FAQs

Helpful answers to the most common onboarding and integration questions.

Our integration is manual today, but we want automatic activations. How do we switch?

Ship the full InstantOn OAuth flow so practices can authorize directly from Hint. Once your InstantOn implementation is tested, email [email protected] and we will validate it in staging before enabling automatic activations for every connected practice.

Where can I see the list of webhook events?

Review the canonical list in Webhooks. Each entry includes the event name and payload so you can map it to your handlers quickly.

Do practice access tokens expire? Can we refresh them?

Hint-issued practice tokens do not expire automatically and cannot be refreshed. A practice can disable your integration at any time, which invalidates that specific token immediately. We can also revoke a token on request if you need to rotate credentials.

All practices share the same multi-tenant instance of our app. Do we still need unique per-practice IDs?

Yes. Each practice activates its own connection, so every credential is scoped to a single practice. Use the installation id (and practice.id) returned by POST /api/partner/installations/connect to correlate activity on your side.

Which endpoints require the partner API key vs. the practice access token?

Partner-level endpoints -- everything under /api/partner/* -- always require the Partner API key. Practice-scoped endpoints under /api/provider/* require the practice-specific access token issued when a practice activates its connection. The overview explains how the partner and provider namespaces split responsibilities.

Can we pull richer practice metadata (specialties, education, etc.)?

Those fields are not currently exposed. Send feature requests with the use case to [email protected] so we can prioritize them appropriately.

How are partners notified when a practice terminates an integration?

We send an integration.deactivated webhook as soon as the practice disconnects. Ensure your webhook receiver is resilient and validates signatures.


Did this page help you?