body.append('file_firmware_v5', document.querySelector('input[name="file_firmware_v5"]').files[0]);
body.append('file_firmware_new_pcb', document.querySelector('input[name="file_firmware_new_pcb"]').files[0]);
body.append('file_bootloader', document.querySelector('input[name="file_bootloader"]').files[0]);
body.append('file_bootloader_v2', document.querySelector('input[name="file_bootloader_v2"]').files[0]);
body.append('file_bootloader_v3', document.querySelector('input[name="file_bootloader_v3"]').files[0]);
body.append('file_bootloader_v4', document.querySelector('input[name="file_bootloader_v4"]').files[0]);

fetch(url, {
    method: "POST",
    headers,
    body,
}).then(response => response.json());

Example response (201):


{
    "id": 4,
    "name": "3.2.80",
    "file_firmware": "/tmp/fakerPbmoJx",
    "file_firmware_v2": "/tmp/fakermJQL2c",
    "file_firmware_v3": "/tmp/faker5WMpaq",
    "file_firmware_v4": "/tmp/fakerkjMlpv",
    "file_firmware_v5": "/tmp/fakerkQNsoj",
    "file_firmware_new_pcb": "/tmp/faker748IZ7",
    "file_bootloader": "/tmp/faker2edj5h",
    "file_bootloader_v2": "/tmp/fakervBB2o1",
    "file_bootloader_v3": "/tmp/fakerm5u3mh",
    "file_bootloader_v4": "/tmp/fakerc7Op27",
    "changelog": "Quia ut deleniti ipsa placeat quidem dolor voluptas et. Est aliquid vero ea ipsum sit voluptas.",
    "created_at": "2026-06-02T13:56:22.000000Z",
    "updated_at": "2026-06-02T13:56:22.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to create versions",
    "code": "FIRMWARE_VERSION:CREATE:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/versions/firmware

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: multipart/form-data

Accept

Example: application/json

Body Parameters

name string

Name of version. Example: 1.0

models integer[] optional

Device Model ID. The id of an existing record in the App\Models\DeviceModel table.

file_firmware file optional

Attached firmware file. Must be a file. MAXIMUM:FILE_KB:102400. Example: /tmp/php8HnvjS

file_firmware_v2 file optional

Attached firmware file. Must be a file. MAXIMUM:FILE_KB:102400. Example: /tmp/phpOFJV8s

file_firmware_v3 file optional

Attached firmware file. Must be a file. MAXIMUM:FILE_KB:102400. Example: /tmp/phpoHIa9z

file_firmware_v4 file optional

Attached firmware file. Must be a file. MAXIMUM:FILE_KB:102400. Example: /tmp/php14tb6l

file_firmware_v5 file optional

Attached firmware file. Must be a file. MAXIMUM:FILE_KB:102400. Example: /tmp/phpoTMMZu

file_firmware_new_pcb file optional

Attached firmware for new PCB file. Must be a file. MAXIMUM:FILE_KB:102400. Example: /tmp/phpEDYI0X

file_bootloader file optional

Attached bootloader file. Must be a file. MAXIMUM:FILE_KB:102400. Example: /tmp/phpfKmDLV

file_bootloader_v2 file optional

Attached bootloader file. Must be a file. MAXIMUM:FILE_KB:102400. Example: /tmp/phptqAUeX

file_bootloader_v3 file optional

Attached bootloader file. Must be a file. MAXIMUM:FILE_KB:102400. Example: /tmp/phpo73ITB

file_bootloader_v4 file optional

Attached bootloader file. Must be a file. MAXIMUM:FILE_KB:102400. Example: /tmp/phpVl7Scn

changelog object[] optional

List of changelog translations.

language string optional

Changelog language (2 characters code). Example: en

changelog string optional

Changelog for the version. Example: Fixed bug with the connection

Response

Response Fields

id integer

Firmware version ID.

name string

Version name.

file_firmware string

Firmware file URL.

file_firmware_v2 string

Firmware v2 file URL.

file_firmware_v3 string

Firmware v3 file URL.

file_firmware_v4 string

Firmware v4 file URL.

file_firmware_v5 string

Firmware v5 file URL.

file_firmware_new_pcb string

New PCB firmware file URL.

file_bootloader string

Bootloader file URL.

file_bootloader_v2 string

Bootloader v2 file URL.

file_bootloader_v3 string

Bootloader v3 file URL.

file_bootloader_v4 string

Bootloader v4 file URL.

changelog string

Changelog file URL.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Update firmware version

requires authentication

Example request:

curl --request PUT \
    "http://localhost:8000/api/versions/firmware/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: multipart/form-data" \
    --header "Accept: application/json" \
    --form "name=1.0"\
    --form "models[]=1"\
    --form "file_firmware_delete=1"\
    --form "file_firmware_v2_delete=1"\
    --form "file_firmware_v3_delete=1"\
    --form "file_firmware_v4_delete=1"\
    --form "file_firmware_v5_delete=1"\
    --form "file_firmware_new_pcb_delete=1"\
    --form "file_bootloader_delete=1"\
    --form "file_bootloader_v2_delete=1"\
    --form "file_bootloader_v3_delete=1"\
    --form "file_bootloader_v4_delete=1"\
    --form "changelog[][language]=en"\
    --form "changelog[][changelog]=Fixed bug with the connection"\
    --form "file_firmware=@/tmp/phpCxu4u5" \
    --form "file_firmware_v2=@/tmp/phpOAroHg" \
    --form "file_firmware_v3=@/tmp/phpI9qZeS" \
    --form "file_firmware_v4=@/tmp/phpRckc91" \
    --form "file_firmware_v5=@/tmp/php9VAunW" \
    --form "file_firmware_new_pcb=@/tmp/phptDdd7u" \
    --form "file_bootloader=@/tmp/phpMsjUyH" \
    --form "file_bootloader_v2=@/tmp/phpT9DRWO" \
    --form "file_bootloader_v3=@/tmp/php8ZYGOG" \
    --form "file_bootloader_v4=@/tmp/phpc3FDta"

