Team & Organization
Zentake's tenancy hierarchy is Organization → Team → User. Every other resource, Patient, Form, Packet, Response, Message, PDF Document, Webhook Config, belongs to exactly one Team, which is the primary isolation boundary in the product and the API.
- Organization is the top-level account. It can contain multiple Teams (e.g., separate locations or departments of the same practice).
- Team is where data actually lives. A Form built for one team is not visible to another, even within the same Organization.
- User is a person with dashboard access, scoped to one or more Teams.
Organization, Team, and User don't have their own endpoints in the public
REST API. There's no GET /v2/teams or GET /v2/organizations. Instead,
Team is established implicitly by which API credentials you use.
How this maps to API authentication
Every API request authenticates as a specific Team using two headers:
X-API-KEY: <your team's unique identifier>
X-API-SECRET: <your API secret>
Everything that request can see or create, Patients, Forms, Packets,
Responses, Messages, is scoped to that Team automatically. There's no
separate "organization" credential; if you operate multiple Teams (e.g.,
multiple practice locations), each one has its own X-API-KEY /
X-API-SECRET pair and you make separate requests per team.
This is also why Zentake's sandbox and production environments use
different credentials: a sandbox X-API-KEY identifies a completely
separate, isolated team-like environment from your production one. See
What Zentake can integrate with for the
sandbox details.
See in API Reference
- API Reference introduction. Full authentication details, including sandbox vs. production credentials.