Skip to main content
The Patients API allows you to create, retrieve, update, and delete patient records in the OdontologyApp system.

Authentication

All endpoints require authentication. Users must have appropriate permissions:
  • VIEW_PATIENTS - View patient records
  • CREATE_PATIENTS - Create new patients
  • EDIT_PATIENTS - Update patient information
  • DELETE_PATIENTS - Delete patient records

Base Endpoints

List Patients

curl -X GET "https://your-domain.com/api/patients?query=john" \
  -H "Cookie: session=your-session-token"
Retrieve a list of all patients with optional search filtering.
query
string
Search query to filter patients by name, cedula, or other fields
success
boolean
Indicates if the request was successful
patients
array
Array of patient objects
{
  "success": true,
  "patients": [
    {
      "id": 1,
      "medrecno": "P-2024-0001",
      "first_name": "John",
      "last_name": "Doe",
      "cedula": "12345678",
      "birth_date": "1990-05-15",
      "phone": "+1234567890",
      "email": "[email protected]",
      "sex": "male",
      "blood_group": "O+",
      "allergies": "Penicillin",
      "branch_id": 1,
      "status": "active"
    }
  ]
}

Create Patient

curl -X POST "https://your-domain.com/api/patients" \
  -H "Content-Type: application/json" \
  -H "Cookie: session=your-session-token" \
  -d '{
    "first_name": "John",
    "last_name": "Doe",
    "cedula": "12345678",
    "birth_date": "1990-05-15",
    "phone": "+1234567890",
    "email": "[email protected]",
    "sex": "male",
    "blood_group": "O+",
    "allergies": "Penicillin",
    "branch_id": 1
  }'
Create a new patient record.
first_name
string
required
Patient’s first name
last_name
string
required
Patient’s last name
cedula
string
required
Patient’s identification number (must be unique)
birth_date
string
Date of birth in YYYY-MM-DD format
phone
string
Contact phone number
email
string
Email address (must be unique)
sex
string
Gender: “male”, “female”, or “otro” (default: “otro”)
blood_group
string
Blood type (e.g., “O+”, “A-”)
allergies
string
Known allergies
branch_id
integer
ID of the branch to associate with this patient
{
  "success": true,
  "id": 42,
  "medrecno": "P-2024-0042"
}

Get Patient Details

curl -X GET "https://your-domain.com/api/patients/1" \
  -H "Cookie: session=your-session-token"
Retrieve detailed information about a specific patient.
id
integer
required
Patient ID
{
  "success": true,
  "patient": {
    "id": 1,
    "medrecno": "P-2024-0001",
    "first_name": "John",
    "last_name": "Doe",
    "cedula": "12345678",
    "birth_date": "1990-05-15",
    "phone": "+1234567890",
    "email": "[email protected]",
    "sex": "male",
    "blood_group": "O+",
    "allergies": "Penicillin",
    "branch_id": 1,
    "status": "active",
    "created_at": "2024-01-15T10:30:00Z"
  }
}

Update Patient

curl -X PUT "https://your-domain.com/api/patients/1" \
  -H "Content-Type: application/json" \
  -H "Cookie: session=your-session-token" \
  -d '{
    "first_name": "John",
    "last_name": "Smith",
    "cedula": "12345678",
    "phone": "+1234567899",
    "status": "active"
  }'
Update an existing patient’s information.
id
integer
required
Patient ID to update
first_name
string
required
Patient’s first name
last_name
string
required
Patient’s last name
cedula
string
required
Patient’s identification number
birth_date
string
Date of birth
phone
string
Contact phone number
email
string
Email address
sex
string
Gender
blood_group
string
Blood type
allergies
string
Known allergies
branch_id
integer
Branch ID
status
string
Patient status (default: “active”)
{
  "success": true,
  "message": "Paciente actualizado correctamente"
}

Delete Patient

curl -X DELETE "https://your-domain.com/api/patients?id=1" \
  -H "Cookie: session=your-session-token"
Delete a patient record from the system.
id
integer
required
ID of the patient to delete
{
  "success": true,
  "message": "Paciente eliminado"
}

