FAQs
Helpful answers to the most common onboarding and integration questions.
Our integration is manual today, but we want automatic activations. How do we switch?
Ship the full InstantOn OAuth flow so practices can authorize directly from Hint. Once your InstantOn implementation is tested, email [email protected] and we will validate it in staging before enabling automatic activations for every connected practice.
Where can I see the list of webhook events?
Review the canonical list in Webhooks. Each entry includes the event name and payload so you can map it to your handlers quickly.
Do OAuth access tokens expire? Can we refresh them?
Hint-issued practice tokens do not expire automatically and cannot be refreshed. A practice can disable your integration at any time, which invalidates that specific token immediately. We can also revoke a token on request if you need to rotate credentials.
All practices share the same multi-tenant instance of our app. Do we still need unique integration IDs?
Yes. Each practice completes its own OAuth handshake, so every access token is scoped to a single practice. Use the integration_id returned by /api/oauth/tokens to correlate activity on your side.
Which endpoints require the partner API key vs. the practice access token?
Partner-level endpoints such as /api/integrations and /api/oauth/* always require the Partner API key. Practice-scoped endpoints under /api/provider/* require the practice-specific access token issued through InstantOn. The overview explains how the partner and provider namespaces split responsibilities.
Can we pull richer practice metadata (specialties, education, etc.)?
Those fields are not currently exposed. Send feature requests with the use case to [email protected] so we can prioritize them appropriately.
How are partners notified when a practice terminates an integration?
We send an integration.deactivated webhook as soon as the practice disconnects. Ensure your webhook receiver is resilient and validates signatures.
Updated 18 days ago