Account

The Account Object represents a user account within an Organization. 
_id
ObjectId
The account identifier.
access
Number
The current caller's context access level.
activationRequired
Boolean
True if the account must be activated before use. Dependant on Org settings.
age
Number
The age of the account holder (based on the dob property).
connections
Reference[]
Connections associated with the Account.
created
Date
The date the context was created.
dob
Date
Account holder date of birth.
email*
String
The email address for the account and must be unique within the Org.
favorite
Boolean
Tags the context as a favorite, which can then be filtered using the API.
gender
String
Account holder gender. Available values are:
f - Female
m - Male
n - Neither
o - Other
t - Trans
u - Unspecified
image
File
The account profile image.
inherited_roles
ObjectId[]
Any roles that are inherited from my current role. If my current role has no sub-roles then this is an empty array.
key
Document
A fingerprint and secret, re-generated on password change. Useful for client-side PHI encryption/caching scenarios, it is available to the account holder for the life of an authenticated session.
mobile
String
The mobile number of the account holder. This number should be capable of receiving SMS messages and must be in E.164 format.
name
Document
Name of the account holder (split into first and last names as well as optional prefix, middle, suffix and additional[]).
object
String
The context’s object name.
preferences
Document
The account preferences.
profile
Document
The account profile.
roles
ObjectId[]
Account roles (e.g. Provider, Administrator, Developer). Accounts can have more than one role.
shared
Boolean
True if there are any active or pending connections for this context.
state
String
Current state for the account. (e.g. unverified, verified)
tz
String
Timezone for the account. This helps determine UTC offset when working in scripts. The timezone must by a unique identifier for an IANA assigned zone, e.g. "US/Pacific"
updated
Date
The date the latest update was made to a context’s properties
updater
Reference
The account id of the context updater
Example Account Object
{
    "_id": "54c66edac364f2201b78c34e",
    "access": 6,
    "dob": "1975-01-26",
    "email": "[email protected]",
    "favorite": false,
    "gender": "m",
    "key": {
        "fingerprint": "094be6f0-a57b-11e4-9323-d35446f5af36",
        "secret": "P07uqKLlXDWjj3s85TGJt4BXSuSCFlpx"
    },
    "locale": "en_US",
    "locked": false,
    "mobile": "15551234567",
    "name": {
        "first": "John",
        "last": "Smith"
    },
    "object": "account",
    "preferences": {
        "notifications": [
            {
                "label": "Custom Notifier",
                "name": "c_notifier",
                "_id": "56cbfddcba9ef5257bf48513",
                "endpoints": [
                    {
                        "_id": "456e64706f696e7420536d73",
                        "enabled": false,
                        "label": "SMS",
                        "name": "sms"
                    },
                    {
                        "_id": "456e64706f696e7420456d6c",
                        "enabled": true,
                        "label": "Email",
                        "name": "email"
                    }
                ]
            }
        ]
    },
    "profile": {
        "provider": {
            "affiliation": "None",
            "license": {
                "number": "777",
                "state": "Alabama"
            },
            "npi": "798798798",
            "specialty": "Allergy and Immunology",
            "state": "processing",
            "visibility": {
                "provider": false,
                "public": false
            }
        }
    },
    "roles": [
        "000000000000000000000005"
    ],
    "shared": false,
    "state": "verified",
    "updated": "2015-03-12T18:47:34.010Z"
}
get
https://api.dev.medable.com/
your_org_name/v2/accounts
List
$.ajax({
    url: "https://api.dev.medable.com/example/v2/accounts?paths[]=name",
    method: "GET",
    dataType : "json",
    xhrFields: {
        withCredentials: true
    },
    headers: {
        "Medable-Client-Key": "GsAqlhnIMzrDeD8V2MBQWq"
    }
}).done(function(data) {
    // ...
});
get
https://api.dev.medable.com/
your_org_name/v2/accounts/account_id
Read
$.ajax({
    url: "https://api.dev.medable.com/example/v2/accounts/5525fc2db7995d2c2807632a",
    method: "GET",
    dataType : "json",
    xhrFields: {
        withCredentials: true
    },
    headers: {
        "Medable-Client-Key": "GsAqlhnIMzrDeD8V2MBQWq"
    }
}).done(function(data) {
    // ...
});
get
https://api.dev.medable.com/
your_org_name/v2/accounts/me
Current User
$.ajax({
    url: "https://api.dev.medable.com/example/v2/accounts/me",
    method: "GET",
    dataType : "json",
    xhrFields: {
        withCredentials: true
    },
    headers: {
        "Medable-Client-Key": "GsAqlhnIMzrDeD8V2MBQWq"
    }
}).done(function(data) {
    // ...
});
post
https://api.dev.medable.com/
your_org_name/v2/accounts/register
Register
$.ajax({
    url: "https://api.dev.medable.com/example/v2/accounts/register",
    method: "POST",
    dataType : "json",
    xhrFields: {
        withCredentials: true
    },
    headers: {
        "Medable-Client-Key": "GsAqlhnIMzrDeD8V2MBQWq"
    },
    data: {
    "name": {
        "first": "Charles",
        "last": "Best"
    },
    "email": "[email protected]",
    "gender": "m",
    "dob": "1899-02-27",
    "mobile": "1-650-555-5555",
    "password": "Thanks for the break, Banting!"
}
}).done(function(data) {
    // ...
});
post
 
