API Reference

The Dexzyle API provides programmatic access to platform features for custom integrations.

COMING SOON

Full API documentation is currently being prepared. Contact integrations@dexzyle.com for early access.

Overview

The Dexzyle REST API allows you to:

• Send and receive messages programmatically
• Query prescription status and timelines
• Upload and retrieve documents
• Manage users and permissions (admin only)
• Subscribe to real-time events via webhooks

Authentication

# Using API Key
curl -H "Authorization: Bearer YOUR_API_KEY" \
  https://api.dexzyle.com/v1/messages

OAuth 2.0

For user-facing applications, use OAuth 2.0 with PKCE:

• Authorization Endpoint: https://auth.dexzyle.com/authorize
• Token Endpoint: https://auth.dexzyle.com/token
• Scopes: messages:read, messages:write, rx:read, documents:read, documents:write

API Keys

For server-to-server integrations:

• Generate keys in the Dexzyle admin panel
• Keys are scoped to specific permissions
• Rotate keys regularly (recommended: 90 days)

Base URL

Production: https://api.dexzyle.com/v1
Sandbox:    https://sandbox-api.dexzyle.com/v1

Rate Limits

• Standard: 1000 requests/minute per customer
• Burst: 100 requests/second
• Headers: X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset

Common Endpoints

Messages

GET    /v1/messages          # List messages
POST   /v1/messages          # Send a message
GET    /v1/messages/:id      # Get message details

Prescriptions

GET    /v1/prescriptions          # List prescriptions
GET    /v1/prescriptions/:id      # Get Rx details
GET    /v1/prescriptions/:id/timeline  # Get status timeline

Documents

GET    /v1/documents          # List documents
POST   /v1/documents          # Upload a document
GET    /v1/documents/:id      # Get document details
GET    /v1/documents/:id/download  # Download file

Users (Admin Only)

GET    /v1/users              # List users
POST   /v1/users/invite       # Invite a new user
GET    /v1/users/:id          # Get user details
PATCH  /v1/users/:id          # Update user
DELETE /v1/users/:id          # Deactivate user

Webhooks

Subscribe to real-time events:

Available Events

• message.sent
• message.received
• prescription.status_changed
• prescription.delayed
• document.uploaded
• user.invited

Webhook Payload Example

{
  "event": "prescription.status_changed",
  "timestamp": "2025-11-26T12:34:56Z",
  "data": {
    "prescription_id": "rx_abc123",
    "resident_id": "res_xyz789",
    "old_status": "pending",
    "new_status": "ready",
    "pharmacy": "Pharmacy ABC"
  },
  "signature": "sha256=..."
}

Webhook Security

• Verify HMAC signature using your webhook secret
• Implement idempotency using event IDs
• Return 200 OK within 5 seconds
• Failed deliveries retried with exponential backoff

Error Handling

Standard Error Response

{
  "error": {
    "code": "invalid_request",
    "message": "Missing required field: recipient_id",
    "details": {
      "field": "recipient_id",
      "reason": "required"
    }
  }
}

Error Codes

• 400 Bad Request - Invalid parameters
• 401 Unauthorized - Missing or invalid authentication
• 403 Forbidden - Insufficient permissions
• 404 Not Found - Resource doesn't exist
• 429 Too Many Requests - Rate limit exceeded
• 500 Internal Server Error - Something went wrong on our end

SDKs & Libraries

Official SDKs (Coming Soon)

• Node.js: npm install @dexzyle/node-sdk
• Python: pip install dexzyle
• Ruby: gem install dexzyle
• PHP: composer require dexzyle/php-sdk

Community Libraries

Check GitHub for community-contributed libraries.

Example Use Cases

1. Send a Secure Message

const dexzyle = require('@dexzyle/node-sdk');

const client = new dexzyle.Client({
  apiKey: process.env.DEXZYLE_API_KEY
});

await client.messages.send({
  recipient_id: 'user_abc123',
  subject: 'Rx Status Update',
  body: 'Prescription ready for pickup',
  resident_id: 'res_xyz789',
  prescription_id: 'rx_def456'
});

2. Check Prescription Status

import dexzyle

client = dexzyle.Client(api_key=os.environ['DEXZYLE_API_KEY'])

rx = client.prescriptions.get('rx_abc123')
print(f"Status: {rx.status}")
print(f"Timeline: {rx.timeline}")

3. Upload a Document

curl -X POST https://api.dexzyle.com/v1/documents \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -F "file=@document.pdf" \
  -F "resident_id=res_xyz789" \
  -F "type=lab_result"

Getting Started

1. Request API Access: Contact integrations@dexzyle.com
2. Get API Credentials: Receive API key or OAuth credentials
3. Test in Sandbox: Use sandbox environment for development
4. Review Documentation: Full Swagger/OpenAPI docs provided upon access
5. Go Live: Switch to production endpoint when ready

Support

• API Support: api@dexzyle.com
• Integration Help: integrations@dexzyle.com
• Status Page: status.dexzyle.com

Changelog

v1.0 (Current)

• Initial API release
• Core messaging, Rx, and document endpoints
• Webhook support
• OAuth 2.0 and API key authentication

Upcoming (v1.1)

• Bulk operations
• Advanced filtering and search
• GraphQL endpoint
• Real-time subscriptions (WebSocket)