The PPS API allows you to extend and interact with your PPS system by building custom applications, internal tools, and automated processes.
It is designed for organisations that want direct programmatic access to their PPS data in order to integrate with in-house systems, streamline workflows, or implement bespoke functionality tailored to their clinic’s requirements.
Please Note: You will need to be logged in to Express as the System Administrator to access and modify these settings. These settings are only accessible from PPS Express.
To begin, log into PPS Express and navigate to the API Settings page.
Before accessing these settings, you must review and agree to the API usage charges. You can find a full breakdown of these costs on our PPS API Pricing page. Once accepted, the API Settings dashboard will become available.
To get started, you’ll need to complete two separate setup steps.
First, create a user account for the PPS API documentation site. This allows access to the technical documentation, including available routes, request formats, and examples. API tokens are not required to view the documentation.
Second, create one or more API tokens. Tokens are required when making API requests and determine which routes can be accessed and what permissions (read, write, delete) are allowed.
Users
To grant a user access to our PPS API documentation site, you must create a dedicated user for them:
Navigate to the Users tab in API Settings.
Click the + Create User button.
Security Note: When the user logs in for the first time, they will be prompted to set up Two-Factor Authentication (2FA). This is a mandatory step to ensure your clinic data remains secure.
Once a user has been created you can manage the tokens that they have access to.
Tokens
To use the PPS API, a user must be assigned an API token. Tokens control which API routes can be accessed and what actions are permitted, including read, write, and delete operations.
A token can be set up from the tokens page within the API settings. Use the "Create Token" button to create a new token and give it a name that can be used to identify the token with.
When a token has been created the token values will be generated and you will then be able to manage the users that have access to the token along with their permissions. The token values will also be visible by the user/s assigned to it from the documentation site.
Important: Treat token values like passwords. They should be stored securely and never hard-coded into front-end scripts where they can be seen by others. You can use the "Regenerate Token" button to generate new token values if needed.
Permissions
Once a token has been created you'll be able to select what permissions that token has on your database. This controls the access the token has with your data and can be used to grant or limit access to certain route groups. By default all options are disabled.
Best Practice: We strongly recommend the Principle of Least Privilege. Only enable the specific permissions required for your project rather than granting "Full Access" by default. This minimises risk and keeps your data footprint small.
Users
Once the token has been set up you can then assign a user to it. The user will then see the token assigned to them within the API documentation site on the "Your Tokens" page.