https://api.dev.medable.com/your_org_name/v2/accounts/login
Login
$.ajax({
    url: "https://api.dev.medable.com/example/v2/accounts/login",
    method: "POST",
    dataType : "json",
    xhrFields: {
        withCredentials: true
    },
    headers: {
        "Medable-Client-Key": "GsAqlhnIMzrDeD8V2MBQWq"
    },
    data: {
    "email": "[email protected]",
    "password": "this is not my passphrase",
    "location": {
        "verificationToken": "123456",
        "locationName": "New Orleans",
        "singleUse": true
    }
}
}).done(function(data) {
    // ...
});
post
https://api.dev.medable.com
/your_org_name/v2/accounts/me/logout
Logout
$.ajax({
    url: "https://api.dev.medable.com/example/v2/accounts/me/logout",
    method: "POST",
    dataType : "json",
    xhrFields: {
        withCredentials: true
    },
    headers: {
        "Medable-Client-Key": "GsAqlhnIMzrDeD8V2MBQWq"
    }
}).done(function(data) {
    // ...
});
post
https://api.dev.medable.com
/your_org_name/v2/accounts/request-password-reset
Request Password Reset
$.ajax({
    url: "https://api.dev.medable.com/example/v2/accounts/request-password-reset",
    method: "POST",
    dataType : "json",
    xhrFields: {
        withCredentials: true
    },
    headers: {
        "Medable-Client-Key": "GsAqlhnIMzrDeD8V2MBQWq"
    },
    data: {
    "email": "[email protected]"
}
}).done(function(data) {
    // ...
});
Example:
1.Request Password Reset gets called
2.Medable sends the email with a one-time secure reset password token (string)
3.The user opens that email and clicks a link which has this token as a url parameter
4.User gets navigated to a Medable web GUI for setting the new password
You can override the destination link in part 4 to be your own page on your own domain for app look and feel consistency.
post
https://api.dev.medable.com
/your_org_name/accounts/me/update-password
Update My Password
$.ajax({
    url: "https://api.dev.medable.com/example/v2/accounts/me/update-password",
    method: "POST",
    dataType : "json",
    xhrFields: {
        withCredentials: true
    },
    headers: {
        "Medable-Client-Key": "GsAqlhnIMzrDeD8V2MBQWq"
    },
    data: {
    "current": "this is not my passphrase",
    "password": "correct horse battery staple"
}
}).done(function(data) {
    // ...
});
post
https://api.dev.medable.com
/your_org_name/accounts/reset-password
Update Password (Token)
$.ajax({
    url: "https://api.dev.medable.com/example/v2/accounts/reset-password",
    method: "POST",
    dataType : "json",
    xhrFields: {
        withCredentials: true
    },
    headers: {
        "Medable-Client-Key": "GsAqlhnIMzrDeD8V2MBQWq"
    },
    data: {
    "token": "kPBg3AACpwTzhiOpUTz2i2koJqqot70M",
    "password": "here's a new passphrase!"
}
}).done(function(data) {
    // ...
});
post
https://api.dev.medable.com
/your_org_name/v2/token
Verify Email From Token
$.ajax({
    url: "https://api.dev.medable.com/example/v2/accounts/lBMSJWtqKVdx8Z888syX6axpCk2j7eYm",
    method: "POST",
    dataType : "json",
    xhrFields: {
        withCredentials: true
    },
    headers: {
        "Medable-Client-Key": "GsAqlhnIMzrDeD8V2MBQWq"
    }
}).done(function(data) {
    // ...
});
post
https://api.dev.medable.com
/your_org_name/v2/accounts/me/resend-verification
Resend Email Verification
$.ajax({
    url: "https://api.dev.medable.com/example/v2/accounts/me/resend-verification",
    method: "POST",
    dataType : "json",
    xhrFields: {
        withCredentials: true
    },
    headers: {
        "Medable-Client-Key": "GsAqlhnIMzrDeD8V2MBQWq"
    }
}).done(function(data) {
    // ...
});
put
https://api.dev.medable.com
/your_org_name/v2/accounts/me/resend-verification
Update
$.ajax({
    url: "https://api.dev.medable.com/example/v2/accounts/586eb9ef64129a5f3631a0ca",
    method: "PUT",
    dataType : "json",
    xhrFields: {
        withCredentials: true
    },
    headers: {
        "Medable-Client-Key": "GsAqlhnIMzrDeD8V2MBQWq"
    },
    data: {
    "name": {
        "first":"Bob",
        "last":"Dole"
    }
}
}).done(function(data) {
    // ...
});
Due to security reasons, we do not allow modifying of the email address of a given account.
patch
https://api.dev.medable.com/
your_org_name/v2/accounts/account_id
Update
$.ajax({
    url: "https://api.dev.medable.com/example/v2/accounts/586eb9ef64129a5f3631a0ca",
    method: "PATCH",
    dataType : "json",
    xhrFields: {
        withCredentials: true
    },
    headers: {
        "Medable-Client-Key": "GsAqlhnIMzrDeD8V2MBQWq"
    },
    data: { 
      	"op": "push", 
      	"path": "/roles", 
      	"value": "587012227d67efea0843fa80" 
    }
}).done(function(data) {
    // ...
});

