Skip to main content
GET
/
notes
/
{id}
curl -X GET \
  'https://app.medisync.me/api/notes/664e0b1f7c2a5e0011fa9911' \
  -H 'Authorization: Bearer your_jwt_token_here'
const response = await fetch(
  'https://app.medisync.me/api/notes/664e0b1f7c2a5e0011fa9911',
  {
    method: 'GET',
    headers: {
      'Authorization': 'Bearer your_jwt_token_here'
    }
  }
);

const result = await response.json();
import requests

response = requests.get(
    'https://app.medisync.me/api/notes/664e0b1f7c2a5e0011fa9911',
    headers={
        'Authorization': 'Bearer your_jwt_token_here'
    }
)

result = response.json()
{
  "success": true,
  "data": [
    {
      "_id": "665f1c2a9b1e8a0012ab34cd",
      "appointment_id": "664e0b1f7c2a5e0011fa9911",
      "notes": "Patient presented with chest pain. EKG normal.",
      "summary": "Chest pain, normal findings",
      "citations": null,
      "createdAt": "2026-06-30T10:30:00.000Z",
      "updatedAt": "2026-06-30T11:15:00.000Z"
    }
  ]
}
{
  "success": true,
  "data": []
}

Overview

Retrieve the notes associated with a specific appointment. The system stores a single notes document per appointment, so in practice the returned array holds either zero or one element. When the appointment exists and is owned by the caller but has no notes yet, an empty array is returned.
This operation is scoped to the owning doctor. The appointment identified by {id} must belong to the authenticated user. A request for an appointment you do not own returns 403 Forbidden, and an unknown appointment returns 404 Appointment not found (not an empty array).

Authentication

Authorization
string
required
Bearer token for authenticated access. The doctor (user) identity is taken from the JWT.
Authorization: Bearer your_jwt_token_here
A missing or invalid token returns 401 with a message field. See Error Responses.

Path Parameters

id
string
required
Appointment ID (MongoDB ObjectId, 24 hex characters) whose notes to retrieve. Must be owned by the authenticated doctor.

Response

success
boolean
Indicates whether the operation succeeded.
data
array
Array of notes documents for the appointment. Holds 0 or 1 element in practice.
error
string
Error message (only present when success is false).
Each notes object may contain additional fields beyond those listed above. Treat any unlisted fields as opaque.

Example Request

curl -X GET \
  'https://app.medisync.me/api/notes/664e0b1f7c2a5e0011fa9911' \
  -H 'Authorization: Bearer your_jwt_token_here'
const response = await fetch(
  'https://app.medisync.me/api/notes/664e0b1f7c2a5e0011fa9911',
  {
    method: 'GET',
    headers: {
      'Authorization': 'Bearer your_jwt_token_here'
    }
  }
);

const result = await response.json();
import requests

response = requests.get(
    'https://app.medisync.me/api/notes/664e0b1f7c2a5e0011fa9911',
    headers={
        'Authorization': 'Bearer your_jwt_token_here'
    }
)

result = response.json()

Example Response

{
  "success": true,
  "data": [
    {
      "_id": "665f1c2a9b1e8a0012ab34cd",
      "appointment_id": "664e0b1f7c2a5e0011fa9911",
      "notes": "Patient presented with chest pain. EKG normal.",
      "summary": "Chest pain, normal findings",
      "citations": null,
      "createdAt": "2026-06-30T10:30:00.000Z",
      "updatedAt": "2026-06-30T11:15:00.000Z"
    }
  ]
}
{
  "success": true,
  "data": []
}

Error Responses

{
  "success": false,
  "message": "Unauthorized"
}
{
  "success": false,
  "message": "Session ended on this device because you signed in elsewhere.",
  "code": "SESSION_REVOKED"
}
{
  "success": false,
  "error": "Forbidden"
}
{
  "success": false,
  "error": "Appointment not found"
}

Status Codes

  • 200 — Notes retrieved successfully (including an empty array when no notes exist).
  • 401 — Missing, invalid, or revoked authentication token.
  • 403 — Authenticated user does not own the appointment.
  • 404 — Appointment not found.