Resolve the lifecycle state of an SDK app-user coordinate (read-only)
Read-only probe used by the SDK's `<CuraeAIAccountProvider>` to decide which onboarding / lifecycle UI to render for the current user. Resolves `(customerAccountId, appUserId)` to one of `UNLINKED`, `LIMITED`, `ACTIVE`, or `TOMBSTONED` without minting a `CuraeConnectSession` row, provisioning a LIMITED user, emitting any outbox event, or counting against the per-coordinate `/initiate` rate-limit bucket. Supports RFC 7232 conditional GET — pass the previously-received ETag in `If-None-Match` to receive a `304 Not Modified` when the state has not moved. Designed for high-frequency polling (every page mount, every browser tab visibility-change).
/api/sdk/v1/curae-connect/account-stateRead-only probe used by the SDK's <CuraeAIAccountProvider> to decide which onboarding / lifecycle UI to render for the current user. Resolves (customerAccountId, appUserId) to one of UNLINKED, LIMITED, ACTIVE, or TOMBSTONED without minting a CuraeConnectSession row, provisioning a LIMITED user, emitting any outbox event, or counting against the per-coordinate /initiate rate-limit bucket. Supports RFC 7232 conditional GET — pass the previously-received ETag in If-None-Match to receive a 304 Not Modified when the state has not moved. Designed for high-frequency polling (every page mount, every browser tab visibility-change).
Authorization
platformApiKey CuraeAI Platform API key using the format Bearer . Keys are opaque credentials such as cae_live_..., not JWTs.
In: header
Query Parameters
Opaque SDK user id. Must be canonical: no leading or trailing whitespace and no control characters.
Header Parameters
Strong ETag list (RFC 7232 §3.2). When any candidate matches the current account-state ETag, the response is 304 Not Modified with the same ETag header and no body.
Response Body
application/json
application/problem+json
curl -X GET "https://example.com/api/sdk/v1/curae-connect/account-state?appUserId=string"{ "lifecycleState": "UNLINKED", "subjectUserId": "296d2d93-03fc-4d0e-b7e7-4f7600664125"}{ "type": "string", "title": "string", "status": 0, "detail": "string", "instance": "string", "code": "string", "details": {}, "retryable": true}Mint a graduation handoff token for an existing LIMITED user POST
SDK consumers surface a `<CuraeUpgradeCard>` whenever the current user is in the `LIMITED` lifecycle state; a tap on the upgrade CTA proxies to this route via the consumer backend. The platform mints a fresh server-signed `GRADUATION_HANDOFF` JWT that pins the LIMITED `User.id` and returns the Curae-hosted `/graduate?handoff=<token>` webview URL the SDK navigates the user to. The credential-binding ceremony (passkey, magic link, password) runs inside that webview. Idempotency-Key is REJECTED because every call MUST mint a fresh short-lived JWT — replays would return a stale token whose TTL may have elapsed. Rate-limited at 10 req / customer-account / appUserId / minute (same cap as `/initiate`) to close the LIMITED-binding enumeration side channel.
Search the health-system brand catalog (public) GET
Public, unauthenticated search over the CuraeAI health-system brand catalog — the discovery surface a consumer uses to build an institution picker before any data is linked. The catalog contains only non-PHI metadata (brand name, EHR platform type, FHIR base URL, city/state, and a logo reference), so no API key is required; the authorization boundary is the SDK connection, not catalog discovery. Results are deduplicated by FHIR system identity and CDN-cached at the edge.