Search clinics, staff, or setup tasks
Receptionist
Reception and operations

Command Center

Today-first operating view for appointments, missed work, escalations, and human-loop tasks.

No clinic selectedReceptionistProduction access modeNo signed staff sessionLocal ready
Escalations and Command Center ready: staff can see today's work, open callback tasks, assign owners, resolve tickets, and audit the human loop.
AdminOps

Staff directory

1 active

Owners and admins manage clinic users here. Reception, doctor, reviewer, and operations roles stay clinic-scoped.

Owner0/0
Admin0/0
Receptionist0/0
Doctor0/0
Reviewer0/0
Operations0/0
StaffRoleStatusAction
Clinic VoiceOps Super Adminadmin@clinic.freefast.onlineSuper Adminactive
Role Profile

Selected staff access profile

CV

Clinic VoiceOps Super Admin

admin@clinic.freefast.online
active
RoleSuper Admin
Portal homeService Provider Console
Clinic scopeNo clinic
Last updated19/05/2026 08:25 IST

Manage clinic tenants, launch readiness, provider connections, support access, and cross-clinic compliance.

Invite/password delivery remains owned by the production auth provider. This form updates the clinic-scoped role contract and signed-session access.

Permissions

Role permission preview

Allowed workCreate and manage clinic tenantsReview provider/deployment readinessOpen audited support sessionsTrack cross-clinic operational health
Restricted workCannot provide medical adviceCannot access clinic data without audited support reason
Access Handoff

Invite and access handoff

Local demo login uses the shared access code. Production will hand off to custom auth, Auth.js, Clerk, or Supabase.
Created staff are clinic-scoped and cannot see restricted modules outside their role contract.
Deactivated staff are blocked from signed login and protected API access immediately.
Staff Entry

Create staff user

Passwords and real invites belong to the production auth provider. This creates the clinic-scoped staff record and audit event.

Clinic Settings

Settings control center

Owner/admin control center for clinic identity, operating rules, automation safety, communication, and audit evidence.

No clinic
Default languageEnglish
LanguagesEnglish, Hindi
Retention365 days
Support accessDisabled
Clinic Identity

Clinic profile

Clinic nameNot configured
VerticalClinic
Operating modenative
Deploymentshared saas
RegionIndia
TimezoneAsia/Kolkata

These fields drive staff context, WhatsApp location messages, voice-agent clinic identity, and service-provider handoff packets.

Clinic Access

Multi-location command

Active branches0Clinic locations available for booking, reminders, and reports.
Doctor coverage0Branch-level doctor availability touchpoints.
Linked appointments0Existing appointments mapped to branch records.

Add at least one clinic location before live voice and WhatsApp routing.

Add another branchCreate a branch record before wiring separate numbers, WhatsApp senders, calendars, or LIMS desks.

Branch records are the source for appointment location, WhatsApp location links, report desk routing, and future per-location phone numbers.

Care Team

Doctors & availability

Voice booking should only offer approved doctor slots and must escalate same-day exceptions to reception.

Booking Rules

Services & appointment rules

New patient intakeRegistration link before visit
Reminder sequence24h and 1h WhatsApp
Automation Safety

Communication & AI safety

Voice providernot configured
WhatsApp providernot configured
Approved FAQ answers0
Draft/unsafe answers0
No diagnosis, prescription, report interpretation, or emergency decisioning.
Use approved FAQ, booking, reminder, report-ready, feedback, and consent-safe service messages only.
Escalate urgent symptoms, angry callers, billing disputes, unknown FAQs, and low confidence calls.
Owner Controls

Compliance controls

Settings changes are audited. Support access should stay off unless the clinic approves a timed service-provider support session.

Settings Audit

Recent configuration events

No settings audit event yet. Save settings or update staff to create audited evidence.

Owner Analytics

ROI and risk decision cockpit

Use analytics as a pilot evidence board: find recovered work, unresolved human-loop risk, knowledge readiness, and operating areas that need staff review before clinic scale-up.

0 open risks
Routine automation0clear
Human-loop risk0clear
Voice calls0clear
WhatsApp events0clear
Approved FAQs0clear
Decision signals8active
Review calls when routine call automation increases or missed-call recovery changes.
Review WhatsApp when queued, failed, or opt-out workflows affect patient follow-up.
Review escalations before calling the pilot successful; open risk must have owner visibility.
Use analytics for decisions and audits only; it never triggers medical, billing, or migration actions automatically.
Clinic Analytics

Operational snapshot

Routine messages0
Routine calls0
Open human loop0
Approved FAQs0

These are local operational metrics for pilot validation. Production ROI reports will compare recovered calls, bookings, no-shows, and staff time saved.

