Skip to content
API Reference
/
/
Create an Access Token

Hero Health Public API (1.0.0)

The Hero Health Public API enables healthtech partners to integrate with NHS GP practices connected to EMIS Web and TPP SystmOne.

Key capabilities

  • Patient messaging — Send SMS, email, and NHS App messages on behalf of a practice
  • Appointment booking — List available slots, create reservations, and confirm bookings
  • Patient management — Register and look up patients via PDS (Personal Demographics Service)
  • Webhooks — Subscribe to events such as appointment confirmations and write-to-record outcomes
  • Booking & form links — Generate sharable links for patient self-service flows
  • Elements — Generate access tokens for embedding pre-built Hero UI components

Authentication

All endpoints require an x-api-key and x-practice-group-id header. API keys are scoped to specific functionality (messaging, booking, booking links). Contact Hero support to request your key.

Rate limits

Rate limits are defined in your Partner agreement. If you exceed your limit you will receive a 429 Too Many Requests response.

Download OpenAPI description
Download API docs
Languages
Servers
Mock server
https://developer.herohealth.net/_mock/apis/public-api/openapi/
Staging
https://api.staging.htech.app/
Production
https://api.herohealth.net/

Practice Group

Manage practice group settings, access tokens, and configuration. Use the access token endpoint to generate short-lived JWTs for Hero Elements.

Operations

Create an Access Token

Request

Generate a short-lived Access Token (JWT) to authenticate Hero Health Elements (SDKs).

Important: This endpoint must only be called from your server — never from client-side code. The returned token expires after 30 minutes.

Use the returned access_token as the jwt-token attribute when rendering a Hero Element (React component or Web Component).

Security
apiKeyAuth and practiceGroupId
curl -i -X POST \
  https://developer.herohealth.net/_mock/apis/public-api/openapi/v1/access_token \
  -H 'x-api-key: YOUR_API_KEY_HERE' \
  -H 'x-practice-group-id: YOUR_API_KEY_HERE'

Responses

Ok

Bodyapplication/json
access_tokenstringrequired
Response
application/json
{
  "access_token": "string"
}

List Appointment Types

Request

Retrieves a list of all appointment types configured for the requesting practice group.

Security
apiKeyAuth and practiceGroupId
Query
location_idsArray of strings
has_availabilityboolean
curl -i -X GET \
  'https://developer.herohealth.net/_mock/apis/public-api/openapi/v1/appointment_types?location_ids=string&has_availability=true' \
  -H 'x-api-key: YOUR_API_KEY_HERE' \
  -H 'x-practice-group-id: YOUR_API_KEY_HERE'

Responses

Ok

Bodyapplication/json
dataArray of objectsrequired
data[].​idstringrequired
data[].​namestringrequired
data[].​partner_slot_namestringrequired
data[].​next_available_atstring or null(date-time)required
data[].​slot_countnumberrequired
data[].​pricenumberrequired
data[].​assignee_idstring or null^\d+$required
data[].​assignee_typestring or nullrequired
Enum"Admin""AdminTeam"
data[].​sectorstring
Enum"nhs""paid"
data[].​durationnumber or nullrequired
data[].​videoboolean
Default false
data[].​in_personboolean
Default false
data[].​telephoneboolean
Default false
data[].​use_partner_bookable_slotsbooleanrequired
data[].​admin_booking_invoice_requiredboolean
data[].​stripe_appointment_itemsArray of objects
data[].​form_idstring or nullrequired
data[].​practitioner_typestringrequired
Enum"GP""Nurse""Psychologist""Radiologist""Psychiatrist""Health and Exercise Consultant""Personal Trainer""Cognitive Behavioural Therapist""GP – Dermatology Specialist""Rheumatologist"
countnumberrequired
Response
application/json
{
  "data": [
    {}
  ],
  "count": 0
}

List Locations

Request

Retrieves a list of all locations configured for online booking on Hero Health.

Security
apiKeyAuth and practiceGroupId
Query
appointment_type_idsArray of strings
has_availabilityboolean
curl -i -X GET \
  'https://developer.herohealth.net/_mock/apis/public-api/openapi/v1/locations?appointment_type_ids=string&has_availability=true' \
  -H 'x-api-key: YOUR_API_KEY_HERE' \
  -H 'x-practice-group-id: YOUR_API_KEY_HERE'

Responses

Ok

Bodyapplication/json
dataArray of objectsrequired
data[].​idstring^\d+$required
data[].​namestringrequired
data[].​slot_countnumberrequired
data[].​next_available_atstring or null(date-time)required
data[].​longitudenumber or nullrequired
data[].​latitudenumber or nullrequired
countnumberrequired
Response
application/json
{
  "data": [
    {}
  ],
  "count": 0
}

Patients

Register, search, and manage patient records. Supports PDS (Personal Demographics Service) lookups to trace patients against the NHS Spine.

Operations

Messages

Send SMS, email, NHS App, and Hero-only messages to patients. Supports write-to-record to persist messages in the patient's EHR.

Operations

Booking

Create appointment reservations, confirm bookings, cancel, and reschedule. Query available slots filtered by location, practitioner, and appointment type.

Operations

Episode

Manage clinical episodes — containers for related patient interactions and messages.

Operations

Care Navigation

Manage care navigation pathways and patient submissions for triage workflows.

Operations

Prescription

Create and manage prescriptions.

Operations

Prescriptions

List and manage prescriptions.

Operations

WriteToRecord

Check the status of write-to-record operations for messages sent to the EHR.

Operations

Admin

Manage admin users, signatures, and preferences within a practice group.

Operations

ApiKey

List and manage API keys for your practice group.

Operations

Task

Manage tasks assigned to admin users.

Operations

Partner

Retrieve partner information and integrations.

Operations

Partners

Retrieve partner information and integrations.

Operations

Form

List and retrieve forms (questionnaires) configured for a practice group.

Operations

Form Response

Create, retrieve, and update form responses submitted by patients.

Operations

Subscriptions

Manage notification subscriptions and subscribers.

Operations

Webhooks

Subscribe to Hero events (e.g. appointment confirmations, write-to-record outcomes) and receive real-time notifications via HTTP callbacks.

Operations

Invoicing

Manage invoicing customers, products, coupons, and membership schemes.

Operations

Utilities

Utility endpoints for address lookup and SNOMED code validation.

Operations

Booking - HCA

Specialist booking endpoints for HCA (Healthcare Assistant) diary consultants and appointments.

Operations