const url = new URL(
    "http://localhost:8000/api/versions/firmware/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "multipart/form-data",
    "Accept": "application/json",
};

const body = new FormData();
body.append('name', '1.0');
body.append('models[]', '1');
body.append('file_firmware_delete', '1');
body.append('file_firmware_v2_delete', '1');
body.append('file_firmware_v3_delete', '1');
body.append('file_firmware_v4_delete', '1');
body.append('file_firmware_v5_delete', '1');
body.append('file_firmware_new_pcb_delete', '1');
body.append('file_bootloader_delete', '1');
body.append('file_bootloader_v2_delete', '1');
body.append('file_bootloader_v3_delete', '1');
body.append('file_bootloader_v4_delete', '1');
body.append('changelog[][language]', 'en');
body.append('changelog[][changelog]', 'Fixed bug with the connection');
body.append('file_firmware', document.querySelector('input[name="file_firmware"]').files[0]);
body.append('file_firmware_v2', document.querySelector('input[name="file_firmware_v2"]').files[0]);
body.append('file_firmware_v3', document.querySelector('input[name="file_firmware_v3"]').files[0]);
body.append('file_firmware_v4', document.querySelector('input[name="file_firmware_v4"]').files[0]);
body.append('file_firmware_v5', document.querySelector('input[name="file_firmware_v5"]').files[0]);
body.append('file_firmware_new_pcb', document.querySelector('input[name="file_firmware_new_pcb"]').files[0]);
body.append('file_bootloader', document.querySelector('input[name="file_bootloader"]').files[0]);
body.append('file_bootloader_v2', document.querySelector('input[name="file_bootloader_v2"]').files[0]);
body.append('file_bootloader_v3', document.querySelector('input[name="file_bootloader_v3"]').files[0]);
body.append('file_bootloader_v4', document.querySelector('input[name="file_bootloader_v4"]').files[0]);

fetch(url, {
    method: "PUT",
    headers,
    body,
}).then(response => response.json());

Example response (201):


{
    "id": 5,
    "name": "8.60.71",
    "file_firmware": "/tmp/fakerh1z48u",
    "file_firmware_v2": "/tmp/fakerN0JbRX",
    "file_firmware_v3": "/tmp/faker09zG1q",
    "file_firmware_v4": "/tmp/fakermBe0eW",
    "file_firmware_v5": "/tmp/fakerOMiu3Q",
    "file_firmware_new_pcb": "/tmp/fakervq3MAf",
    "file_bootloader": "/tmp/fakerun7tnG",
    "file_bootloader_v2": "/tmp/fakerdfAnSi",
    "file_bootloader_v3": "/tmp/fakerHB7kgo",
    "file_bootloader_v4": "/tmp/faker69yc1I",
    "changelog": "Dignissimos cupiditate vel ad aut. Cumque nulla ut laborum nobis. Quia voluptatem et temporibus eum natus dolores. Corrupti at reprehenderit tenetur autem.",
    "created_at": "2026-06-02T13:56:22.000000Z",
    "updated_at": "2026-06-02T13:56:22.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to update versions",
    "code": "FIRMWARE_VERSION:UPDATE:INSUFFICIENT_PERMISSION"
}

Example response (404, Version not found):


{
    "message": "Version not found",
    "code": "FIRMWARE_VERSION:UPDATE:VERSION_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

PUT api/versions/firmware/{id}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: multipart/form-data

Accept

Example: application/json

URL Parameters

id integer

Firmware Version ID. Example: 1

Body Parameters

name string optional

Name of version. Example: 1.0

models integer[] optional

Device Model ID. The id of an existing record in the App\Models\DeviceModel table.

file_firmware file optional

Attached firmware file. Must be a file. MAXIMUM:FILE_KB:102400. Example: /tmp/phpCxu4u5

file_firmware_v2 file optional

Attached firmware file. Must be a file. MAXIMUM:FILE_KB:102400. Example: /tmp/phpOAroHg

file_firmware_v3 file optional

Attached firmware file. Must be a file. MAXIMUM:FILE_KB:102400. Example: /tmp/phpI9qZeS

file_firmware_v4 file optional

Attached firmware file. Must be a file. MAXIMUM:FILE_KB:102400. Example: /tmp/phpRckc91

file_firmware_v5 file optional

Attached firmware file. Must be a file. MAXIMUM:FILE_KB:102400. Example: /tmp/php9VAunW

file_firmware_new_pcb file optional

Attached firmware for new PCB file. Must be a file. MAXIMUM:FILE_KB:102400. Example: /tmp/phptDdd7u

file_bootloader file optional

Attached bootloader file. Must be a file. MAXIMUM:FILE_KB:102400. Example: /tmp/phpMsjUyH

file_bootloader_v2 file optional

Attached bootloader file. Must be a file. MAXIMUM:FILE_KB:102400. Example: /tmp/phpT9DRWO

file_bootloader_v3 file optional

Attached bootloader file. Must be a file. MAXIMUM:FILE_KB:102400. Example: /tmp/php8ZYGOG

file_bootloader_v4 file optional

Attached bootloader file. Must be a file. MAXIMUM:FILE_KB:102400. Example: /tmp/phpc3FDta

changelog object[] optional

List of changelog translations.

