Skip to content

Live API Documentation

Interactive API documentation powered by FastAPI's auto-generated OpenAPI spec.

Direct Access

You can also access the Swagger UI directly at services.curaway.ai/docs

API Base URL

Environment URL
Production https://services.curaway.ai/api/v1/
Local http://localhost:8000/api/v1/

Authentication

All endpoints require an X-Tenant-ID header that identifies the calling tenant. In production, authentication is handled via Clerk JWT tokens passed as Bearer tokens in the Authorization header. The backend validates the JWT signature, extracts the tenant claim, and cross-references it against the X-Tenant-ID header to prevent tenant spoofing.

For local development, you can bypass Clerk by setting AUTH_DISABLED=true in your .env file, but you still need to supply a valid X-Tenant-ID header (e.g., tenant-apollo-001).

Example Request

curl -X GET "https://services.curaway.ai/api/v1/cases/" \
  -H "Authorization: Bearer <clerk-jwt-token>" \
  -H "X-Tenant-ID: tenant-apollo-001" \
  -H "Content-Type: application/json"

Key Endpoint Groups

Group Prefix Description
Cases /cases/ Case lifecycle management, AI-powered chat, EHR summary generation, document checklist tracking
Patients /patients/ Patient CRUD operations, duplicate matching, profile merging
Providers /providers/ Provider listing, filtering by country/specialty, detail retrieval
Doctors /doctors/ Doctor profiles, search by specialty/language, procedure associations
Documents /uploads/ Presigned URL generation for Cloudflare R2, upload confirmation with OCR processing
FHIR /fhir/ Clinical resource retrieval in FHIR R4 format (Patient, Condition, Procedure, Observation)
Consent /consent/ GDPR-compliant consent capture, revocation, and audit trail
Search /search/ Semantic provider search using Qdrant vector similarity
Procedures /procedures/ Procedure requirement definitions with country-level inheritance

Rate Limiting

API rate limits are enforced per tenant via Upstash Redis:

Tier Requests/min Burst
Free 60 10
Pro 300 50
Enterprise 1000 200

Rate limit headers are included in every response:

  • X-RateLimit-Limit -- Maximum requests per window
  • X-RateLimit-Remaining -- Remaining requests in current window
  • X-RateLimit-Reset -- Unix timestamp when the window resets

Versioning

The API is versioned via the URL path (/api/v1/). When breaking changes are introduced, a new version prefix will be added (e.g., /api/v2/). The previous version will remain available for a deprecation period of at least 90 days.

OpenAPI Spec

The raw OpenAPI 3.1 JSON spec is available at:

  • Production: https://services.curaway.ai/openapi.json
  • Local: http://localhost:8000/openapi.json

You can import this spec into tools like Postman, Insomnia, or any OpenAPI-compatible client.