Overview
Application APIs
b.well provides REST and GraphQL endpoints for end-user applications to access b.well's services and healthcare data on behalf of authenticated end users. This integration option is for applications that prefer direct API access over SDK dependencies.
Application APIs use GraphQL as the primary interface—a federated gateway that unifies multiple b.well services through a single endpoint. REST endpoints are also available for specific operations. Both interfaces operate in an end-user authentication context, allowing your application to access user-specific health data, manage healthcare connections, and coordinate care workflows.
Choose Application APIs when you:
- Prefer direct API integration without SDK dependencies
- Want the flexibility of GraphQL queries to request exactly the data you need
- Have existing API integration patterns in your architecture
- Need fine-grained control over request structure and response handling
Integration At a Glance
Integrating with b.well Application APIs follows this pattern:
- Authenticate end users using OAuth 2.0 Token Exchange (see End-User Authentication)
- Access the GraphQL endpoint (primary interface) or REST endpoints (specific operations)
- Make API calls on behalf of authenticated users with user access tokens
- Search for data connections, manage connections, or retrieve health data through b.well's unified API layer.
Authentication & User Context
Application APIs operate in an end-user authentication context, meaning all API requests are made on behalf of a specific authenticated user. This ensures:
- User-specific data access (not system-wide)
- HIPAA-compliant data handling
- Proper authorization and consent enforcement
See End-User Authentication for details on OAuth 2.0 Token Exchange, token management, and implementing authentication flows in your application.
Workflow & Configuration Guides
The Application APIs provide access to b.well's core healthcare workflows. Each guide includes API endpoints, request/response examples, and implementation patterns.
| Workflow Guide | Description |
|---|---|
| Account Creation & Consent | Create new user accounts, update user profile demographics, and manage consent records for data access |
| Search & Establish Data Connections | Discover healthcare data sources and establish connections to external providers using SearchHealthResources and OAuth workflows |
| OAuth Connection Flow | Handle OAuth redirect completion with implementation options for web and mobile applications including postMessage listeners and URL polling |
| Managing Data Connections | Retrieve connection statuses, disconnect or delete connections, and re-establish expired or removed connections |
| Locating and Managing IAS Connections | Enable Record Locator Service to discover health records across networks and manage Individual Access Service connections |
| Health Record Retrieval | Access patient health data including conditions, medications, procedures, labs, and clinical documents through GraphQL or REST $everything operation |
| User Account Deletion | Process user-initiated account deletion requests with configurable waiting periods or immediate execution |
Updated 8 days ago