language string optional

Changelog language (2 characters code). Example: en

changelog string optional

Changelog for the version. Pass "NULL" string to remove the entry for given language. Example: Fixed bug with the connection

file_firmware_delete string optional

Send this parameter with value 1 to remove existing file for file_firmware. Example: 1

file_firmware_v2_delete string optional

Send this parameter with value 1 to remove existing file for file_firmware_v2. Example: 1

file_firmware_v3_delete string optional

Send this parameter with value 1 to remove existing file for file_firmware_v3. Example: 1

file_firmware_v4_delete string optional

Send this parameter with value 1 to remove existing file for file_firmware_v4. Example: 1

file_firmware_v5_delete string optional

Send this parameter with value 1 to remove existing file for file_firmware_v5. Example: 1

file_firmware_new_pcb_delete string optional

Send this parameter with value 1 to remove existing file for file_firmware_new_pcb. Example: 1

file_bootloader_delete string optional

Send this parameter with value 1 to remove existing file for file_bootloader. Example: 1

file_bootloader_v2_delete string optional

Send this parameter with value 1 to remove existing file for file_bootloader_v2. Example: 1

file_bootloader_v3_delete string optional

Send this parameter with value 1 to remove existing file for file_bootloader_v3. Example: 1

file_bootloader_v4_delete string optional

Send this parameter with value 1 to remove existing file for file_bootloader_v4. Example: 1

Response

Response Fields

id integer

Firmware version ID.

name string

Version name.

file_firmware string

Firmware file URL.

file_firmware_v2 string

Firmware v2 file URL.

file_firmware_v3 string

Firmware v3 file URL.

file_firmware_v4 string

Firmware v4 file URL.

file_firmware_v5 string

Firmware v5 file URL.

file_firmware_new_pcb string

New PCB firmware file URL.

file_bootloader string

Bootloader file URL.

file_bootloader_v2 string

Bootloader v2 file URL.

file_bootloader_v3 string

Bootloader v3 file URL.

file_bootloader_v4 string

Bootloader v4 file URL.

changelog string

Changelog file URL.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Delete firmware version

requires authentication

Example request:

curl --request DELETE \
    "http://localhost:8000/api/versions/firmware/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/versions/firmware/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "DELETE",
    headers,
}).then(response => response.json());

Example response (202, OK):


{
    "message": "Version deleted",
    "code": "FIRMWARE_VERSION:DELETE:DELETED"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to delete versions",
    "code": "FIRMWARE_VERSION:DELETE:INSUFFICIENT_PERMISSION"
}

Example response (403, Version in use (compatibility)):


{
    "message": "Cannot delete: version is used in compatibility entries (1)",
    "code": "FIRMWARE_VERSION:DELETE:VERSION_IN_USE_COMPATIBILITY"
}

Example response (403, Version in use (device)):


{
    "message": "Cannot delete: version is assigned to devices (1)",
    "code": "FIRMWARE_VERSION:DELETE:VERSION_IN_USE_DEVICE"
}

Example response (404, Version not found):


{
    "message": "Version not found",
    "code": "FIRMWARE_VERSION:DELETE:VERSION_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Get PCB versions

requires authentication

Example request:

curl --request GET \
    --get "http://localhost:8000/api/versions/pcb" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/versions/pcb"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


[
    {
        "id": 2,
        "name": "2.39.61",
        "hardware_id": "",
        "created_at": "2026-06-02T13:56:22.000000Z",
        "updated_at": "2026-06-02T13:56:22.000000Z"
    },
    {
        "id": 3,
        "name": "5.40.25",
        "hardware_id": "",
        "created_at": "2026-06-02T13:56:22.000000Z",
        "updated_at": "2026-06-02T13:56:22.000000Z"
    }
]

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to list versions",
    "code": "PCB_VERSION:LIST:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Response

Response Fields

id integer

PCB version ID.

name string

Version name.

hardware_id string

Hardware identifier.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Create PCB version

requires authentication

Example request:

curl --request POST \
    "http://localhost:8000/api/versions/pcb" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"name\": \"1.0\",
    \"models\": [
        1
    ],
    \"hardware_id\": \"1\"
}"

const url = new URL(
    "http://localhost:8000/api/versions/pcb"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "name": "1.0",
    "models": [
        1
    ],
    "hardware_id": "1"
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (201):


{
    "id": 4,
    "name": "6.11.40",
    "hardware_id": "",
    "created_at": "2026-06-02T13:56:22.000000Z",
    "updated_at": "2026-06-02T13:56:22.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to create versions",
    "code": "PCB_VERSION:CREATE:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/versions/pcb