Missed-call recovery0Calls needing recovery or staff reviewsuccess
Reminder coverage0Appointment reminders queued or deliveredinfo
Report delivery risk0Failed report-ready deliveriessuccess
Integration sync risk0External connector jobs needing reviewinfo
Plans & Usage

Current local usage

AreaCountStatus
Patients0CRM Lite records
Appointments0Scheduling records
Voice calls0Call review records
WhatsApp events0Workflow records

Use this view as the pilot evidence board: every number links to an operating workspace where staff can inspect the underlying calls, messages, reports, integrations, or escalations.

Analytics is read-only. It should guide staff review and owner decisions, not trigger medical, billing, or migration decisions automatically.

Total Calls
45

0 completed calls

Appointments
24

2026-05-04 schedule

Confirmed
18

Ready for clinic flow

Missed Calls
7

0 urgent follow-ups

New Patients
6

0 registrations

Reports Ready
4

0 delivery issues

Daily Work Tabs

Open, complete, and minimize each queue

Use these tabs to jump to the exact clinic work area. Each section below opens from its header and can be minimized after review.

Open panels7/8
Work waiting5
Urgent Work Queue

Today's work

0 tasks
Urgent Work Queue

Today's work

0 tasks
No urgent work in the current demo state.
Missed Calls

Callback queue

0 missed
Missed Calls

Callback queue

0 missed
TimePatientAction
Appointments Timeline

Today's schedule

0 appts
Appointments Timeline

Today's schedule

0 appts
Open Escalations

Human loop tasks

0 open
Open Escalations

Human loop tasks

0 open
No escalation tickets yet.
Pending Registrations

Registration review

0 pending
Pending Registrations

Registration review

0 pending
Report-Ready Messages

Reports queue

0 ready
Report-Ready Messages

Reports queue

0 ready
Provider Readiness

Operational systems

1/6
Provider Readiness

Operational systems

1/6
All SystemsNeeds review
Create Escalation

Manual safety task

Create Escalation

Manual safety task

Patient CRM Lite

Patient records

0 duplicate review
PatientPhoneWorkflowReview
No patient matches this search. Clear the search or create a new patient record.
Staff Entry

Create patient

Selected Patient

No patient selected

No patient records are available yet.

Appointment Desk

Today's booking control

Reception can scan the day, confirm visits, recover no-shows, and queue WhatsApp reminders from one workflow.

0 scheduled
Booked0clear
Confirmed0clear
Completed0clear
No-show0clear
Cancelled0clear
1Select dateLoad the day's schedule.
2Choose patientVerify phone and visit reason.
3Load slotUse approved doctor/service rules.
4Send reminderQueue consent-safe WhatsApp messages.
AppointmentOps

Daily schedule

0 appointments
TimePatientDoctorServiceStatus
No appointments booked for this date.
Receptionist Booking

Book or reschedule

DoctorChoose service · Price hidden
Google Calendar v1
Selected Appointment

Lifecycle and patient handoff

none
Select a row from the daily schedule to review lifecycle, reminders, and patient handoff.
VoiceOps Command

Call review and safety desk

Review voice-agent outcomes, linked appointments, failed tool calls, low-confidence cases, and staff handoffs before production activation.

0 review flags
Total calls0clear
Completed0clear
Escalated0clear
Linked appts0clear
Low confidence0clear
Tool failures0clear
Confirm patient identity before staff callback.
Escalate medical, urgent, angry, billing, unknown, or low-confidence calls.
Verify appointment and reminder records after every booking call.
Use transcript and backend tool evidence before resolving a case.
VoiceOps MVP

Voice Agent setup

not configured
mock_vapiEnable the safe mock provider before connecting Vapi/Exotel.
LanguagesHindi, English
DisclosureAI disclosure on
Tools0 backend tools
SafetyMedical refusal + escalation

The voice agent can book appointments, check slots, find patients, and create staff escalations. It cannot diagnose, prescribe, interpret reports, or make emergency decisions.

Live voice gate

Provider assistant setup

live calls blocked

Real Vapi/Bolna calls stay blocked until assistant binding, phone routing, public callback URL, webhook security, and internal test-call evidence are all ready.

Provider modeblockedStill using local mock provider
Assistant bindingblockedAdd Vapi/Bolna assistant ID before live callbacks
Phone bindingblockedAdd provider phone number ID or connected number before live calls
Public callbackblockedRequires deployed HTTPS callback URL from Provider Health
Webhook securityblockedRequires server-side webhook secret before provider dashboard registration
Real test callblockedRecord internal test call evidence in Live Readiness before patient traffic

Production mode uses live voice-provider webhooks and backend tool APIs. Mock voice configuration and simulated calls are disabled.

