Complete technical guide to everything built in the platform.
CareDesk 247 is an AI-powered practice management and scheduling platform designed for medical practices of all sizes. It provides end-to-end patient scheduling, automated notifications, digital intake forms, and an AI assistant — all accessible from a single dashboard.
| Technology | Role |
|---|---|
| Next.js 16 (Turbopack) | Full-stack framework with App Router |
| Prisma 7 | ORM for database access |
| Neon PostgreSQL | Serverless Postgres database |
| Auth.js v5 (next-auth) | Authentication and session management |
| Zod 4 | Runtime schema validation |
| Tailwind CSS + shadcn/ui + Radix UI | UI component library and styling |
| Anthropic Claude Sonnet | AI assistant (Care AI) |
| Twilio | SMS notifications |
| Resend | Transactional email |
| Vercel | Deployment and hosting |
Each practice is a Tenant record with a unique slug, branding configuration (logo, name, primary color), timezone, and settings. All data — providers, patients, appointments, schedules — is scoped to a tenant via tenantId foreign keys.
| Role | Access |
|---|---|
| ADMIN | Full access to all tenant settings, users, and data |
| STAFF | Dashboard access: calendar, patients, appointments, notifications |
| PROVIDER | View own schedule and appointments |
| PATIENT | Patient portal: view/manage own appointments, complete forms |
Public-facing API endpoints (booking, slot search, patient creation) use the x-tenant-id header to identify the tenant. No authentication is required for these endpoints, but rate limiting is applied.
The demo tenant sunrise-medical is pre-seeded with providers, schedules, and sample data. Real notifications (SMS/email) are blocked for this tenant to prevent accidental sends during testing.
/embed/[tenantSlug] on their website via iframe| Step | Action | Details |
|---|---|---|
| 1 | Visit Type | Patient selects from available appointment types (e.g., New Patient, Follow-Up, Urgent Care) |
| 2 | Provider | Filtered list of providers who offer the selected visit type, with next-available date shown |
| 3 | Patient Info | Collects name, email, phone, date of birth. Returning patients can rebook with same email |
| 4 | Confirm | Reviews all details, submits booking. Appointment created with PENDING status |
Care AI is a conversational scheduling assistant powered by Claude Sonnet via the Anthropic SDK. It uses a tool-use architecture where the AI model can call backend functions to look up data and perform actions.
| Tool | Purpose |
|---|---|
| list_appointment_types | Returns all active visit types for the practice |
| list_providers | Lists providers, optionally filtered by specialty or appointment type |
| check_availability | Searches for open slots given an appointment type, provider, and date range |
| book_appointment | Creates an appointment after the patient confirms all details |
| get_patient_info | Retrieves the current patient's info if they are logged in |
The chat widget includes voice input and output via the Web Speech API. Patients can speak their request (speech-to-text) and hear the AI response read aloud (text-to-speech). This works in modern browsers without any additional setup.
Every notification checks the patient's consent before sending. SMS requires phoneConsent: true and email requires emailConsent: true. The booking flow sets both to true by default. Notifications for the demo tenant (sunrise-medical) are always blocked.
{{variable}} interpolation (e.g., {{patientName}}, {{date}}, {{time}})| Type | Trigger |
|---|---|
| BOOKING_CONFIRMATION | Sent immediately when an appointment is booked |
| APPOINTMENT_REMINDER | Sent by daily cron at 48 hours and 2 hours before appointment |
| CANCELLATION_NOTICE | Sent when an appointment is cancelled |
| RESCHEDULE_NOTICE | Sent when an appointment is rescheduled |
| FORM_REQUEST | Sent to new patients with a link to complete intake forms |
| WAITLIST_OFFER | Sent to waitlisted patients when a matching slot opens up |
When a patient books online, an email alert is sent to the tenant's registered email address with full appointment details (patient name, contact info, provider, date/time, location). This ensures the front desk is immediately aware of new bookings.
Each send creates a Notification record in the database with status (pending/sent/failed), the external provider ID (Twilio SID or Resend ID), timestamp, and any error messages. This provides a full audit trail visible in the staff dashboard.
Automated reminders are sent via a daily cron job at /api/cron/send-reminders, triggered by Vercel Cron at 9 AM UTC.
| Reminder | Window | Condition |
|---|---|---|
| 48-hour reminder | Appointments 46-50 hours away | remindersSent = 0 |
| 2-hour reminder | Appointments 1.5-2.5 hours away | remindersSent = 1 |
The staff dashboard at /staff/dashboard is the central management interface for practice staff. It requires authentication with ADMIN, STAFF, or PROVIDER role.
| Module | Capabilities |
|---|---|
| Calendar | Day, week, and month views with drag-and-drop rescheduling |
| Appointments | List view with status filters (Pending, Confirmed, Cancelled, etc.) |
| Patients | Patient directory with search, contact info, appointment history |
| Providers | Manage provider profiles, specialties, and active status |
| Locations | Manage practice locations (name, address, timezone) |
| Schedules | Configure time blocks per provider per day of week, overrides, and blocked times |
| Waitlist | View and manage waitlist entries with priority and preferences |
| Notifications | Notification log with delivery status and error tracking |
| Users | Manage user accounts and role assignments |
| Audit Log | Complete trail of all actions (create, update, delete) with timestamps |
| Settings | Branding, embed code, AI assistant config, appointment types, billing |
Practices can build custom intake forms using a drag-and-drop form builder in the staff dashboard. Forms are composed of fields with configurable types.
Practices can upload existing PDF forms and have Claude Vision analyze them, extracting fields and converting them into digital form definitions automatically. This eliminates the need to manually recreate existing paper forms.
