Skip to main content

Team & Organization

Zentake's tenancy hierarchy is Organization → Team → User. Every other resource, Patient, Form, Packet, Response, Message, PDF Document, Webhook Config, belongs to exactly one Team, which is the primary isolation boundary in the product and the API.

  • Organization is the top-level account. It can contain multiple Teams (e.g., separate locations or departments of the same practice).
  • Team is where data actually lives. A Form built for one team is not visible to another, even within the same Organization.
  • User is a person with dashboard access, scoped to one or more Teams.
Not queryable resources

Organization, Team, and User don't have their own endpoints in the public REST API. There's no GET /v2/teams or GET /v2/organizations. Instead, Team is established implicitly by which API credentials you use.

How this maps to API authentication

Every API request authenticates as a specific Team using two headers:

X-API-KEY: <your team's unique identifier>
X-API-SECRET: <your API secret>

Everything that request can see or create, Patients, Forms, Packets, Responses, Messages, is scoped to that Team automatically. There's no separate "organization" credential; if you operate multiple Teams (e.g., multiple practice locations), each one has its own X-API-KEY / X-API-SECRET pair and you make separate requests per team.

This is also why Zentake's sandbox and production environments use different credentials: a sandbox X-API-KEY identifies a completely separate, isolated team-like environment from your production one. See What Zentake can integrate with for the sandbox details.

See in API Reference