Clinics API
import { Badge } from ‘@astrojs/starlight/components’;
Clinics
Section titled “Clinics”GET /api/clinics/settings
Section titled “GET /api/clinics/settings”Get all clinic settings including WhatsApp configuration.
Response 200:
{ "id": "uuid", "name": "Clínica San Salvador", "slug": "clinica-san-salvador-abc123", "phone": "+50399999999", "address": "Avenida Principal 123", "city": "San Salvador", "country": "El Salvador", "timezone": "America/El_Salvador", "currency": "USD", "logo_url": "https://...", "whatsapp_phone_number_id": "123456789", "whatsapp_business_account_id": "waba_123", "whatsapp_access_token": "EAAOKw...****", "whatsapp_verify_token": "verify_abc123", "whatsapp_status": "active", "bot_enabled": true, "is_active": true, "subscription_plan": "pro", "subscription_expires_at": "2025-12-31T00:00:00Z"}Note: whatsapp_access_token is masked — the first 8 characters are shown, the rest replaced with ****. To update the token, send the full new token value.
PATCH /api/clinics/settings
Section titled “PATCH /api/clinics/settings”Update clinic settings.
Request (all fields optional):
{ "name": "New Clinic Name", "phone": "+50399999999", "address": "Calle Nueva 456", "city": "Santa Ana", "timezone": "America/El_Salvador", "currency": "USD", "whatsapp_phone_number_id": "new_id", "whatsapp_business_account_id": "new_waba", "whatsapp_access_token": "EAANew...", "whatsapp_verify_token": "new_verify_token", "bot_enabled": true}If whatsapp_access_token contains ...****, it is not updated (masked value from GET response was re-submitted).
Response 200: Updated settings object
GET /api/clinics/me
Section titled “GET /api/clinics/me”Get current clinic info (unmasked, no access token).
Auth: Required
Response 200:
{ "id": "uuid", "name": "Clínica San Salvador", "slug": "clinica-san-salvador-abc123", "phone": "+50399999999", "address": "Avenida Principal 123", "city": "San Salvador", "country": "El Salvador", "timezone": "America/El_Salvador", "currency": "USD", "logo_url": "https://...", "is_active": true, "subscription_plan": "pro", "whatsapp_phone_number_id": "123456789", "whatsapp_business_account_id": "waba_123"}PUT /api/clinics/profile
Section titled “PUT /api/clinics/profile”Update clinic name, contact info, and location.
Auth: Admin only
Request:
{ "name": "Clínica San Salvador", "phone": "+50399999999", "address": "Avenida Principal 123", "city": "San Salvador", "timezone": "America/El_Salvador", "currency": "USD"}Response 200: Updated profile
PUT /api/clinics/whatsapp-config
Section titled “PUT /api/clinics/whatsapp-config”Update WhatsApp Meta Cloud API credentials.
Auth: Admin only
Request:
{ "phoneNumberId": "123456789", "businessAccountId": "waba_123456789", "accessToken": "EAAJ...", "verifyToken": "your_verify_token"}accessToken is encrypted with AES-256 before storage.
Response 200:
{ "message": "WhatsApp configuration updated successfully" }WhatsApp Onboarding Endpoints
Section titled “WhatsApp Onboarding Endpoints”See WhatsApp Setup Guide for the full onboarding flow.
POST /api/whatsapp/start
Section titled “POST /api/whatsapp/start”Begin WhatsApp number registration via Meta OTP.
Auth: Admin only
Request:
{ "phone": "+50377654321", "otpMethod": "sms", "wabaId": "waba_123456789", "accessToken": "EAAJ..."}otpMethod: sms or voice
Response 200: { "status": "pending_otp" }
POST /api/whatsapp/verify-otp
Section titled “POST /api/whatsapp/verify-otp”Submit the OTP received from Meta.
Auth: Admin only
Request: { "code": "123456" }
Response 200: { "status": "active" | "verifying" }
GET /api/whatsapp/status
Section titled “GET /api/whatsapp/status”Poll current WhatsApp connection status.
Auth: Admin only
Response 200:
{ "status": "disconnected | pending_otp | verifying | active | failed", "number": "+50377654321", "detail": "Status message or error"}POST /api/whatsapp/disconnect
Section titled “POST /api/whatsapp/disconnect”Deregister the WhatsApp number and disable the bot.
Auth: Admin only
Response 200: { "status": "disconnected" }