API reference

Production UI is typically built with VITE_API_BASE_URL=https://api.healfast.ai so browser calls go to the API host. Same-origin deployments can leave the variable empty and rely on nginx routing.

Health check (no auth): GET /api/health → {"ok": true, ...}

Core routes

POST /api/turn — conversational turn (JSON body: message, history, module, optional use_web_search).
GET /api/config — feature flags, model hints, web-search allowance.
POST /api/partner/access-request — partner onboarding (when enabled).
POST /api/access/validate, GET /api/access/config — unlock gate (when enabled).
POST /api/audit/log, POST /api/events/log — client telemetry (best-effort).

MediLink PHC

POST /api/medilink/triage
POST /api/medilink/forecast
POST /api/medilink/outbreak
POST /api/medilink/resources

Request/response shapes match the FastAPI stack under symptomchecker on the server. Errors return JSON with a detail field when available.

ConvAI client tools

The voice UI registers a client tool (e.g. runMedilinkTriage) with the ElevenLabs widget when the agent is configured in the dashboard. The browser forwards tool calls to POST /api/convai/tools/medilink_triage when the backend exposes it.

Optional header X-Convai-Secret can be set via VITE_CONVAI_WEBHOOK_SECRET if your deployment requires it.

Build-time environment (Vite)

VITE_API_BASE_URL — API origin for the SPA.
VITE_ELEVENLABS_AGENT_ID — overrides widget agent-id in index.html.
VITE_CONVAI_WEBHOOK_SECRET — optional HMAC-style secret for tool routes.