Organization

Connections

Last modified 2yr ago

_id ObjectId	The account identifier.
access Number	The current caller's context access level.
activationRequired Boolean	True if the account must be activated before use. Dependant on Org settings.
age Number	The age of the account holder (based on the dob property).
connections Reference[]	Connections associated with the Account.
created Date	The date the context was created.
dob Date	Account holder date of birth.
email* String	The email address for the account and must be unique within the Org.
favorite Boolean	Tags the context as a favorite, which can then be filtered using the API.
gender String	Account holder gender. Available values are: `f` - Female `m` - Male `n` - Neither `o` - Other `t` - Trans `u` - Unspecified
image File	The account profile image.
inherited_roles ObjectId[]	Any roles that are inherited from my current role. If my current role has no sub-roles then this is an empty array.
key Document	A fingerprint and secret, re-generated on password change. Useful for client-side PHI encryption/caching scenarios, it is available to the account holder for the life of an authenticated session.
mobile String	The mobile number of the account holder. This number should be capable of receiving SMS messages and must be in E.164 format.
name Document	Name of the account holder (split into first and last names as well as optional prefix, middle, suffix and additional[]).
object String	The context’s object name.
preferences Document	The account preferences.
profile Document	The account profile.
roles ObjectId[]	Account roles (e.g. Provider, Administrator, Developer). Accounts can have more than one role.
shared Boolean	True if there are any active or pending connections for this context.
state String	Current state for the account. (e.g. unverified, verified)
tz String	Timezone for the account. This helps determine UTC offset when working in scripts. The timezone must by a unique identifier for an IANA assigned zone, e.g. "US/Pacific"
updated Date	The date the latest update was made to a context’s properties
updater Reference	The account id of the context updater