Patient Registration & Login
How patients access the system — OTP-based login, UHID, and registration.
Patient Registration & Login
Patients access the system through a phone-based authentication flow. When a patient interacts with the hospital for the first time, a record is automatically created with a unique health ID.
Patient Record Fields
Field | Required | Description |
|---|---|---|
UHID | Auto-generated | Unique Health Identifier — auto-assigned on first registration |
Patient Name | No | Full name of the patient |
Date of Birth | No | Birth date stored as epoch seconds |
Gender | No | Patient's gender |
Blood Group | No | Blood type (e.g., A+, O-) |
Addresses | No | List of addresses with labels (Home, Work) and optional geolocation |
Emergency Contact Name | No | Name of emergency contact person |
Emergency Contact Phone | No | Phone number of emergency contact |
Patient Type | Auto-set | NEW, EXISTING, or FOLLOW_UP |
Registration Metadata | No | Custom data captured during registration |
UHID Format
The Unique Health Identifier (UHID) is generated automatically when a patient record is created:
- Format: PREFIX-YYMMDD-SEQUENCE (e.g., LEAP-260221-00001)
- Prefix: configured per hospital (defaults to the system prefix, can be centre-specific)
- Date: the registration date in YYMMDD format
- Sequence: 5-digit zero-padded number (00001 to 99999), auto-incremented per day
The UHID is unique per tenant and serves as the primary patient identifier across all hospital records.
Patient Types
Type | Description |
|---|---|
NEW | First-time patient — automatically set on initial registration |
EXISTING | Patient with prior visits in the system |
FOLLOW_UP | Patient returning for a follow-up consultation |
The patient type can influence slot duration (doctors can configure additional time for new patients) and is tracked across appointments.
Authentication Flow
Patient authentication uses OTP (One-Time Password) verification:
- Patient enters their phone number on the booking portal
- The system sends an OTP via WhatsApp (primary channel) or Email (fallback)
- Patient enters the received OTP
- On successful verification, a signed JWT token is generated
- The token contains the patient's identity and is used for all subsequent API calls
Session Management
After authentication:
- A session is created and stored with the patient's IP address for security tracking
- The JWT token contains the patient's lead ID, tenant ID, and session ID
- All patient API calls are authenticated using this token
- Sessions have a configurable expiry — patients need to re-authenticate after expiry
Patient Context
Once authenticated, the system builds a patient context that includes:
- Lead information (from the CRM system): phone, email, name
- Patient record: UHID, patient type, date of birth, gender, blood group
- Addresses and emergency contacts
- Session information for request tracking
If a patient authenticates for the first time and no patient record exists, one is automatically created with a generated UHID and patient type set to NEW.
Patient Address Management
Each patient can have multiple addresses. Each address includes:
- Street lines, city, state, pincode, country
- Optional GPS coordinates (latitude, longitude)
- A label (e.g., Home, Work, Office)
- A primary flag — one address is marked as the default
Last updated on