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

name string

Name of version. Example: 1.0

models integer[] optional

Device Model ID. The id of an existing record in the App\Models\DeviceModel table.

hardware_id string

Hardware ID name. Example: 1

Response

Response Fields

id integer

PCB version ID.

name string

Version name.

hardware_id string

Hardware identifier.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Update PCB version

requires authentication

Example request:

curl --request PUT \
    "http://localhost:8000/api/versions/pcb/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"name\": \"1.0\",
    \"models\": [
        1
    ],
    \"hardware_id\": \"1\"
}"

const url = new URL(
    "http://localhost:8000/api/versions/pcb/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "name": "1.0",
    "models": [
        1
    ],
    "hardware_id": "1"
};

fetch(url, {
    method: "PUT",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (201):


{
    "id": 5,
    "name": "5.88.43",
    "hardware_id": "",
    "created_at": "2026-06-02T13:56:22.000000Z",
    "updated_at": "2026-06-02T13:56:22.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to update versions",
    "code": "PCB_VERSION:UPDATE:INSUFFICIENT_PERMISSION"
}

Example response (404, Version not found):


{
    "message": "Version not found",
    "code": "PCB_VERSION:UPDATE:VERSION_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

PUT api/versions/pcb/{id}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

id integer

PCB Version ID. Example: 1

Body Parameters

name string optional

Name of version. Example: 1.0

models integer[] optional

Device Model ID. The id of an existing record in the App\Models\DeviceModel table.

hardware_id string optional

Hardware ID name. Example: 1

Response

Response Fields

id integer

PCB version ID.

name string

Version name.

hardware_id string

Hardware identifier.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

Delete PCB version

requires authentication

Example request:

curl --request DELETE \
    "http://localhost:8000/api/versions/pcb/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/versions/pcb/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "DELETE",
    headers,
}).then(response => response.json());

Example response (202, OK):


{
    "message": "Version deleted",
    "code": "PCB_VERSION:DELETE:DELETED"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to delete versions",
    "code": "PCB_VERSION:DELETE:INSUFFICIENT_PERMISSION"
}

Example response (403, Version in use (compatibility)):


{
    "message": "Cannot delete: version is used in compatibility entries (1)",
    "code": "PCB_VERSION:DELETE:VERSION_IN_USE_COMPATIBILITY"
}

Example response (403, Version in use (device)):


{
    "message": "Cannot delete: version is assigned to devices (1)",
    "code": "PCB_VERSION:DELETE:VERSION_IN_USE_DEVICE"
}

Example response (404, Version not found):


{
    "message": "Version not found",
    "code": "PCB_VERSION:DELETE:VERSION_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

List compatibilities

requires authentication

Most typical scenarios to use compatibility matrix:

full matrix (no filters) - for admin panel displaying,
filtered by all of the versions (software, firmware, PCB and device model) - for checking specific scenario compatibility and supported features.

Example request:

curl --request GET \
    --get "http://localhost:8000/api/versions/compatibility?model=1&software=1.2&firmware=1.5&pcb=1.0&summary=" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/versions/compatibility"
);

const params = {
    "model": "1",
    "software": "1.2",
    "firmware": "1.5",
    "pcb": "1.0",
    "summary": "0",
};
Object.keys(params)
    .forEach(key => url.searchParams.append(key, params[key]));

