Kno2 Messaging API

The core SEND surface. Request a draft message, populate it with the patient, recipient Direct address, document type, and metadata, attach one or more clinical documents (CCDA, PDF, images, HL7), then send it as Direct Secure Messaging or document exchange. Confirmed endpoints under api/messages derived from Kno2's official ApiTestClient. Base host is per-integrator subscription.

OpenAPI Specification

kno2-openapi.yml Raw ↑
openapi: 3.0.3
info:
  title: Kno2 Communication API
  description: >-
    Kno2 is a healthcare Interoperability-as-a-Service network. Through a single
    Communication API you SEND, RECEIVE, and FIND patient information - Direct
    Secure Messaging, clinical document exchange, HL7 FHIR, HL7 V2.x, and cloud
    fax - across Kno2's private network, Carequality, eHealth Exchange, and TEFCA
    (Kno2 is a federally designated QHIN).


    SCOPE AND SOURCING: The endpoints modeled in this document are the CONFIRMED
    messaging surface (api/token, api/messages, api/messages/{id}/attachments,
    api/documenttypes, api/directory/validate). They are grounded in Kno2's own
    open-source integrator reference, the Kno2.ApiTestClient
    (https://github.com/Kno2/Kno2.ApiTestClient), whose configuration and helper
    code use these exact relative paths, HTTP verbs, and the OAuth2
    client-credentials token flow. Request/response schemas are MODELED from that
    reference client and Kno2 product documentation; the full field-level
    contracts live behind the login-walled developer portal
    (https://developer.kno2.com) and are provisioned per partner.


    Kno2 also markets FHIR resource query/retrieval and cross-network patient
    record location (Carequality / eHealth Exchange / TEFCA). Those are real
    product capabilities but their specific endpoint paths are partner-provisioned
    and NOT publicly documented, so they are intentionally omitted here rather
    than fabricated.


