Endpoint Reference
Every data endpoint lives under /api/v1, requires a Bearer access token, and
is gated by exactly one scope plus an active consent grant. List endpoints are
paginated and return { data: [...], pagination: {...} }. Single-object
endpoints return { data: {...} }.
Base URL: https://dperspective.galacticgeeks.com
Common conventions
Pagination
| Parameter | Type | Default | Notes |
|---|---|---|---|
page | integer ≥ 1 | 1 | Page number. |
pageSize | integer 1–100 | 20 | Items per page; capped at 100. |
{
"data": [ /* ... */ ],
"pagination": { "page": 1, "pageSize": 20, "total": 137, "totalPages": 7 }
}Errors
Every data endpoint may return UNSUPPORTED_VERSION, RATE_LIMITED,
UNAUTHORIZED, TOKEN_EXPIRED, INSUFFICIENT_SCOPE, CONSENT_REQUIRED,
ACCESS_NOT_RECORDED, or INTERNAL_ERROR. See Errors.
Health data (scope-wise)
Health data is not a single endpoint. Each metric category has its own
endpoint and its own scope, so an app reads only the categories the user
consented to. All category endpoints are paginated and return the same field
set: id, type, value, unit, timestamp, source.
GET /api/v1/health-data/{category}
Lists the user’s readings for one metric category, newest first.
Category ({category}) | Scope | Metric types returned |
|---|---|---|
heart | read:health-data:heart | Heart Rate, Resting HR, Walking HR, HRV, ECG |
blood-pressure | read:health-data:blood-pressure | Blood Pressure, BP Diastolic |
oxygen | read:health-data:oxygen | SPO2 |
respiratory | read:health-data:respiratory | Respiratory Rate, Respiratory |
glucose | read:health-data:glucose | Glucose |
temperature | read:health-data:temperature | Temperature |
activity | read:health-data:activity | Steps, Distance, Calories, Basal Calories, Exercise, Flights |
sleep | read:health-data:sleep | Sleep, Sleep Deep, Sleep Core, Sleep REM, Sleep Awake, Time in Bed |
body-composition | read:health-data:body-composition | Weight, Height, BMI, Body Fat |
mindfulness | read:health-data:mindfulness | Mindfulness |
- Query:
page,pageSize
Request
curl "https://dperspective.galacticgeeks.com/api/v1/health-data/heart?pageSize=2" \
-H "Authorization: Bearer <access_token>"A category scope only ever returns its own metric types. To read multiple
categories, request multiple read:health-data:* scopes — the user can
approve any subset.
GET /api/v1/aggregations
Returns a server-computed summary over the user’s health data (latest per type, averages, min/max, out-of-range counts). Derived; no raw records.
- Scope:
read:aggregations
GET /api/v1/trends
Returns bucketized trend points (hourly/daily) over the user’s health data.
- Scope:
read:trends - Query:
type(metric type),bucket(hour|day), plus pagination.
Symptoms
GET /api/v1/symptoms
Lists logged symptoms.
- Scope:
read:symptoms - Fields:
id,description,severity,timestamp
Medications
GET /api/v1/medications
Lists the user’s medications.
- Scope:
read:medications - Fields:
id,name,dosage,frequency,condition,pattern
GET /api/v1/medications/{id}/adherence
Returns the adherence history for one owned medication.
- Scope:
read:medications - Path:
id— the medication id.
Returns NOT_FOUND (404) if the medication id does not exist or is not
owned by the authenticated user — the two cases are indistinguishable, to
prevent enumeration.
Conditions
GET /api/v1/conditions
- Scope:
read:conditions - Fields:
id,name,severity,sinceDate
Allergies
GET /api/v1/allergies
- Scope:
read:allergies - Fields:
id,name,severity,sinceDate
Appointments
GET /api/v1/appointments
- Scope:
read:appointments - Fields:
id,title,dateTime,specialty,location
Weight
GET /api/v1/weight
- Scope:
read:weight - Fields:
id,weightKg,date
Mood
GET /api/v1/mood
- Scope:
read:mood - Fields:
id,mood,note,timestamp
Reports
GET /api/v1/reports
Lists generated health reports (summary representation only).
- Scope:
read:reports - Fields:
id,generatedAt,dateRange,summary
Profile
GET /api/v1/profile
Returns the user’s demographics as a single object.
- Scope:
read:profile - Fields:
name,gender,dateOfBirth,bloodType
EHR
GET /api/v1/ehr
Lists EHR-derived records imported from a connected provider.
- Scope:
read:ehr - Fields:
id,resourceType,summary,timestamp
OAuth, developer & consent endpoints
These sit outside /api/v1. The /oauth/* endpoints authenticate with
clientId/clientSecret; the /developer/* and /partner/consent/*
endpoints authenticate with the end-user session.
| Method | Path | Auth | Description |
|---|---|---|---|
POST | /oauth/authorize | client | Start the authorization-code flow; create a pending approval. |
POST | /oauth/token | client | Exchange a code or refresh token; client-credentials grant. |
POST | /oauth/revoke | client | Revoke an access or refresh token. |
POST | /developer/apps | session | Register an app (returns the secret once). |
POST | /developer/apps/:clientId/rotate-secret | session (owner) | Rotate the client secret. |
POST | /developer/apps/:clientId/status | session (owner) | Set status: active / suspended / revoked. |
GET | /partner/consent/pending | session | List pending approvals. |
POST | /partner/consent/pending/:id/approve | session | Approve requested scopes (≥ 1). |
POST | /partner/consent/pending/:id/deny | session | Deny a pending approval. |
GET | /partner/consent/grants | session | List the user’s consent grants. |
DELETE | /partner/consent/grants/:id | session | Revoke a grant (cascades to tokens). |