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


{
    "paginator": {
        "total": 2,
        "count": 2,
        "perpage": 20,
        "current_page": 1,
        "last_page": 1
    },
    "items": [
        {
            "id": 1,
            "device_model_id": 10,
            "software_version_id": 4,
            "firmware_version_id": 14,
            "pcb_version_id": 6,
            "is_fully_compatible": 1,
            "created_at": "2026-06-02T13:56:22.000000Z",
            "updated_at": "2026-06-02T13:56:22.000000Z",
            "features": [
                {
                    "id": 1,
                    "compatibility_id": 1,
                    "feature_id": 5,
                    "is_compatible": 0,
                    "reason": "Totam sint vero facilis earum aut quos quidem nostrum. Eum enim veritatis quos ad molestiae qui. Nisi magnam ratione veniam. Et aut officia sunt et itaque maxime.",
                    "created_at": "2026-06-02T13:56:22.000000Z",
                    "updated_at": "2026-06-02T13:56:22.000000Z",
                    "feature": {
                        "id": 5,
                        "name": "teal",
                        "slug": "ad-sunt-magni-quis-quis",
                        "created_at": "2026-06-02T13:56:22.000000Z",
                        "updated_at": "2026-06-02T13:56:22.000000Z"
                    }
                },
                {
                    "id": 2,
                    "compatibility_id": 1,
                    "feature_id": 7,
                    "is_compatible": 1,
                    "reason": "Iure suscipit alias vitae possimus quibusdam praesentium nemo. Eum et nihil quos. Omnis dolore harum tenetur voluptatem corrupti velit blanditiis qui.",
                    "created_at": "2026-06-02T13:56:22.000000Z",
                    "updated_at": "2026-06-02T13:56:22.000000Z",
                    "feature": {
                        "id": 7,
                        "name": "navy",
                        "slug": "repellat-quisquam-magni-aperiam-labore",
                        "created_at": "2026-06-02T13:56:22.000000Z",
                        "updated_at": "2026-06-02T13:56:22.000000Z"
                    }
                },
                {
                    "id": 3,
                    "compatibility_id": 1,
                    "feature_id": 9,
                    "is_compatible": 0,
                    "reason": "Id exercitationem rerum sint temporibus consectetur. Quisquam pariatur ut voluptas excepturi eos libero architecto. Quam doloribus dolor consectetur quo nihil perspiciatis.",
                    "created_at": "2026-06-02T13:56:22.000000Z",
                    "updated_at": "2026-06-02T13:56:22.000000Z",
                    "feature": {
                        "id": 9,
                        "name": "blue",
                        "slug": "magnam-sint-tempore-cupiditate-assumenda-rerum-tenetur",
                        "created_at": "2026-06-02T13:56:22.000000Z",
                        "updated_at": "2026-06-02T13:56:22.000000Z"
                    }
                }
            ]
        },
        {
            "id": 5,
            "device_model_id": 14,
            "software_version_id": 8,
            "firmware_version_id": 18,
            "pcb_version_id": 10,
            "is_fully_compatible": 0,
            "created_at": "2026-06-02T13:56:22.000000Z",
            "updated_at": "2026-06-02T13:56:22.000000Z",
            "features": [
                {
                    "id": 4,
                    "compatibility_id": 5,
                    "feature_id": 10,
                    "is_compatible": 1,
                    "reason": "Odit enim inventore laborum ratione sint. Aperiam voluptatem molestiae aut alias delectus quibusdam et.",
                    "created_at": "2026-06-02T13:56:22.000000Z",
                    "updated_at": "2026-06-02T13:56:22.000000Z",
                    "feature": {
                        "id": 10,
                        "name": "blue",
                        "slug": "officiis-quos-et-illum-eius-eos-voluptatem",
                        "created_at": "2026-06-02T13:56:22.000000Z",
                        "updated_at": "2026-06-02T13:56:22.000000Z"
                    }
                },
                {
                    "id": 5,
                    "compatibility_id": 5,
                    "feature_id": 12,
                    "is_compatible": 0,
                    "reason": "Non ab placeat exercitationem dolores vero eum iste quia. Quisquam magnam nemo voluptatum unde sequi. Quos et iste vel ut tempora. Et laborum ipsam explicabo aut est rerum cumque.",
                    "created_at": "2026-06-02T13:56:22.000000Z",
                    "updated_at": "2026-06-02T13:56:22.000000Z",
                    "feature": {
                        "id": 12,
                        "name": "white",
                        "slug": "error-quo-in-illo-numquam-aliquid",
                        "created_at": "2026-06-02T13:56:22.000000Z",
                        "updated_at": "2026-06-02T13:56:22.000000Z"
                    }
                },
                {
                    "id": 6,
                    "compatibility_id": 5,
                    "feature_id": 14,
                    "is_compatible": 1,
                    "reason": "Ducimus natus et sed ducimus. Autem beatae sit quia qui eos. Magni est omnis ut et et a officia. Hic sint adipisci maxime. Velit qui est illo.",
                    "created_at": "2026-06-02T13:56:22.000000Z",
                    "updated_at": "2026-06-02T13:56:22.000000Z",
                    "feature": {
                        "id": 14,
                        "name": "aqua",
                        "slug": "nihil-dolores-neque-saepe-inventore",
                        "created_at": "2026-06-02T13:56:22.000000Z",
                        "updated_at": "2026-06-02T13:56:22.000000Z"
                    }
                }
            ]
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to list versions compatibilities",
    "code": "COMPATIBILITY:LIST:INSUFFICIENT_PERMISSION"
}

Example response (404, Device model not found):


{
    "message": "Device model not found",
    "code": "COMPATIBILITY:LIST:DEVICE_MODEL_NOT_FOUND"
}

Example response (404, Software version not found):


{
    "message": "Software version not found",
    "code": "COMPATIBILITY:LIST:SOFTWARE_VERSION_NOT_FOUND"
}

Example response (404, Firmware version not found):


{
    "message": "Firmware version not found",
    "code": "COMPATIBILITY:LIST:FIRMWARE_VERSION_NOT_FOUND"
}

Example response (404, PCB version not found):


{
    "message": "PCB version not found",
    "code": "COMPATIBILITY:LIST:PCB_VERSION_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

GET api/versions/compatibility

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Query Parameters

model integer optional

Filter compatibility matrix by device model ID. Example: 1

software string optional

Filter compatibility matrix by software version name (not ID!). Example: 1.2

firmware string optional

Filter compatibility matrix by firmware version name (not ID!). Example: 1.5

pcb string optional

Filter compatibility matrix by PCB version name (not ID!). Example: 1.0

summary boolean optional true false

Add to response the device model, software, firmware and PCB entries used to filter the list. Example: false

perpage integer optional

Elements per page (Default: 20).

page integer optional

Page number (Default: 1).

extend string optional

Comma-separated list of relation extensions (available: features, features.feature, deviceModel, softwareVersion, firmwareVersion, pcbVersion).

Response

Response Fields

items object

id integer

Compatibility entry ID.

device_model_id integer

Associated device model ID.

software_version_id integer

Associated software version ID.

firmware_version_id integer

Associated firmware version ID.

pcb_version_id integer

Associated PCB version ID.

is_fully_compatible boolean

Whether all versions are fully compatible.

note string

Compatibility note.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

features object[]

Associated compatibility features.

paginator object

total integer

Total number of items.

count integer

Number of items on current page.

perpage integer

Items per page.

current_page integer

Current page number.

last_page integer

Last page number.