/api/auth/forgot-password/reset-password?token=... validates the token and allows setting a new passwordWhen a patient is auto-created during booking, a set-password email is sent with a 7-day token. This allows patients to claim their account and access the patient portal without the practice needing to manually create credentials.
Practices can embed the CareDesk booking flow directly on their own website. This is the primary way practices deploy CareDesk to their patients.
/embed/[tenantSlug]/api/embed/[tenantSlug] endpoint<!-- Embed CareDesk booking on your website --> <iframe src="https://www.caredesk247.com/embed/your-practice-slug" width="100%" height="700" frameborder="0" style="border: none; border-radius: 12px;" ></iframe>
All API routes are under /api/. Public endpoints require the x-tenant-id header. Session endpoints require an authenticated session cookie.
| Endpoint | Method | Auth | Description |
|---|---|---|---|
| /api/embed/[tenantSlug] | GET | Public | Fetch tenant branding (logo, name, color) |
| /api/patients | POST | Public (x-tenant-id) | Create a new patient record |
| /api/patients/check-email | GET | Public (x-tenant-id) | Check if email is already registered |
| /api/appointments | GET | Session | List appointments (filtered by tenant) |
| /api/appointments | POST | Public (x-tenant-id) | Create a new appointment |
| /api/appointments/[id]/cancel | POST | Session | Cancel an appointment |
| /api/appointments/[id]/reschedule | POST | Session | Reschedule an appointment |
| /api/appointments/confirm/[token] | GET | Public | Confirm appointment via email link |
| /api/waitlist | POST | Public (x-tenant-id) | Add patient to waitlist |
| /api/slots | GET | Public (x-tenant-id) | Search available time slots |
| /api/notification-templates | GET/POST | Session | Manage notification templates |
| /api/cron/send-reminders | GET | CRON_SECRET | Trigger reminder sends |
| /api/auth/forgot-password | POST | Public | Request password reset email |
| /api/auth/reset-password | POST | Public | Reset password with token |
| /api/ai/chat | POST | Public (x-tenant-id) | Send message to Care AI |
| /api/discover | GET | Public | Search providers across tenants |
The database uses Prisma 7 with Neon PostgreSQL. All models are tenant-scoped (except global models like VerificationToken). Key models:
| Model | Purpose |
|---|---|
| Tenant | Practice organization — slug, name, branding, timezone, AI config |
| User | Authentication account — email, password hash, role, tenant link |
| Patient | Patient demographics — name, DOB, contact info, consent flags |
| Provider | Doctor/NP profiles — name, specialty, credentials, locations |
| Location | Practice sites — name, address, timezone |
| Appointment | Booked visits — patient, provider, time, status, booking source |
| AppointmentType | Visit type definitions — name, duration, telehealth eligibility |
| Schedule | Provider availability — day of week, start/end time, recurring or override |
| ScheduleBlock | Blocked time ranges — lunch, meetings, time off |
| WaitlistEntry | Waitlist records — patient, appointment type, preferences, priority |
| Notification | Send log — channel, type, recipient, status, external ID |
| NotificationTemplate | Message templates — channel, type, subject, body with variables |
| FormDefinition | Intake form schemas — field definitions, auto-send flag |
| FormSubmission | Completed forms — patient responses, access token, expiry |
| AuditLog | Change history — action, entity, old/new values, user, timestamp |
| VerificationToken | Password reset and email verification tokens |
| Variable | Purpose | Required |
|---|---|---|
| DATABASE_URL | Neon PostgreSQL connection string | Yes |
| AUTH_SECRET | Auth.js session encryption key | Yes |
| NEXTAUTH_URL | Base URL of the application (e.g., https://www.caredesk247.com) | Yes |
| TWILIO_ACCOUNT_SID | Twilio account identifier for SMS | For SMS |
| TWILIO_AUTH_TOKEN | Twilio authentication token | For SMS |
| TWILIO_PHONE_NUMBER | Twilio sender phone number (E.164 format) | For SMS |
| RESEND_API_KEY | Resend API key for transactional email | For Email |
| RESEND_FROM_EMAIL | Sender email address (default: noreply@caredesk.app) | No |
| ANTHROPIC_API_KEY | Anthropic API key for Claude (Care AI) | For AI |
| CRON_SECRET | Secret for authenticating cron job requests (auto-set by Vercel) | For Cron |
veenomous/CareDeskwww.caredesk247.comcaredesk247.com/embed/allergy-family-care# Push code to GitHub git add -A && git commit -m "..." && git push # Deploy to Vercel production npx vercel --prod --yes # Database schema updates npx prisma db push
| Route | Page | Description |
|---|---|---|
| / | Homepage | Pain-first messaging, feature overview, roadmap teaser, ROI statistics |
| /features | Features | Deep-dive into each feature with mockup screenshots and descriptions |
| /ai | AI | Care AI capabilities showcase — conversation demos, tool-use explanation |
| /pricing | Pricing | Three pricing tiers (Starter, Growth, Enterprise) with ROI calculator and FAQ |
| /scheduler | Scheduler | Technical product page showing how the scheduling engine works |
| Feature | Timeline | Description |
|---|---|---|
| AI Phone Receptionist | Q2 2026 | Twilio Voice + Claude for handling phone calls — booking, rescheduling, and FAQs over the phone |
| No-Show Recovery | Q2 2026 | Automated follow-up for missed appointments with rebooking options |
| Insurance Verification | Q3 2026 | Real-time insurance eligibility checks before booking |
| Advanced Analytics | Q3 2026 | Provider utilization, no-show rates, booking trends, and revenue dashboards |
| AI Clinical Documentation | 2027 | AI-assisted note-taking and documentation during appointments |