    BASE HOST: Kno2 does not expose one shared public API host. Each integrator is
    provisioned a per-subscription tenant, e.g. https://{subscription}.kno2fy.com
    in production and https://{subscription}.kno2-stage.com in the staging
    sandbox. Access requires OAuth2 client credentials (client id + secret) and an
    IP allowlist configured by a Kno2 admin.
  version: '1.0'
  contact:
    name: Kno2
    url: https://kno2.com
    email: info@kno2.com
  x-sourcing: >-
    Endpoints, paths, verbs, and the OAuth2 client-credentials token flow are
    CONFIRMED from Kno2's official ApiTestClient (github.com/Kno2/Kno2.ApiTestClient,
    app.config + ApiHelper.cs). Payload schemas are MODELED and simplified.
servers:
  - url: https://{subscription}.kno2fy.com
    description: Production tenant (per-integrator subscription host)
    variables:
      subscription:
        default: your-subscription
        description: The subscription/tenant slug assigned to your Kno2 account.
  - url: https://{subscription}.kno2-stage.com
    description: Staging sandbox tenant (Kno2 Developer Program)
    variables:
      subscription:
        default: your-subscription
        description: The staging subscription/tenant slug assigned to your account.
security:
  - bearerAuth: []
tags:
  - name: Authentication
    description: OAuth2 client-credentials token issuance.
  - name: Messaging
    description: SEND surface - draft, populate, attach, and send messages.
  - name: Intake
    description: RECEIVE surface - search, retrieve, and process inbound messages.
  - name: Attachments
    description: Upload, retrieve, and mark clinical document attachments.
  - name: Directory
    description: Validate Direct addresses and list document types.
paths:
  /api/token:
    post:
      operationId: createToken
      tags:
        - Authentication
      summary: Issue an OAuth2 access token
      description: >-
        OAuth2 client-credentials token endpoint. Authenticate with HTTP Basic
        using base64(client_id:client_secret) and grant_type=client_credentials
        to receive a Bearer access token. A grant_type=refresh_token flow is also
        supported. CONFIRMED from ApiTestClient (AuthUri = api/token).
      security:
        - basicAuth: []
      requestBody:
        required: true
        content:
          application/x-www-form-urlencoded:
            schema:
              type: object
              properties:
                grant_type:
                  type: string
                  enum:
                    - client_credentials
                    - refresh_token
                  example: client_credentials
                refresh_token:
                  type: string
      responses:
        '200':
          description: An access token.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuthResponse'
        '401':
          $ref: '#/components/responses/Unauthorized'
  /api/messages:
    get:
      operationId: searchMessages
      tags:
        - Intake
      summary: Search / find messages
      description: >-
        Search messages with filters. The reference intake loop polls with
        statuses=processed and processedtypes=AwaitingEMRExport to find inbound
        messages ready for EMR export (the RECEIVE / FIND queue). CONFIRMED from
        ApiTestClient (MessageSearchTemplate).
      parameters:
        - name: statuses
          in: query
          schema:
            type: string
          example: processed
        - name: processedtypes
          in: query
          schema:
            type: string
          example: AwaitingEMRExport
        - name: isAll
          in: query
          schema:
            type: boolean
        - name: isUnassigned
          in: query
          schema:
            type: boolean
        - name: orderBy
          in: query
          schema:
            type: string
          example: updatedDate
        - name: orderDir
          in: query
          schema:
            type: string
          example: desc
        - name: pageSize
          in: query
          schema:
            type: integer
          example: 10
        - name: pageStart
          in: query
          schema:
            type: integer
          example: 1
      responses:
        '200':
          description: A page of messages.
          content:
            application/json:
              schema:
                type: object
                properties:
                  items:
                    type: array
                    items:
                      $ref: '#/components/schemas/Message'
        '401':
          $ref: '#/components/responses/Unauthorized'
    put:
      operationId: createMessageDraft
      tags:
        - Messaging
      summary: Request a new draft message
      description: >-
        Creates a new draft message and returns its identifier. CONFIRMED from
        ApiTestClient (RequestMessageDraft PUTs to api/messages).
      responses:
        '200':
          description: The created draft message.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Message'
        '401':
          $ref: '#/components/responses/Unauthorized'
  /api/messages/{id}:
    parameters:
      - $ref: '#/components/parameters/MessageId'
    get:
      operationId: getMessage
      tags:
        - Intake
      summary: Retrieve a message
      description: Retrieves a single message by id. CONFIRMED from ApiTestClient.
      responses:
        '200':
          description: The message.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Message'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
    put:
      operationId: updateMessageDraft
      tags:
        - Messaging
      summary: Populate / update a draft message
      description: >-
        Updates a draft message with patient, recipient Direct address, document
        type, and metadata before sending. CONFIRMED from ApiTestClient
        (SendDraft PUTs the message resource to api/messages/{id}).
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/Message'
      responses:
        '200':
          description: The updated message.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Message'
        '401':
          $ref: '#/components/responses/Unauthorized'
  /api/messages/{id}/send:
    parameters:
      - $ref: '#/components/parameters/MessageId'
    post:
      operationId: sendMessage
      tags:
        - Messaging
      summary: Send a message
      description: >-
        Releases/sends the populated draft over Direct Secure Messaging or
        document exchange. CONFIRMED from ApiTestClient (SendRelease POSTs to
        api/messages/{id}/send).
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/Message'
      responses:
        '200':
          description: The message was accepted for sending.
        '401':
          $ref: '#/components/responses/Unauthorized'
  /api/messages/{id}/process:
    parameters:
      - $ref: '#/components/parameters/MessageId'
    post:
      operationId: processMessage
      tags:
        - Intake
      summary: Process a message (read event)