Call Review

Call sessions

0 calls
CallerIntentStatusLinked work
No voice calls yet. Use the simulation buttons to validate the VoiceOps flow.
Transcript

Transcript and tool calls

No call selected.

Knowledge Base

Approved FAQ library

0 approved

Voice agents may answer only from approved clinic FAQ items. Draft or unknown questions must be escalated to staff.

QuestionCategoryStatusVersion
No FAQ items yet. Add approved clinic answers before enabling autonomous FAQ responses.
FAQ Detail

Voice-safe answer

Select a FAQ item to review the approved answer.

FAQ Entry

Create FAQ item

ReportOps Command

Report delivery evidence and safety desk

Track report-ready handoffs, secure-link delivery, failed patient notifications, active link expiry, and doctor-review escalations without allowing AI report interpretation.

0 review items
Ready0clear
Delivered0clear
Failed0clear
Queued links0clear
Active links0clear
Doctor review0clear
Send secure report links only after the report record is ready and patient identity is confirmed.
Delivery status should come from provider callbacks in production, not manual assumptions.
Never explain or summarize report values with AI; create a doctor or reviewer escalation.
Failed delivery or opt-out cases become staff follow-up work before retrying any message.
ReportOps Lite

Reports queue

0 reports
Selected patientNot selected
WhatsApp consentNo patient selected
Delivery ruleQueue secure link
InterpretationAlways blocked
ReportPatientStatusDelivery
No diagnostic reports yet. Mark a report ready for the selected patient to create a secure link and WhatsApp delivery.
Secure Delivery

Report delivery status

No report selected.

Integration Command

Connector source-of-truth and sync desk

Manage Native, Connect, and Migration modes with clear ownership rules, connector readiness, mapping review, and failed-sync recovery before data reaches voice, WhatsApp, reports, or analytics workflows.

0 review items
Connectors0clear
Connected0clear
External SOT0clear
Mappings review0clear
Sync issues0clear
Records synced0/0active
Existing CRM/HIS/LIMS remains source of truth unless the clinic approves migration cutover.
Voice agent, WhatsApp, reports, and dashboard call only our backend connector layer.
Failed syncs, duplicate matches, and uncertain mappings stay in staff review before retry.
Disconnected connectors must degrade safely to Native Mode or manual upload workflows.
Connect Mode

Integration Hub

0 connectors
Native ModeVoiceOps stores patient and appointment recordsBest for new clinics or clinics moving from Excel/manual registers.
Connect ModeExisting CRM/HIS/LIMS remains source of truthVoice, WhatsApp, reports, and analytics use backend connector mappings.
Migration ModeRun both systems before cutoverDuplicates and risky rows stay in staff review before import.
ConnectorStatusSource of truthLast sync
No external connectors yet. Native Mode continues to work without connectors.
Connector Status

Source-of-truth controls

No connector selectedNative Mode: VoiceOps remains source of truth.
native

Connect Mode reads and maps external objects. VoiceOps does not overwrite external CRM/HIS/LIMS data automatically; writeback belongs to a later approved migration step.

Production integrations accept real connector credentials, file imports, and provider webhooks only. Demo sync failure tools are disabled.

Mapping Review

External mappings

0 mappings
ExternalLocalStatus
No mappings yet. Import CSV patients, map an appointment, or run the LIMS webhook demo.
Sync Error Queue

Sync jobs

0 issues

No sync jobs yet.

Production Readiness Command Center

Provider Health launch guide

Use this as the service-provider checklist for the selected clinic. It separates local setup, staging proof, and live patient-traffic approval in plain language.

Live still blocked0/11launch steps ready
Data foundationblockedPostgres must be ready before real clinic data is trusted.database
Provider proofblockedCallback ops plus fixture lab prove provider contracts safely.evidence
Go-live gateblockedRequires public HTTPS callbacks, real test evidence, and approvals.patient traffic
1
Environment packblocked

Map every live external value to the exact env variable, screen, API route, and evidence.

0 blocked item(s). Use this before deployment handoff.
2
Production rehearsalblocked

Prove production data, auth, deployment URL, backup, restore, and rollback behavior before provider activation.

0 blocked item(s). This is the rehearsal bridge before live provider traffic.
3
Staging callbacksblocked

Rehearse public URL, webhook routes, signatures, provider callback registration, staging env parity, and rollback.

