Zanda Health API Documentation
Overview
Welcome to the Zanda Health API documentation. Zanda Health is a comprehensive practice management system for healthcare practitioners.
The Zanda API is organized around REST principles with predictable resource-oriented URLs, JSON-encoded request/response bodies, and standard HTTP verbs and status codes.
Use this API to access client profiles, practitioners, appointments, invoices, locations, payments, and more from your Zanda Health account.
Security
The Zanda API is designed with security as a priority:
- HTTPS Required - All API requests must be made over HTTPS. Requests made over plain HTTP will be rejected.
- API Key Authentication - Every request must include a valid API key in the
X-API-Keyheader. Requests without authentication will fail. - Keep Keys Secret - Never expose your API keys in client-side code, public repositories, or support tickets.
Authentication
API keys is used to authenticate requests.
Generating an API Key
- Log in to your Zanda Health account
- Navigate to Tools → Zanda API Key
- Click the button to generate a secure key
- Copy your key immediately — for security reasons, it won't be shown again after you close the window
Permissions
API keys provide access to resources such as client profiles, appointments, invoices, practitioners, and more. In future releases, granular permission levels will be available, allowing you to configure read and write access on a per-resource basis.
curl https://api.zandahealth.com/api/v1/practitioners \
-H "X-API-Key: your_api_key_here"Base URL
The Zanda API is deployed across multiple regions. Use the base URL that corresponds to your account's region:
| Region | Base URL |
|---|---|
| Australia | https://zandaapi.zandahealth.com/api/v1 |
| United States | https://zandaapi.us.zandahealth.com/api/v1 |
| United Kingdom | https://zandaapi.uk.zandahealth.com/api/v1 |
Examples in this documentation use api.zandahealth.com as a placeholder. Replace it with your region-specific URL.
Response Structure
The Zanda API uses vendor-specific media types following RFC 6838 standards. This enables content negotiation and allows clients to request the response format that best suits their needs.
Media Types
Use the Accept header to specify your preferred response format. If not specified, the API defaults to application/vnd.zandaapi.hateoas+json.
| Media Type | Description |
|---|---|
application/vnd.zandaapi.hateoas+json | Full response with HATEOAS hypermedia links for API discoverability |
application/vnd.zandaapi+json | Lightweight response without hypermedia links |
Single Resource
Individual resources are wrapped in a data envelope. When using the HATEOAS media type, a links array provides related actions:
{
"data": {
"id": 123,
"firstName": "John",
"lastName": "Doe"
},
"links": [
{
"href": "/api/v1/practitioners/123",
"rel": "self",
"method": "GET"
}
]
}Collection (Paginated)
Collection responses include an items array with pagination metadata:
{
"items": [
{ "data": { ... }, "links": [...] },
{ "data": { ... }, "links": [...] }
],
"links": [
{ "href": "/api/v1/practitioners?page=2&pageSize=5", "rel": "self", "method": "GET" },
{ "href": "/api/v1/practitioners?page=3&pageSize=5", "rel": "next", "method": "GET" }
],
"pageNumber": 2,
"pageSize": 5,
"totalItemCount": 87,
"pageCount": 18,
"hasNextPage": true
}Quick Start
Here are complete examples to get you started:
With HATEOAS Links
To include hypermedia links for API discoverability, use the application/vnd.zandaapi.hateoas+json media type:
List Resources
Fetching a paginated list of practitioners:
curl -X GET "https://api.zandahealth.com/api/v1/practitioners?page=1&pageSize=10" \
-H "X-API-Key: your_api_key_here" \
-H "Accept: application/vnd.zandaapi.hateoas+json"{
"items": [
{
"data": {
"id": 123,
"firstName": "Jane",
"lastName": "Smith",
"email": "jane.smith@clinic.com"
},
"links": [
{
"href": "/api/v1/practitioners/123",
"rel": "self",
"method": "GET"
}
]
}
],
"links": [
{ "href": "/api/v1/practitioners?page=1&pageSize=10", "rel": "self", "method": "GET" },
{ "href": "/api/v1/practitioners?page=2&pageSize=10", "rel": "next", "method": "GET" }
