GETTING STARTED

Get started with Fullscript APIs

introduction

What is Fullscript?

Integration options

Sign up for API key

HOW TO GUIDES

How-to guides

oAuth

OAuth overview

using OAuth

Setup

Request an auth code

Request an access token

Refresh an access token

Revoke an access token

Fullscript Embed

What is Fullscript Embed?

before you get started

Important links

Development sandbox

Design decisions

using Fullscript Embed

Setup

OAuth and backend work

Add embeddable component

Handle events

Go live

reference

Error handling

Events

Session grant endpoint

fullscript Redirect

What is Fullscript Redirect?

before you get started

Important links

Development sandbox

Design decisions

using Fullscript Redirect

Practitioner workflow planning

Setup

OAuth for user authentication

Treatment plan dynamic link

Other useful info from Fullscript

Go live

webhooks

What are webhooks?

using webhooks

Subscribe to webhooks

Configure your application for webhooks

Webhook security

Missed and repeated webhooks

Troubleshooting webhooks

available webhooks

Order placed

Lab order updated

Treatment plan created

Treatment plan updated

Treatment plan recommendation updated

Patient created

Patient updated

Patient emancipated

Product created

Product description updated

Product updated

events

Events overview

labs

Labs overview

How to test labs

What are webhooks?

If you’re unfamiliar with webhooks, they are a type of API where we push data to your app instead of you pulling it from Fullscript. To do this, you add a web-accessible endpoint to your app (for example https://example.com/myapp/fullscript-webhook) and register that url with us. You tell us which events you want to know about. When any of those events happen, we’ll reach out to your endpoint and give you a payload with the data about the event.

So for example, when a practitioner activates a treatment plan, our webhooks notify your app about it. And you get all the details of the new treatment plan.

fyi

Our webhooks include special security features that let your app ascertain a payload is coming from us before acting on it.

Webhook events are sent to your registered application endpoint if and only if:

Your application didn’t directly cause the event by calling our REST APIs
AND, you currently have at least one valid (not revoked) OAuth access token
AND, that token has the correct scopes needed for the event that happened

Find more information on webhooks in this how-to guide, and in our reference docs.

important

It’s worth reiterating that webhooks are triggered for actions a practitioner takes through the Fullscript Redirect URL. But they’re not triggered for anything you do specifically through the REST API. For example, if you use the patients endpoint to update the spelling of a Fullscript patient's name, we won't alert you of this since we're pretty sure you already know!

RELATED TOPICS