0 blocked item(s). No real provider traffic is enabled here.
4
Deploy targetblocked

Choose the staging host, prepare env templates, copy callback URLs, and document rollback before provider activation.

0 blocked item(s). This turns live setup into an operator checklist.
5
Preview smokeblocked

Run the final local and staging-preview checks for env, admin, database, callbacks, rollback, and live-readiness gates.

0 blocked item(s). This is the last local pack before staging deployment values are entered.
6
Postgres cutoverblocked

Move from local JSON prototype storage to the production database safely.

Check Prisma models, database URL, migration marker, and restore readiness.
7
Provider accountsblocked

Store voice, telephony, and WhatsApp setup details without exposing secrets in the browser.

0 masked credential profile(s); callbacks and public URLs still decide live readiness.
8
Fixture labblocked

Test provider callback shapes with sanitized samples before real patient traffic.

0 fixture sample(s). This proves parser contracts only; it does not send calls or messages.
9
Deployment activationblocked

Confirm production auth, persistence, provider, webhook, and rollback gates.

0 blocker(s). Localhost and mock evidence cannot unlock patient traffic.
10
Staging rehearsalblocked

Run a no-live-patient-data rehearsal with synthetic calls, messages, reports, and rollback evidence.

0 synthetic evidence record(s) recorded for dry-run confidence.
11
Live readinessblocked

Final gate for real patient calls, WhatsApp messages, reports, and clinic data.

0 live evidence record(s), 0 signoff approval(s).

Live patient traffic remains blocked until the deployment gate, Postgres gate, provider callbacks, staging rehearsal, live evidence, and owner/super-admin signoff all pass. This panel is operational guidance; it does not bypass backend safety checks.

Milestone 1

Production Environment Pack

blocked
Selected clinic live setup mapEvery missing external value is mapped to the exact env variable, dashboard screen, backend route, and evidence needed before real patient traffic.
Ready0Values or evidence prepared
Needs review0Optional or partial setup
Blocked0Must be fixed before live traffic

This pack is safe to share with operators because it never returns raw API keys, tokens, passwords, patient names, phone numbers, transcripts, or report data.

RequirementEnv variablesDashboard / API routeEvidence before live
Refresh the production environment pack to load the live setup map.

Use this before deployment handoff: the public URL, Postgres cutover, provider credentials, webhook secrets, WhatsApp sender/templates, evidence center, and final signoff must all be closed here or in the linked Provider Health panels.

Milestone 2

Production Data, Auth, And Deployment Rehearsal Pack

One operator checklist for Postgres cutover, admin bootstrap, auth/session lockout, deployment URL rehearsal, and rollback proof.

blocked
Selected clinic production rehearsal mapThis does not activate live traffic. It tells the operator what must be rehearsed locally/staging before real voice, WhatsApp, and clinic data are allowed.
Ready0Rehearsal gates proven
Needs review0Dry-run evidence exists but live remains separate
Blocked0Must be rehearsed before provider activation

The pack is operator-safe: it returns commands, env variable names, routes, artifacts, and evidence names only. It does not return database URLs, passwords, auth secrets, provider tokens, patient names, transcripts, or reports.

RehearsalCommand / envScreen / API / artifactSuccess evidence and risk
Refresh the production deployment rehearsal pack to load the milestone checklist.

Run this before external provider activation. Milestone 1 maps required values; Milestone 2 proves the production data/auth/deployment path can survive real operation and rollback without using live patient traffic.

Milestone 3

Staging Deployment And Public Callback Rehearsal

Rehearse the deployed URL, provider webhooks, callback signatures, staging env parity, and rollback path before real provider traffic.

blocked
Selected clinic callback rehearsal mapThis is still synthetic and staging-only. It helps a non-technical operator see exactly what must be proven before Vapi, Bolna, WhatsApp, or optional Exotel can send real events.
Ready0Staging gates proven
Needs review0Partial proof or live separation review
Blocked0Must be rehearsed before provider traffic

This pack returns only route names, env variable names, artifact names, and evidence requirements. It does not return raw webhook secrets, provider tokens, connection strings, patient data, callback payloads, transcripts, or reports.

RehearsalCommand / envScreen / API / artifactEvidence and risk
Refresh the callback rehearsal pack to load the Milestone 3 checklist.

Use this after Milestone 2 and before real provider activation. Staging callback success must remain separate from Live Readiness until paid-provider round-trip evidence and two-person signoff exist.

