Add Staff¶

Create a new staff member (user + optional doctor profile) and send them an invite email with a password reset link.

Endpoint¶

POST /v1/clinic/add-clinic-staff

Request Body¶

Parameter	Type	Required	Description
`user_details`	object	Yes	Core user account fields (see User Details Object)
`doctor_details`	object	No	Doctor-specific profile fields; required when `roles` includes `DOCTOR` or `JUNIOR_DOCTOR` (see Doctor Details Object)

User Details Object¶

Parameter	Type	Required	Description
`username`	string	Yes	Login username
`password`	string	Yes	Password (8–30 chars, must include uppercase, lowercase, digit, and special character)
`roles`	array	Yes	System roles to assign (e.g., `["DOCTOR"]`, `["FRONT_DESK"]`)
`first_name`	string	No	First name
`middle_name`	string	No	Middle name
`last_name`	string	No	Last name
`email`	string	No	Email address
`mobile`	string	No	Mobile number (max 16 characters)
`clinic_id`	integer	No	Primary clinic ID
`clinic_id_list`	array	No	List of clinic IDs to associate
`sex`	string	No	`MALE`, `FEMALE`, or `OTHER`
`date_of_birth`	string (date)	No	Date of birth (`YYYY-MM-DD`)
`photo_url`	string	No	Profile photo URL
`status`	string	No	Initial status (`ACTIVE`, `INACTIVE`)
`doctor_type`	string	No	`HOME_DOCTOR` or `FLOATING_DOCTOR`; relevant when role is `DOCTOR`
`is_cosign_required`	boolean	No	Whether the doctor requires a co-signature on notes

Doctor Details Object¶

Parameter	Type	Required	Description
`master_specialization`	string	Yes (for doctors)	Primary specialization (e.g., `PHYSICAL_THERAPIST`)
`qualifications`	array	No	Qualification strings (e.g., `["PT", "DPT"]`)
`services`	array	No	Services offered
`specialities`	array	No	Specialty strings
`about`	string	No	Bio / description
`registration_number`	string	No	License/registration number
`registration_body`	string	No	Licensing authority
`npi`	string	No	National Provider Identifier
`color_code`	string	No	Hex color for UI display
`clinics`	array	No	Explicit clinic associations; if omitted, uses `clinic_id_list` from `user_details`

Request¶

curl --location '{base_url}/v1/clinic/add-clinic-staff' \
  --header 'Authorization: Bearer JWT_TOKEN' \
  --header 'Content-Type: application/json' \
  --data '{
    "user_details": {
      "username": "jane.doe",
      "password": "Secure@123",
      "first_name": "Jane",
      "last_name": "Doe",
      "email": "jane.doe@example.com",
      "mobile": "5551234567",
      "roles": ["DOCTOR"],
      "clinic_id_list": [44],
      "doctor_type": "HOME_DOCTOR"
    },
    "doctor_details": {
      "master_specialization": "PHYSICAL_THERAPIST",
      "qualifications": ["PT", "DPT"],
      "npi": "1234567890",
      "color_code": "#0a76db"
    }
  }'

Request Examples¶

Add Front Desk Staff¶

{
  "user_details": {
    "username": "frontdesk.user",
    "password": "Secure@123",
    "first_name": "Alex",
    "last_name": "Smith",
    "email": "alex.smith@example.com",
    "roles": ["FRONT_DESK"],
    "clinic_id_list": [44]
  }
}

Add Doctor¶

{
  "user_details": {
    "username": "dr.jane.doe",
    "password": "Secure@123",
    "first_name": "Jane",
    "last_name": "Doe",
    "email": "jane.doe@example.com",
    "roles": ["DOCTOR"],
    "clinic_id_list": [44],
    "doctor_type": "HOME_DOCTOR",
    "is_cosign_required": false
  },
  "doctor_details": {
    "master_specialization": "PHYSICAL_THERAPIST",
    "qualifications": ["PT", "DPT"],
    "npi": "1234567890",
    "color_code": "#0a76db"
  }
}

Response¶

Success Response¶

Code: 200 OK

{
  "code": 2000,
  "data": {
    "id": 10234,
    "username": "jane.doe",
    "first_name": "Jane",
    "last_name": "Doe",
    "email": "jane.doe@example.com",
    "roles": ["DOCTOR"],
    "status": "ACTIVE"
  },
  "message": "Success"
}

Response Fields¶

Field	Type	Description
`id`	integer	User ID of the newly created staff member
`username`	string	Login username
`first_name`	string	First name
`last_name`	string	Last name
`email`	string	Email address
`roles`	array	System roles assigned
`status`	string	Account status

Error Response¶

Code: 400 Bad Request

{
  "code": 4000,
  "message": "Permission Denied",
  "data": null
}

Notes¶

Requires ORGANISATION_MANAGEMENT read-write permission.
After creation, an invite email with a password reset link is automatically sent to the new staff member.
When roles includes DOCTOR, JUNIOR_DOCTOR, or STUDENT, a doctor profile is automatically created from doctor_details.