TOC
Miri SDK Overview
Setup & Installation
Basic Usage
Chat / Conversational UI
Goals and Tracking
Measurements
Settings
Admin
Webhooks
SDK Authorization Requests Guide
Custom Token Validation API
Admin User Viewing Guide

Admin User Viewing Guide

This document explains how admin users can view care seekers through the miri web app using external care seeker IDs and API keys.

Overview

The miri web app provides a way for authenticated admin users to view care seeker profiles using external identifiers. This functionality is particularly useful for integrating with external systems that need to link to specific care seeker profiles.

URL Structure

Base URLs

  • Production: https://app.miri.ai/
  • Staging: http://app-staging.miri.ai/

Care Seeker Viewing URL

{baseUrl}/dashboard/external-member/{externalCareSeekerId}?apiKey={apiKey}

Production Example:

https://app.miri.ai/dashboard/external-member/{externalCareSeekerId}?apiKey={apiKey}

Staging Example:

http://app-staging.miri.ai/dashboard/external-member/{externalCareSeekerId}?apiKey={apiKey}

External Authentication URL

For external authentication with automatic authorization, use:

{baseUrl}/dashboard/external-member/{externalCareSeekerId}?apiKey={apiKey}&token={ssoToken}&provider={provider}

Production Example:

https://app.miri.ai/dashboard/external-member/user123?apiKey=abc123&token=google-sso-token&provider=google

Staging Example:

http://app-staging.miri.ai/dashboard/external-member/user123?apiKey=abc123&token=firebase-sso-token&provider=firebase

URL Components

  • Base URL: https://app.miri.ai/
  • Route Path: /dashboard/external-member/{externalCareSeekerId}
  • Required Query Parameter: ?apiKey={apiKey}

External Authentication Parameters

When using external authentication, additional parameters are required:

  • token: SSO token from the authentication provider (Google, Firebase, Apple, etc.)
  • provider: Authentication provider (google, firebase, apple, custom)

Example URLs

Production Examples

For a care seeker with external ID user123 and API key abc123:

https://app.miri.ai/dashboard/external-member/user123?apiKey=abc123

For a care seeker with external ID john-doe-456 and API key xyz789:

https://app.miri.ai/dashboard/external-member/john-doe-456?apiKey=xyz789

Staging Examples

For a care seeker with external ID user123 and API key abc123:

http://app-staging.miri.ai/dashboard/external-member/user123?apiKey=abc123

For a care seeker with external ID john-doe-456 and API key xyz789:

http://app-staging.miri.ai/dashboard/external-member/john-doe-456?apiKey=xyz789

External Authentication Examples

For external authentication with Google SSO:

https://app.miri.ai/dashboard/external-member/patient-123?apiKey=abc123&token=google-sso-token&provider=google

For external authentication with Firebase SSO:

http://app-staging.miri.ai/dashboard/external-member/user-456?apiKey=xyz789&token=firebase-sso-token&provider=firebase

For external authentication with Apple SSO:

https://app.miri.ai/dashboard/external-member/apple-user-789?apiKey=def456&token=apple-sso-token&provider=apple

How It Works

1. Route Handling

The web app uses a dynamic route at /dashboard/external-member/[id] that:

  • Extracts the externalCareSeekerId from the URL path parameter [id]
  • Extracts the apiKey from the query string parameters
  • Extracts the token and provider from query string parameters (if present)

2. External Authentication Flow

When token and provider parameters are present:

  • The useExternalAuth hook automatically processes the external authentication
  • Creates an authorization request for the external user
  • Exchanges the SSO token for a Firebase token
  • Automatically authorizes the external user with default permissions

2. Component Processing

The CareSeekerView component:

  • Receives both the externalCareSeekerId and apiKey parameters
  • Uses the miri-react-native-sdk's useCareSeekerRepository().getByToken() method
  • Passes the parameters to fetch care seeker data

3. API Integration

The SDK internally uses useCareSeekerAPI to make an authenticated request to:

GET /v2.0/care-seekers/get-by-id

With the following parameters:

  • external_uid: The external care seeker ID
  • api_key: The API key for authentication
  • include_logins: Set to true to include login history
  • skip_onboarding_check: Set to true for admin views

4. Data Display

Once the care seeker data is retrieved, the web app displays:

  • Care seeker profile information
  • Session logs and activity history
  • Chat sessions and messages
  • Plan artifacts and recommendations

Authentication Requirements

Admin Authentication

  • The admin user must be authenticated in the miri web app
  • The admin must have appropriate permissions to view care seekers

API Key Requirements

  • The apiKey must be valid and active
  • The API key must have permissions to access care seeker data
  • The API key is used to authenticate the request to the backend API

External Care Seeker ID

  • The externalCareSeekerId must correspond to an existing care seeker in the system
  • The care seeker must be associated with the organization that owns the API key

External Authentication Requirements

When using external authentication:

  • The token must be a valid SSO token from the specified provider
  • The provider must be one of the supported providers (google, firebase, apple, custom)
  • The external user will be automatically authorized with default permissions
  • The authorization will expire after 1 hour

Error Handling

The web app handles various error scenarios:

Missing Parameters

  • If neither careSeekerId nor externalCareSeekerId is provided, an error is shown
  • If externalCareSeekerId is provided but apiKey is missing, an error is shown

Invalid Data

  • If the care seeker is not found, an appropriate error message is displayed
  • If the API key is invalid or lacks permissions, authentication errors are shown

Network Issues

  • Network failures are handled gracefully with retry mechanisms
  • Loading states are shown during data fetching

Integration Use Cases

External System Integration

External applications can use this URL structure to:

  • Deep-link directly to specific care seeker profiles
  • Provide seamless navigation between external systems and miri
  • Maintain proper authentication and authorization

Admin Dashboard Access

Healthcare providers can:

  • Access care seeker profiles from external patient management systems
  • View comprehensive care seeker data in a unified interface
  • Track patient progress and engagement

API-Based Workflows

Developers can:

  • Generate URLs programmatically based on external identifiers
  • Integrate care seeker viewing into custom workflows
  • Maintain security through API key authentication

External Authentication Integration

External systems can:

  • Deep-link users directly to care seeker profiles with automatic authentication
  • Pass SSO tokens to authenticate users seamlessly
  • Automatically authorize external users for temporary access
  • Provide single-sign-on experience across systems

Security Considerations

API Key Management

  • API keys should not be exposed in public repositories
  • Keys should be rotated regularly
  • Different keys should be used for different environments (dev, staging, prod)

Access Control

  • Only authorized admin users should have access to care seeker data
  • API keys should have appropriate scopes and permissions
  • Audit logs should be maintained for all access attempts

Data Privacy

  • Care seeker data is protected by authentication and authorization
  • Sensitive information is only displayed to authorized users
  • Compliance with healthcare data regulations is maintained