Authentication
10 endpoints in this category.
POST
/sign-inSign In
Authenticate with email and password. Returns a JWT token and user profile.
Authentication:Not required
Request Body
| Name | Type | Required | Description |
|---|---|---|---|
email | string | Yes | User email address |
password | string | Yes | Account password |
Response Fields
| Name | Type | Required | Description |
|---|---|---|---|
token | string | Yes | JWT Bearer token |
loginData | object | Yes | User profile object |
trial_ends_at | string|null | No | ISO 8601 trial end date |
needs_onboarding | boolean | No | Whether onboarding is required |
Error Codes
| Status | Meaning |
|---|---|
401 | Invalid credentials |
422 | Validation error (missing email or password) |
Code Examples
curl -X POST 'https://visitnote-api-production.up.railway.app/api/therapist/v1/sign-in' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"email": "clinician@example.com",
"password": "securepassword"
}'POST
/sign-in/socialSocial Sign In
Authenticate using a Google or Apple ID token. Returns a JWT token and user profile.
Authentication:Not required
Request Body
| Name | Type | Required | Description |
|---|---|---|---|
provider | string | Yes | 'google' or 'apple' |
id_token | string | Yes | OAuth ID token from provider |
email | string | Yes | User email from provider |
first_name | string | Yes | First name from provider |
last_name | string | Yes | Last name from provider |
Response Fields
| Name | Type | Required | Description |
|---|---|---|---|
token | string | Yes | JWT Bearer token |
loginData | object | Yes | User profile object |
Error Codes
| Status | Meaning |
|---|---|
401 | Invalid or expired ID token |
422 | Missing required fields |
Code Examples
curl -X POST 'https://visitnote-api-production.up.railway.app/api/therapist/v1/sign-in/social' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"provider": "google",
"id_token": "your_id_token",
"email": "your_email",
"first_name": "your_first_name",
"last_name": "your_last_name"
}'POST
/registerRegister
Create a new clinician account with email and password. Returns auth token with needs_onboarding flag.
Authentication:Not required
Request Body
| Name | Type | Required | Description |
|---|---|---|---|
first_name | string | Yes | First name |
last_name | string | Yes | Last name |
email | string | Yes | Email address |
password | string | Yes | Password (min 8 chars) |
password_confirmation | string | Yes | Password confirmation |
Response Fields
| Name | Type | Required | Description |
|---|---|---|---|
token | string | Yes | JWT Bearer token |
user | object | Yes | User profile |
needs_onboarding | boolean | Yes | Always true for new accounts |
Error Codes
| Status | Meaning |
|---|---|
422 | Validation error (duplicate email, weak password) |
Code Examples
curl -X POST 'https://visitnote-api-production.up.railway.app/api/therapist/v1/register' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"first_name": "Jane",
"last_name": "Smith",
"email": "jane@example.com",
"password": "securepassword",
"password_confirmation": "your_password_confirmation"
}'POST
/register/socialSocial Register
Register a new account using Google or Apple ID token.
Authentication:Not required
Request Body
| Name | Type | Required | Description |
|---|---|---|---|
provider | string | Yes | 'google' or 'apple' |
id_token | string | Yes | OAuth ID token |
email | string | Yes | Email from provider |
first_name | string | Yes | First name |
last_name | string | Yes | Last name |
Response Fields
| Name | Type | Required | Description |
|---|---|---|---|
token | string | Yes | JWT Bearer token |
user | object | Yes | User profile |
needs_onboarding | boolean | Yes | Always true |
Error Codes
| Status | Meaning |
|---|---|
401 | Invalid ID token |
422 | Account already exists |
Code Examples
curl -X POST 'https://visitnote-api-production.up.railway.app/api/therapist/v1/register/social' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"provider": "your_provider",
"id_token": "your_id_token",
"email": "your_email",
"first_name": "your_first_name",
"last_name": "your_last_name"
}'POST
/forgot-password/send-otpSend Password Reset OTP
Send a one-time password to the user's email for password reset.