Patient Sub-Resources

Get Patient Appointments

curl -X GET "https://your-domain.com/api/patients/1/appointments" \
  -H "Cookie: session=your-session-token"
Retrieve all appointments for a specific patient. Permission Required: VIEW_APPOINTMENTS 
{
  "success": true,
  "appointments": [
    {
      "id": 10,
      "patient_id": 1,
      "doctor_id": 2,
      "branch_id": 1,
      "appointment_date": "2024-03-20",
      "appointment_time": "10:00:00",
      "duration_minutes": 30,
      "status": "scheduled",
      "notes": "Regular checkup"
    }
  ]
}

Create Patient Appointment

curl -X POST "https://your-domain.com/api/patients/1/appointments" \
  -H "Content-Type: application/json" \
  -H "Cookie: session=your-session-token" \
  -d '{
    "doctor_id": 2,
    "branch_id": 1,
    "appointment_date": "2024-03-20",
    "appointment_time": "10:00",
    "duration_minutes": 30,
    "notes": "Regular checkup"
  }'
Permission Required: CREATE_APPOINTMENTS
doctor_id
integer
required
ID of the doctor
branch_id
integer
required
ID of the branch
appointment_date
string
required
Date in YYYY-MM-DD format
appointment_time
string
required
Time in HH:MM format
duration_minutes
integer
Duration in minutes (default: 30)
notes
string
Additional notes

Get Patient Odontogram

curl -X GET "https://your-domain.com/api/patients/1/odontogram" \
  -H "Cookie: session=your-session-token"
Retrieve the dental chart (odontogram) for a patient. Permission Required: VIEW_ODONTOGRAM 
{
  "success": true,
  "tooth_states": {
    "11": "healthy",
    "12": "cavity",
    "21": "filled",
    "22": "healthy"
  }
}

Update Tooth State

curl -X POST "https://your-domain.com/api/patients/1/odontogram" \
  -H "Content-Type: application/json" \
  -H "Cookie: session=your-session-token" \
  -d '{
    "tooth_number": "12",
    "state": "cavity",
    "notes": "Small cavity detected"
  }'
Permission Required: EDIT_ODONTOGRAM
tooth_number
string
required
Tooth number (FDI notation)
state
string
State of the tooth (healthy, cavity, filled, missing, etc.)
notes
string
Additional notes about the tooth

Get Medical Records

curl -X GET "https://your-domain.com/api/patients/1/records" \
  -H "Cookie: session=your-session-token"
Retrieve all medical records for a patient. Permission Required: VIEW_MEDICAL_RECORDS 
{
  "success": true,
  "records": [
    {
      "id": 5,
      "patient_id": 1,
      "doctor_id": 2,
      "motif": "Tooth pain",
      "diagnosis": "Cavity in molar",
      "treatment": "Filling applied",
      "future_plan": "Follow-up in 6 months",
      "next_visit": "2024-09-15",
      "observations": "Patient responded well to treatment",
      "created_at": "2024-03-15T14:30:00Z"
    }
  ]
}

Create Medical Record

curl -X POST "https://your-domain.com/api/patients/1/records" \
  -H "Content-Type: application/json" \
  -H "Cookie: session=your-session-token" \
  -d '{
    "motif": "Tooth pain",
    "diagnosis": "Cavity in molar",
    "treatment": "Filling applied",
    "future_plan": "Follow-up in 6 months",
    "next_visit": "2024-09-15",
    "observations": "Patient responded well"
  }'
Permission Required: CREATE_MEDICAL_RECORDS
motif
string
Reason for visit
diagnosis
string
Medical diagnosis
treatment
string
Treatment provided
future_plan
string
Future treatment plan
next_visit
string
Next scheduled visit date (YYYY-MM-DD)
observations
string
Additional observations
{
  "success": true,
  "message": "Historia clínica añadida correctamente",
  "record_id": 5
}

Error Responses

message
string
Error description
{
  "message": "No autorizado"
}

Source Reference

API implementation can be found in:
  • src/routes/api/patients/+server.js - Main patient endpoints
  • src/routes/api/patients/[id]/+server.js - Individual patient operations
  • src/routes/api/patients/[id]/appointments/+server.js - Patient appointments
  • src/routes/api/patients/[id]/odontogram/+server.js - Dental chart management
  • src/routes/api/patients/[id]/records/+server.js - Medical records

Build docs developers (and LLMs) love

Get started for freeTalk to us