      description: >-
        Marks a message as processed / records a read event. CONFIRMED from
        ApiTestClient (MessageReadEventUriTemplate = api/messages/{id}/process).
      responses:
        '200':
          description: The message was marked processed.
        '401':
          $ref: '#/components/responses/Unauthorized'
  /api/messages/{id}/attachments/{attachmentId}:
    parameters:
      - $ref: '#/components/parameters/MessageId'
      - $ref: '#/components/parameters/AttachmentId'
    get:
      operationId: getAttachment
      tags:
        - Attachments
      summary: Retrieve an attachment
      description: >-
        Retrieves attachment metadata or its binary content (CCDA, PDF, image,
        HL7). CONFIRMED from ApiTestClient (AttachmentsUriTemplate).
      responses:
        '200':
          description: The attachment metadata or content.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Attachment'
            application/octet-stream:
              schema:
                type: string
                format: binary
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
    post:
      operationId: uploadAttachment
      tags:
        - Attachments
      summary: Upload an attachment
      description: >-
        Uploads a clinical document to a draft message as multipart/form-data.
        CONFIRMED from ApiTestClient (UploadAttachment POSTs multipart content to
        api/messages/{id}/attachments/{attachmentId}).
      requestBody:
        required: true
        content:
          multipart/form-data:
            schema:
              type: object
              properties:
                file:
                  type: string
                  format: binary
                documentType:
                  type: string
      responses:
        '200':
          description: The uploaded attachment metadata.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Attachment'
        '401':
          $ref: '#/components/responses/Unauthorized'
  /api/messages/{id}/attachments/{attachmentId}/read:
    parameters:
      - $ref: '#/components/parameters/MessageId'
      - $ref: '#/components/parameters/AttachmentId'
    put:
      operationId: markAttachmentRead
      tags:
        - Attachments
      summary: Mark an attachment as read
      description: >-
        Records that an attachment has been read/consumed. CONFIRMED from
        ApiTestClient (AttachmentReadUriTemplate =
        api/messages/{id}/attachments/{attachmentid}/read).
      responses:
        '200':
          description: The attachment was marked read.
        '401':
          $ref: '#/components/responses/Unauthorized'
  /api/documenttypes:
    get:
      operationId: listDocumentTypes
      tags:
        - Directory
      summary: List document types
      description: >-
        Lists the document types available to the current subscription. CONFIRMED
        from ApiTestClient (DocumentTypesUriTemplate = api/documenttypes).
      responses:
        '200':
          description: A collection of document types.
          content:
            application/json:
              schema:
                type: object
                properties:
                  items:
                    type: array
                    items:
                      type: string
        '401':
          $ref: '#/components/responses/Unauthorized'
  /api/directory/validate:
    get:
      operationId: validateAddresses
      tags:
        - Directory
      summary: Validate Direct addresses
      description: >-
        Validates one or more Direct Secure Messaging addresses / endpoints before
        sending. CONFIRMED from ApiTestClient (DirectoryValidateTemplate =
        api/directory/validate).
      parameters:
        - name: addresses
          in: query
          description: One or more Direct addresses to validate.
          schema:
            type: array
            items:
              type: string
      responses:
        '200':
          description: A map of address to validity.
          content:
            application/json:
              schema:
                type: object
                additionalProperties:
                  type: boolean
        '401':
          $ref: '#/components/responses/Unauthorized'
components:
  securitySchemes:
    bearerAuth:
      type: http
      scheme: bearer
      description: Bearer access token obtained from POST /api/token.
    basicAuth:
      type: http
      scheme: basic
      description: >-
        HTTP Basic with base64(client_id:client_secret), used only against
        /api/token to obtain a Bearer token.
  parameters:
    MessageId:
      name: id
      in: path
      required: true
      description: The message identifier.
      schema:
        type: string
    AttachmentId:
      name: attachmentId
      in: path
      required: true
      description: The attachment identifier.
      schema:
        type: string
  responses:
    Unauthorized:
      description: Authentication failed or the token is missing/expired.
    NotFound:
      description: The requested resource was not found.
  schemas:
    AuthResponse:
      type: object
      description: MODELED - OAuth2 token response.
      properties:
        access_token:
          type: string
        token_type:
          type: string
          example: Bearer
        expires_in:
          type: integer
          example: 3600
        refresh_token:
          type: string
    Message:
      type: object
      description: >-
        MODELED - a Kno2 message resource. Field set simplified from the
        ApiTestClient MessageResource and product docs; the authoritative schema
        is provisioned per partner via developer.kno2.com.
      properties:
        id:
          type: string
        status:
          type: string
          example: draft
        subject:
          type: string
        patient:
          $ref: '#/components/schemas/Patient'
        recipients:
          type: array
          items:
            type: string
            description: Direct Secure Messaging address.
        documentType:
          type: string
        attachments:
          type: array
          items:
            $ref: '#/components/schemas/Attachment'
        updatedDate:
          type: string
          format: date-time
    Patient:
      type: object
      description: MODELED - patient demographics attached to a message.
      properties:
        firstName:
          type: string
        lastName:
          type: string
        dateOfBirth:
          type: string
          format: date
        gender:
          type: string
        mrn:
          type: string
          description: Medical record number.
    Attachment:
      type: object
      description: MODELED - a clinical document attachment.
      properties:
        id:
          type: string
        fileName:
          type: string
        mediaType:
          type: string
          example: application/pdf
        documentType:
          type: string
        size:
          type: integer