DPerspective API

The DPerspective Third-Party API Platform is a versioned, modular, consent-gated HTTP API that lets external applications read a DPerspective user’s health data — only after that user has explicitly granted scoped consent.

A valid access token is never enough on its own. Every request must also be backed by an active consent grant from the user, covering the requesting application and the endpoint’s scope.

Base URL

All API endpoints are served under the versioned base path /api/v1 at:


https://dperspective.galacticgeeks.com

Core principles

Consent-gated — no application reads health data without an explicit, scoped, revocable consent grant from the user.
Modular & versioned — 13 independent data domains under a stable /api/v1 surface. Unsupported versions are rejected, never silently rerouted.
One scope per endpoint — each endpoint requires exactly one least-privilege scope, and each scope maps to exactly one data domain.
Per-user isolation — a response only ever contains data owned by the single user bound to the presented access token.
Read-only (v1) — the current version exposes read operations only.
Audited — every consent change and data access is recorded in an append-only audit trail.

Where to start

Getting Started Authentication Consent & Approval Scopes Endpoint Reference Errors

Built for trust

DPerspective handles Protected Health Information (PHI). Even with full datastore disclosure, no usable credential is exposed — secrets and tokens are persisted only as SHA-256 hashes. Transport is TLS-terminated, and every PHI access is logged.