Skip to main content
GET
/
documents
/
get
/
{id}
curl -X GET \
  'https://app.medisync.me/api/documents/get/665e0b9d3f2a1c4d8e7f0a12' \
  -H 'Authorization: Bearer your_jwt_token_here' \
  --output document.pdf
const response = await fetch(
  'https://app.medisync.me/api/documents/get/665e0b9d3f2a1c4d8e7f0a12',
  {
    method: 'GET',
    headers: { Authorization: 'Bearer your_jwt_token_here' },
  }
);

if (response.ok) {
  const blob = await response.blob();
  const url = window.URL.createObjectURL(blob);
  const a = document.createElement('a');
  a.href = url;
  a.download = 'document.pdf';
  a.click();
}
import requests

response = requests.get(
    'https://app.medisync.me/api/documents/get/665e0b9d3f2a1c4d8e7f0a12',
    headers={'Authorization': 'Bearer your_jwt_token_here'},
)

if response.status_code == 200:
    with open('document.pdf', 'wb') as f:
        f.write(response.content)
HTTP/1.1 200 OK
Content-Type: application/pdf
Content-Disposition: attachment; filename="1719920400000_lab_results.pdf"

<binary file bytes>

Overview

Returns the raw file bytes of a document attached to an appointment. The lookup is keyed by appointment ID and scoped to the authenticated doctor, returning the first document on that appointment owned by the caller. The response Content-Type reflects the stored file’s MIME type, so this endpoint serves PDFs and images (application/pdf, image/png, image/jpeg, image/webp).
This is a read endpoint and is not plan-gated. A document owned by another doctor is treated as not found (404).

Authentication

Authorization
string
required
Bearer token for authenticated access. The doctor’s ID is extracted from the JWT token and used to scope the lookup.
Authorization: Bearer your_jwt_token_here

Path Parameters

id
string
required
The appointment ID (ObjectId). Returns the first document on that appointment owned by the authenticated doctor.

Response

On success the endpoint returns the file bytes (not JSON) with download headers.
Content-Type
header
The stored file’s MIME type — e.g. application/pdf, image/png, image/jpeg, image/webp.
Content-Disposition
header
Attachment header. The filename is derived from the storage key with the leading appointment-ID segment removed; it still includes the timestamp segment (e.g. 1719920400000_lab_results.pdf).
On error the endpoint returns JSON:
success
boolean
Always false for errors
error
string
Error message describing what went wrong

Example Request

curl -X GET \
  'https://app.medisync.me/api/documents/get/665e0b9d3f2a1c4d8e7f0a12' \
  -H 'Authorization: Bearer your_jwt_token_here' \
  --output document.pdf
const response = await fetch(
  'https://app.medisync.me/api/documents/get/665e0b9d3f2a1c4d8e7f0a12',
  {
    method: 'GET',
    headers: { Authorization: 'Bearer your_jwt_token_here' },
  }
);

if (response.ok) {
  const blob = await response.blob();
  const url = window.URL.createObjectURL(blob);
  const a = document.createElement('a');
  a.href = url;
  a.download = 'document.pdf';
  a.click();
}
import requests

response = requests.get(
    'https://app.medisync.me/api/documents/get/665e0b9d3f2a1c4d8e7f0a12',
    headers={'Authorization': 'Bearer your_jwt_token_here'},
)

if response.status_code == 200:
    with open('document.pdf', 'wb') as f:
        f.write(response.content)

Example Response

HTTP/1.1 200 OK
Content-Type: application/pdf
Content-Disposition: attachment; filename="1719920400000_lab_results.pdf"

<binary file bytes>

Error Responses

{
  "success": false,
  "error": "Document not found"
}
{
  "success": false,
  "error": "Failed to retrieve document content from storage"
}
{
  "success": false,
  "error": "Error retrieving document"
}
{
  "success": false,
  "message": "Unauthorized"
}