Events overview

The Fullscript events endpoint that lets you request a list of recent events and pull details for each. It’s the functional opposite of our webhook system, which pushes notifications to you.

There’s no subscription process for events. Your app requests events on-demand or at regularly scheduled intervals.

You have access to events for the last 30 days (filterable by day) in the following categories, each with their own endpoint inside /events:


Events are not created for changes made through our REST API (except those made via the draft/new treatment plan redirect links or through Fullscript.js). We assume that since you initiated the event, you already know about it!

When you call any of the event endpoints, you get a list of applicable event ids. Use retrieve an event to request the event details, including the clinic_id for the clinic that caused this event.


Consider keeping a list of events your app processed in the last 30 days. This ensures you don’t waste time on an event you’ve already handled.

Event access

To access the event list and event details calls, your app needs to include the OAuth bearer token of a user who has successfully authorized your application for the relevant scopes. Do not use a revoked or expired token.

curl "" \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer XXXXXXXXXXXXXXXXXXXX'


If you want to check for events at several points during the day, you may need a keep-alive mechanism for at least one user token.

The bearer token you use is affects which events returned.


Only the events that happen at the clinic the user is registered with can be accessed with their token.

If your app only supports one Fullscript clinic, there’s nothing else you need to do. But if you plan to support multiple clinics, you need to call the endpoint on behalf of a user of each configured clinic.

Imagine your app is a health portal for physiotherapy centers. If you only support one center, all your physios, staff, and patients are part of the same center. No matter whose OAuth token you use, you receive events for the Fullscript clinic associated with that center.

Let’s imagine this physiotherapist center was in Washington, but the owner has a friend with a center in New York. The New York center also uses Fullscript, but they have their own Fullscript clinic. No doubt there are several changes you need to make to your software to support multiple physio centers. Among these is a change to make your app poll the Fullscript events endpoint on behalf of each Fullscript clinic.

centers.forEach(center => {
  // check for new patient orders at this center, use a bearer token for a user from the current center

In our example where you support a center in Washington and a separate one in New York (each with its own Fullscript clinic), you need to call the events endpoint once with a bearer token for a user in Washington, and once with a token for a user in New York.

Note that the clinic is specified implicitly, through the bearer token.