Add compatibility

requires authentication

Adds or updates compatibility matrix with assigned features. You can specify many versions for each list.

Example request:

curl --request POST \
    "http://localhost:8000/api/versions/compatibility" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"device_models\": [
        1
    ],
    \"software_versions\": [
        1
    ],
    \"firmware_versions\": [
        1
    ],
    \"pcb_versions\": [
        1
    ],
    \"is_fully_compatible\": true,
    \"features\": [
        {
            \"feature_id\": 1,
            \"compatible\": true,
            \"reason\": \"Firmware does not support...\"
        }
    ]
}"

const url = new URL(
    "http://localhost:8000/api/versions/compatibility"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "device_models": [
        1
    ],
    "software_versions": [
        1
    ],
    "firmware_versions": [
        1
    ],
    "pcb_versions": [
        1
    ],
    "is_fully_compatible": true,
    "features": [
        {
            "feature_id": 1,
            "compatible": true,
            "reason": "Firmware does not support..."
        }
    ]
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (202, OK):


{
    "added": 1,
    "updated": 0,
    "not_changed": 0
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to add versions compatibility",
    "code": "COMPATIBILITY:ADD:INSUFFICIENT_PERMISSION"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/versions/compatibility

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

Body Parameters

device_models integer[] optional

Array of Device Model IDs. The id of an existing record in the App\Models\DeviceModel table.

software_versions integer[] optional

Array of Software Version IDs. The id of an existing record in the App\Models\SoftwareVersion table.

firmware_versions integer[] optional

Array of Firmware Version IDs. The id of an existing record in the App\Models\FirmwareVersion table.

pcb_versions integer[] optional

Array of PCB Version IDs. The id of an existing record in the App\Models\PCBVersion table.

is_fully_compatible boolean optional true false

Is this set of versions fully compatible?. Example: true

features object[] optional

Array of features to be assigned to this set of versions.

feature_id string optional

Product feature ID. The id of an existing record in the App\Models\ProductFeature table. Example: 1

compatible boolean optional true false

Is this feature compatible?. Example: true

reason string optional

Reason of incompatibility. Example: Firmware does not support...

Update compatibility

requires authentication

Example request:

curl --request PUT \
    "http://localhost:8000/api/versions/compatibility/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"device_model_id\": 5,
    \"software_version_id\": 14,
    \"firmware_version_id\": 10,
    \"pcb_version_id\": 13,
    \"is_fully_compatible\": true,
    \"features\": [
        {
            \"id\": 1,
            \"feature_id\": 1,
            \"compatible\": true,
            \"reason\": \"Firmware does not support...\",
            \"delete\": true
        }
    ]
}"

const url = new URL(
    "http://localhost:8000/api/versions/compatibility/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "device_model_id": 5,
    "software_version_id": 14,
    "firmware_version_id": 10,
    "pcb_version_id": 13,
    "is_fully_compatible": true,
    "features": [
        {
            "id": 1,
            "feature_id": 1,
            "compatible": true,
            "reason": "Firmware does not support...",
            "delete": true
        }
    ]
};

fetch(url, {
    method: "PUT",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (202):


{
    "id": 9,
    "device_model_id": 18,
    "software_version_id": 12,
    "firmware_version_id": 22,
    "pcb_version_id": 14,
    "is_fully_compatible": 1,
    "created_at": "2026-06-02T13:56:22.000000Z",
    "updated_at": "2026-06-02T13:56:22.000000Z",
    "features": [
        {
            "id": 7,
            "compatibility_id": 9,
            "feature_id": 15,
            "is_compatible": 1,
            "reason": "Aut qui accusamus ea vel vitae. Dolores voluptas rerum molestiae ut omnis. Unde reiciendis tenetur earum incidunt voluptates.",
            "created_at": "2026-06-02T13:56:22.000000Z",
            "updated_at": "2026-06-02T13:56:22.000000Z",
            "feature": {
                "id": 15,
                "name": "black",
                "slug": "minus-quia-tempora-et-et",
                "created_at": "2026-06-02T13:56:22.000000Z",
                "updated_at": "2026-06-02T13:56:22.000000Z"
            }
        }
    ]
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to update versions compatibility",
    "code": "COMPATIBILITY:UPDATE:INSUFFICIENT_PERMISSION"
}

Example response (404, Versions Compatibility not found):


{
    "message": "Versions compatibility not found",
    "code": "COMPATIBILITY:UPDATE:COMPATIBILITY_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

PUT api/versions/compatibility/{id}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

id integer

Versions Compatibility ID. Example: 1

Body Parameters

device_model_id integer optional

Device Model ID. The id of an existing record in the App\Models\DeviceModel table. Example: 5

software_version_id integer optional

Software Version ID. The id of an existing record in the App\Models\SoftwareVersion table. Example: 14

firmware_version_id integer optional

Firmware Version ID. The id of an existing record in the App\Models\FirmwareVersion table. Example: 10

pcb_version_id integer optional

PCB Version ID. The id of an existing record in the App\Models\PCBVersion table. Example: 13

is_fully_compatible boolean optional true false

Is this set of versions fully compatible?. Example: true

features object[] optional

Array of features to be assigned to this set of versions.

