How Scopes Work
- When you create your app, you declare which scopes it needs
- When a clinic installs your app, they review and approve those scopes
- When you create an API key, you select which of the approved scopes it should have
- At runtime, your effective permissions are the intersection of the key’s scopes and the clinic’s installation grants, and each API endpoint checks for the required scope before returning data
Available Scopes
Read Scopes
Patient Data
| Scope | Endpoints | Description |
|---|---|---|
read:patients | GET /v3/patients | List patients with search and pagination |
GET /v3/patients/{id} | Get a specific patient by ID |
Appointments
| Scope | Endpoints | Description |
|---|---|---|
read:appointments | GET /v3/appointments | List appointments with filters |
GET /v3/appointments/{id} | Get a specific appointment by ID |
Providers
| Scope | Endpoints | Description |
|---|---|---|
read:providers | GET /v3/providers | List providers |
GET /v3/providers/{id} | Get a specific provider by ID |
Facilities
| Scope | Endpoints | Description |
|---|---|---|
read:facilities | GET /v3/facilities | List facilities |
GET /v3/facilities/{id} | Get a specific facility by ID |
Billing
| Scope | Endpoints | Description |
|---|---|---|
read:bills | GET /v3/bills | List bills with pagination |
GET /v3/bills/{id} | Get detailed bill with line items and coding groups | |
read:encounters | (legacy) | Same as read:bills |
Claims
| Scope | Endpoints | Description |
|---|---|---|
read:claims | GET /v3/claims | List claims with pagination |
GET /v3/claims/{id} | Get detailed claim with insurance info |
Notes
| Scope | Endpoints | Description |
|---|---|---|
read:notes | GET /v3/notes | List patient visit notes |
GET /v3/notes/{id} | Get a specific note by ID | |
read:soap_notes | GET /v3/notes?includeSoapNote=true | Include SOAP note content (requires read:notes too) |
Tasks
| Scope | Endpoints | Description |
|---|---|---|
read:tasks | GET /v3/tasks | List tasks with filters (status, note, provider, patient, date range) |
GET /v3/tasks/{id} | Get a specific task by ID |
Emails
| Scope | Endpoints | Description |
|---|---|---|
read:emails | GET /v3/emails | List emails |
GET /v3/emails/{id} | Get a specific email by ID |
Phone Numbers
| Scope | Endpoints | Description |
|---|---|---|
read:phone_numbers | GET /v3/phone-numbers | List clinic phone numbers |
Inventory
| Scope | Endpoints | Description |
|---|---|---|
read:inventory | GET /v3/inventory/changes | List inventory changes |
GET /v3/inventory/changes/{id} | Get a specific inventory change | |
GET /v3/inventory/changes/{id}/products | Get products for an inventory change | |
GET /v3/inventory/stock-levels | Get current stock levels | |
read:products | GET /v3/inventory/products | List products in the catalog |
GET /v3/inventory/products/{id} | Get a specific product |
Write Scopes
Notes
| Scope | Endpoints | Description |
|---|---|---|
write:notes_images | POST /v3/notes/{noteId}/images?providerId= | Upload an image to a note |
DELETE /v3/notes/{noteId}/images/{imageId}?providerId= | Delete an image from a note | |
write:soap_notes | PATCH /v3/notes/{noteId}?providerId= | Edit SOAP note fields (with EHR sync) |
PATCH /v3/notes/{noteId}/impressions/{impressionId}?providerId= | Edit impression fields (ModMed only) |
Tasks
| Scope | Endpoints | Description |
|---|---|---|
write:tasks | POST /v3/tasks | Create a task (synchronous EHR push) |
PATCH /v3/tasks/{id} | Update task status (complete/cancel) |
Emails
| Scope | Endpoints | Description |
|---|---|---|
write:emails | POST /v3/emails/send | Send an email |
Products
| Scope | Endpoints | Description |
|---|---|---|
write:products | POST /v3/inventory/products | Create a new product |
PUT /v3/inventory/products/{id} | Update an existing product |
Inventory
| Scope | Endpoints | Description |
|---|---|---|
write:inventory | POST /v3/inventory/changes | Create an inventory change |
Checking Your Scopes
Use the/v3/marketplace/me endpoint to see which scopes your API key currently has. This endpoint does not require any scope — it is always available.