],
"pageNumber": 1,
"pageSize": 10,
"totalItemCount": 42,
"pageCount": 5,
"hasNextPage": true
}Get by ID
Fetching a single practitioner by ID:
curl -X GET "https://api.zandahealth.com/api/v1/practitioners/123" \
-H "X-API-Key: your_api_key_here" \
-H "Accept: application/vnd.zandaapi.hateoas+json"{
"data": {
"id": 123,
"firstName": "Jane",
"lastName": "Smith",
"email": "jane.smith@clinic.com"
},
"links": [
{
"href": "/api/v1/practitioners/123",
"rel": "self",
"method": "GET"
}
]
}Without HATEOAS Links
For a lightweight response without hypermedia links, use the application/vnd.zandaapi+json media type:
List Resources
Fetching a paginated list of practitioners:
curl -X GET "https://api.zandahealth.com/api/v1/practitioners?page=1&pageSize=10" \
-H "X-API-Key: your_api_key_here" \
-H "Accept: application/vnd.zandaapi+json"{
"items": [
{
"data": {
"id": 123,
"firstName": "Jane",
"lastName": "Smith",
"email": "jane.smith@clinic.com"
}
}
],
"pageNumber": 1,
"pageSize": 10,
"totalItemCount": 42,
"pageCount": 5
}Get by ID
Fetching a single practitioner by ID:
curl -X GET "https://api.zandahealth.com/api/v1/practitioners/123" \
-H "X-API-Key: your_api_key_here" \
-H "Accept: application/vnd.zandaapi+json"{
"data": {
"id": 123,
"firstName": "Jane",
"lastName": "Smith",
"email": "jane.smith@clinic.com"
}
}Date & Time Handling
All timestamps in the API are handled as follows:
Format
Timestamps use ISO 8601 format:
YYYY-MM-DDTHH:MM:SSExample: 2025-09-05T15:30:00
Timezone
- All timestamps are returned in UTC
Date-Only Fields
Some fields (like birth dates) use date-only format:
YYYY-MM-DDPagination
List endpoints support pagination using query parameters:
Query Parameters
page- Page number (default: 1)pageSize- Items per page (default: 10, min: 5, max: 25)
Response Metadata
Paginated responses include:
pageNumber- Current pagepageSize- Items per pagetotalItemCount- Total items across all pagespageCount- Total number of pageshasNextPage- Whether more pages are availablelinks- Navigation links (self, next)
Error Handling
The Zanda API uses conventional HTTP response codes to indicate the success or failure of an API request.
| Code | Description |
|---|---|
200 | Success - The request was successful |
201 | Created - A resource was successfully created |
400 | Bad Request - The request was invalid or cannot be served |
401 | Unauthorized - Authentication failed or API key is missing |
403 | Forbidden - You don't have permission to access this resource |
404 | Not Found - The requested resource doesn't exist |
406 | Not Acceptable - The requested media type is not supported |
429 | Too Many Requests - Rate limit exceeded |
500 | Internal Server Error - Something went wrong on our end |
Rate Limiting
To ensure service stability, the Zanda API implements rate limiting. If you exceed the rate limit, you'll receive a 429 Too Many Requests response.
Limits
| Limit Type | Threshold | Window |
|---|---|---|
| Per API Key | 100 requests | 1 minute |
| Per IP Address | 1,000 requests | 5 minutes |
Response Headers
Rate limit information is included in response headers for authenticated requests:
| Header | Description | Present |
|---|---|---|
X-RateLimit-Limit | Maximum requests allowed per time window | All authenticated responses |
X-RateLimit-Remaining | Remaining requests in current window | All authenticated responses |
X-RateLimit-Reset | Unix epoch timestamp when the window resets | All authenticated responses |
Retry-After | Seconds to wait before retrying | 429 responses only |
429 Response Body
When rate limited, the API returns a RFC 7807 Problem Details response:
{
"type": "https://tools.ietf.org/html/rfc6585#section-4",
"title": "Too Many Requests",
"status": 429,
"detail": "Rate limit exceeded. Please retry after the specified period.",
"instance": "/api/v1/practitioners"
}Download OpenAPI Spec
Download the OpenAPI specification to import into your favorite API client (Postman, Insomnia, etc.) or to generate client SDKs.
Download OpenAPI Spec (JSON)Support
If you have questions or need assistance with the Zanda API, please:
- Visit our Knowledge Base
- Contact our support team