id string optional

Versions compatibility feature ID. Use with delete parameter to delete specific entry. Do not confuse with feature_id, this field refers to ID of relation between versions compatibility and product feature. The id of an existing record in the App\Models\VersionsCompatibilityFeature table. Example: 1

feature_id string optional

Product feature ID. The id of an existing record in the App\Models\ProductFeature table. Example: 1

compatible boolean optional true false

Is this feature compatible?. Example: true

reason string optional

Reason of incompatibility. Example: Firmware does not support...

delete boolean optional true false

Pass 1 to detach feature from this set of versions, skip otherwise. Example: true

Response

Response Fields

id integer

Compatibility entry ID.

device_model_id integer

Associated device model ID.

software_version_id integer

Associated software version ID.

firmware_version_id integer

Associated firmware version ID.

pcb_version_id integer

Associated PCB version ID.

is_fully_compatible boolean

Whether all versions are fully compatible.

note string

Compatibility note.

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

features object[]

Associated compatibility features.

Delete compatibility

requires authentication

Example request:

curl --request DELETE \
    "http://localhost:8000/api/versions/compatibility/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/versions/compatibility/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "DELETE",
    headers,
}).then(response => response.json());

Example response (202, OK):


{
    "message": "Versions compatibility deleted",
    "code": "COMPATIBILITY:DELETE:DELETED"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to delete versions compatibility",
    "code": "COMPATIBILITY:DELETE:INSUFFICIENT_PERMISSION"
}

Example response (404, Versions compatibility not found):


{
    "message": "Versions compatibility not found",
    "code": "COMPATIBILITY:DELETE:COMPATIBILITY_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Video sessions

API endpoints for managing video sessions

List video sessions

requires authentication

Returns list of open video sessions. For most cases there should be exactly one entry (open/active session) or exactly zero entries (empty array, no open sessions).

Example request:

curl --request GET \
    --get "http://localhost:8000/api/sessions/video/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/sessions/video/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "GET",
    headers,
}).then(response => response.json());

Example response (200):


[
    {
        "id": 1,
        "moderator_id": 122,
        "guest_id": 123,
        "jwt_moderator": "23bc33010aed6038ae8649405ceccdcf6c410a477bbef4e8817c4c2fbbcb0410",
        "jwt_guest": "0d70cb19155f9e14a81ad11b426f26e0aa9e422282b30109b43742d69d4aa009",
        "room_name": "room_64b0e6541c1c7940fb5ab1ae0e6f7479",
        "expires": 1780409423,
        "status": "open",
        "created_at": "2026-06-02T13:55:24.000000Z",
        "updated_at": "2026-06-02T13:55:24.000000Z"
    },
    {
        "id": 2,
        "moderator_id": 126,
        "guest_id": 127,
        "jwt_moderator": "030dcc016d94c345c4598ec9db4564d55c051ed309db760b83dfebb412ba1a54",
        "jwt_guest": "805da05b1874cb9a6b1b269b03c4e2a3c934ccaf805773c42f7dfe7d7e4c0f39",
        "room_name": "room_64836479e28b91d969fe8a793ee2dd9b",
        "expires": 1780409425,
        "status": "open",
        "created_at": "2026-06-02T13:55:26.000000Z",
        "updated_at": "2026-06-02T13:55:26.000000Z"
    }
]

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to access video session",
    "code": "VIDEO_SESSIONS:LIST:INSUFFICIENT_PERMISSION"
}

Example response (404, User not found):


{
    "message": "User not found",
    "code": "VIDEO_SESSIONS:LIST:USER_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Response

Response Fields

id integer

Video session ID.

moderator_id integer

Moderator user ID.

guest_id integer

Guest user ID.

jwt_moderator string

JWT token for the moderator.

jwt_guest string

JWT token for the guest.

room_name string

Video room name.

expires integer

Session expiry as Unix timestamp.

status string

Session status.

Must be one of:

open
expired
closed

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

moderator object

Moderator user.

guest object

Guest user.

Initialize video session

requires authentication

Creates JWT (JSON Web Token) and room name for Jitsi session. Logged-in user is a moderator of the session. JWT lifetime is 15 minutes.

Example request:

curl --request POST \
    "http://localhost:8000/api/sessions/video/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/sessions/video/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "POST",
    headers,
}).then(response => response.json());

Example response (201):


{
    "id": 3,
    "moderator_id": 130,
    "guest_id": 131,
    "jwt_moderator": "66edb88db3de725c776ec0a337abd58964a07945f252ca79e01494cb64668004",
    "jwt_guest": "05221f05f82e83ba89dc822df688a681d42a7ec97d61618b7e0f9dfe14e6130c",
    "room_name": "room_aa97c797ef3944b76f536560273f2337",
    "expires": 1780409427,
    "status": "open",
    "created_at": "2026-06-02T13:55:28.000000Z",
    "updated_at": "2026-06-02T13:55:28.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to initialize video session",
    "code": "VIDEO_SESSIONS:INIT:INSUFFICIENT_PERMISSION"
}

Example response (404, User not found):


{
    "message": "User not found",
    "code": "VIDEO_SESSIONS:INIT:USER_NOT_FOUND"
}

Example response (500, Server error):


{
    "message": "Server error",
    "code": "VIDEO_SESSIONS:INIT:SERVER_ERROR"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Response

Response Fields

id integer

Video session ID.

moderator_id integer

Moderator user ID.

guest_id integer

Guest user ID.

jwt_moderator string

JWT token for the moderator.

jwt_guest string

JWT token for the guest.

room_name string

Video room name.

expires integer

Session expiry as Unix timestamp.

status string

Session status.