Authentication:Not required
Request Body
| Name | Type | Required | Description |
|---|---|---|---|
email | string | Yes | Account email address |
Response Fields
| Name | Type | Required | Description |
|---|---|---|---|
message | string | Yes | Confirmation message |
token | string | Yes | Reset flow token (used in next step) |
Error Codes
| Status | Meaning |
|---|---|
404 | Email not found |
429 | Too many attempts |
Code Examples
curl -X POST 'https://visitnote-api-production.up.railway.app/api/therapist/v1/forgot-password/send-otp' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"email": "your_email"
}'POST
/forgot-password/verify-otpVerify Password Reset OTP
Verify the OTP code. OTP expires after 5 minutes.
Authentication:Not required
Request Body
| Name | Type | Required | Description |
|---|---|---|---|
token | string | Yes | Reset flow token from send-otp |
otp | string | Yes | 6-digit OTP code from email |
Response Fields
| Name | Type | Required | Description |
|---|---|---|---|
reset_token | string | Yes | Token for final password reset |
Error Codes
| Status | Meaning |
|---|---|
401 | Invalid or expired OTP |
422 | Missing token or OTP |
Code Examples
curl -X POST 'https://visitnote-api-production.up.railway.app/api/therapist/v1/forgot-password/verify-otp' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"token": "your_token",
"otp": "your_otp"
}'POST
/forgot-password/resetReset Password
Set a new password using the verified reset token.
Authentication:Not required
Request Body
| Name | Type | Required | Description |
|---|---|---|---|
token | string | Yes | Verified reset token |
password | string | Yes | New password (min 8 chars) |
password_confirmation | string | Yes | Confirm new password |
Error Codes
| Status | Meaning |
|---|---|
401 | Invalid or expired reset token |
422 | Password too weak or mismatch |
Code Examples
curl -X POST 'https://visitnote-api-production.up.railway.app/api/therapist/v1/forgot-password/reset' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"token": "your_token",
"password": "your_password",
"password_confirmation": "your_password_confirmation"
}'POST
/accept-invitationAccept Invitation
Verify an invitation token sent by an organization admin.
Authentication:Not required
Request Body
| Name | Type | Required | Description |
|---|---|---|---|
token | string | Yes | Invitation token from email link |
Response Fields
| Name | Type | Required | Description |
|---|---|---|---|
data | object | Yes | Invitation details (email, org name) |
Error Codes
| Status | Meaning |
|---|---|
404 | Invalid or expired invitation token |
Code Examples
curl -X POST 'https://visitnote-api-production.up.railway.app/api/therapist/v1/accept-invitation' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"token": "your_token"
}'POST
/invite-otp-verifyVerify Invitation OTP
Verify the OTP sent during the invitation acceptance flow.
Authentication:Not required
Request Body
| Name | Type | Required | Description |
|---|---|---|---|
token | string | Yes | Invitation token |
otp | string | Yes | 6-digit OTP from email |
Response Fields
| Name | Type | Required | Description |
|---|---|---|---|
data | object | Yes | Verification result |
Error Codes
| Status | Meaning |
|---|---|
401 | Invalid OTP |
Code Examples
curl -X POST 'https://visitnote-api-production.up.railway.app/api/therapist/v1/invite-otp-verify' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"token": "your_token",
"otp": "your_otp"
}'POST
/set-new-passwordSet New Password (Invitation)
Set password for a new account created via invitation.
Authentication:Not required
Request Body
| Name | Type | Required | Description |
|---|---|---|---|
token | string | Yes | Invitation token |
id | string | Yes | User ID from OTP verification |
password | string | Yes | New password |
password_confirmation | string | Yes | Confirm password |
Response Fields
| Name | Type | Required | Description |
|---|---|---|---|
token | string | Yes | JWT Bearer token |
loginData | object | Yes | User profile |
Error Codes
| Status | Meaning |
|---|---|
422 | Validation error |
Code Examples
curl -X POST 'https://visitnote-api-production.up.railway.app/api/therapist/v1/set-new-password' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"token": "your_token",
"id": "your_id",
"password": "your_password",
"password_confirmation": "your_password_confirmation"
}'Sign in to access API docs
Full API reference is available to VisitNote subscribers.
Don't have an account? Start free trial