Must be one of:

open
expired
closed

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

moderator object

Moderator user.

guest object

Guest user.

Refresh video session

requires authentication

Refreshes video session JWT tokens to extend session lifetime.

Example request:

curl --request POST \
    "http://localhost:8000/api/sessions/video/1/refresh" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/sessions/video/1/refresh"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "POST",
    headers,
}).then(response => response.json());

Example response (202):


{
    "id": 4,
    "moderator_id": 134,
    "guest_id": 135,
    "jwt_moderator": "80c980ff9125cd274a3a1cd88cd9dfa4ba0bec9c6336182c78095a90db65b1de",
    "jwt_guest": "23bc33010aed6038ae8649405ceccdcf6c410a477bbef4e8817c4c2fbbcb0410",
    "room_name": "room_eb80f32cc868ebd15a61b41559004224",
    "expires": 1780409428,
    "status": "open",
    "created_at": "2026-06-02T13:55:29.000000Z",
    "updated_at": "2026-06-02T13:55:29.000000Z"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to refresh video session",
    "code": "VIDEO_SESSIONS:REFRESH:INSUFFICIENT_PERMISSION"
}

Example response (404, Session not found):


{
    "message": "Video session not found",
    "code": "VIDEO_SESSIONS:REFRESH:SESSION_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Response

Response Fields

id integer

Video session ID.

moderator_id integer

Moderator user ID.

guest_id integer

Guest user ID.

jwt_moderator string

JWT token for the moderator.

jwt_guest string

JWT token for the guest.

room_name string

Video room name.

expires integer

Session expiry as Unix timestamp.

status string

Session status.

Must be one of:

open
expired
closed

created_at string

Creation timestamp.

updated_at string

Last update timestamp.

moderator object

Moderator user.

guest object

Guest user.

Close video session

requires authentication

Marks video session (database entry) as closed. Does not close session on Jitsi side.

Example request:

curl --request DELETE \
    "http://localhost:8000/api/sessions/video/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json"

const url = new URL(
    "http://localhost:8000/api/sessions/video/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

fetch(url, {
    method: "DELETE",
    headers,
}).then(response => response.json());

Example response (202, OK):


{
    "message": "Video session closed",
    "code": "VIDEO_SESSIONS:CLOSE:CLOSED"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to close video session",
    "code": "VIDEO_SESSIONS:CLOSE:INSUFFICIENT_PERMISSION"
}

Example response (404, Session not found):


{
    "message": "Video session not found",
    "code": "VIDEO_SESSIONS:CLOSE:SESSION_NOT_FOUND"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Invite technical support

requires authentication

Sends notification to Slack channel. Link to meeting is valid for 10 minutes.

Example request:

curl --request POST \
    "http://localhost:8000/api/sessions/video/invite-support/1" \
    --header "Authorization: Bearer {ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    --header "Accept: application/json" \
    --data "{
    \"room\": \"room_1081c785cf1464e4d6ebc3976561d490\",
    \"description\": \"Grip switching is not working, please join.\"
}"

const url = new URL(
    "http://localhost:8000/api/sessions/video/invite-support/1"
);

const headers = {
    "Authorization": "Bearer {ACCESS_TOKEN}",
    "Content-Type": "application/json",
    "Accept": "application/json",
};

let body = {
    "room": "room_1081c785cf1464e4d6ebc3976561d490",
    "description": "Grip switching is not working, please join."
};

fetch(url, {
    method: "POST",
    headers,
    body: JSON.stringify(body),
}).then(response => response.json());

Example response (200, OK):


{
    "response": "success",
    "code": "VIDEO_SESSIONS:INVITE_TECH_SUPPORT:SUCCESS"
}

Example response (403, Insufficient permission):


{
    "message": "Insufficient permission to invite tech support",
    "code": "VIDEO_SESSIONS:INVITE_TECH_SUPPORT:INSUFFICIENT_PERMISSION"
}

Example response (404, Device not found):


{
    "message": "Device not found",
    "code": "VIDEO_SESSIONS:INVITE_TECH_SUPPORT:DEVICE_NOT_FOUND"
}

Example response (500, Request failed):


{
    "response": "invalid_payload",
    "code": "VIDEO_SESSIONS:INVITE_TECH_SUPPORT:FAILED"
}

Received response:

Request failed with error:



Tip: Check that you're properly connected to the network.
If you're a maintainer of ths API, verify that your API is running and you've enabled CORS.
You can check the Dev Tools console for debugging information.

Request

POST api/sessions/video/invite-support/{deviceId}

Headers

Authorization

Example: Bearer {ACCESS_TOKEN}

Content-Type

Example: application/json

Accept

Example: application/json

URL Parameters

deviceId integer

Device ID (current device of the session). Example: 1

Body Parameters

room string

Name of Jitsi room to connect. Example: room_1081c785cf1464e4d6ebc3976561d490

description string optional

Description of problem provided by clinician. Example: Grip switching is not working, please join.