Milestone 4

Staging Deployment Target And Environment Template

Choose the deployment target, prepare staging and production env templates, map callback URLs, and document rollback before real provider activation.

blocked
Selected clinic deployment target packetThis pack is safe for operators: it shows target choice, env variable names, callback URLs, commands, and evidence needs without exposing raw secrets or patient data.
Selected targetNot selectedHost, region, and tenancy must be recorded first
Ready0Deployment-prep gates proven
Blocked0Must close before provider activation
Needs review0Partial proof or operator review

Staging and production values must stay separate. This screen can be shared because it returns placeholders, route names, env variable names, and evidence requirements only. It does not return API keys, passwords, tokens, connection strings, transcripts, reports, or patient records.

Callback URL map

Copy staging URLs first; keep production disabled until live signoff

ProviderStaging URLProduction URLEvidence
Refresh the deployment target pack to generate staging and production callback URLs.
Deployment prepCommand / envScreen / API / artifactEvidence and risk
Refresh the deployment target pack to load the Milestone 4 checklist.

Use this before paid-provider activation. The staging target, environment templates, callback map, rollback plan, and operator runbook must be understood before Vapi, Bolna, Exotel, or WhatsApp are allowed to send real patient events.

Milestone 5

Deployment Platform Rehearsal And Preview Smoke Test

Prepare the final env checklist, admin bootstrap, database migration, callback map, preview smoke test, rollback, and live-readiness checks before staging deployment.

blocked
Selected clinic preview rehearsal packUse this before adding real credentials. It proves the deployment workflow, smoke-test path, and live-safety gates without making provider calls or enabling patient traffic.
Smoke targetlocalhostUse localhost now; swap to staging URL after deployment
Ready0Deployment gates proven
Blocked0Must close before live traffic
Review0Partial proof or local-only smoke target

This rehearsal is local and staging-safe. It returns command names, env variable names, route names, and evidence requirements only. Real provider tokens, passwords, database URLs, patient data, transcripts, and reports are never returned.

Smoke test script

npm run deployment:preview:smoke

CheckMethod / routeExpected resultEvidence
Refresh the preview rehearsal pack to load smoke-test routes.
Rehearsal gateCommand / envScreen / API / artifactEvidence and risk
Refresh the deployment platform rehearsal pack to load the Milestone 5 checklist.

After this local rehearsal is complete, the same smoke-test script can run against the staging preview URL. Passing preview smoke tests does not unlock live patient traffic; real provider evidence and two-party signoff are still required.

Provider Proof Levels

Local, staging, and live proof

Separate safe local setup from staging dry-runs and real live-provider evidence before any patient traffic.

live blocked
Local proofwarning0 masked credential profile(s). Local backend routes and forms can be tested without live patient traffic.local setup
Staging proofblocked0 synthetic evidence record(s). Use this for callback dry-runs, rollback drills, and no-live rehearsals.dry run
Live proofblocked0 real evidence record(s), 0 signoff(s). Requires public HTTPS callbacks, webhook secrets, and real test call/message proof.patient traffic gate
Selected clinic can continue local setup now. Live activation stays blocked until provider callbacks, paid sender/phone routing, webhook verification, and real evidence are complete.
Phase 15

Provider Activation Preflight

local only
Voice AI providerPending
warning

Vapi primary with Bolna secondary fallback. Stored keys remain backend-only.

Call routingPending
warning

Default routing is direct Vapi/Bolna. Exotel SIP/DID is optional for clinics that need it.

WhatsApp messagingPending
warning

WhatsApp Cloud/BSP credential and template/callback evidence are required before live messages.

Callback fixtures0 samples
warning

Staging callback dry-run needs approved Vapi/Bolna voice, WhatsApp, and rejected-negative fixtures. Exotel is conditional.

No paid provider callsNo browser secretsNo live patient trafficLive gate still separate

Use this area to prepare blank provider wiring locally. Saving a credential stores an encrypted backend record only; verification is a separate deliberate backend action after you provide real keys.

Typed setup profile

Vapi voice setup profile

non-secret fields

Use Vapi as the primary voice-agent provider. These values are safe routing identifiers; the private key stays encrypted server-side.

You can save the Vapi private key now. Real call routing stays blocked until a live assistant, phone number, public callback URL, and webhook secret are configured.
Save vs verify gateTyped profile is ready for backend verification after the secret is saved.Backend verification can run after the private API key is saved and the Vapi base URL is present.
profile ready
  • Base URLProvided
Missing before live provider activationThese are not required to save the local credential profile, but they block real patient calls/messages.
  • Public HTTPS callback URL for /api/voice/webhooks/vapi
  • Vapi assistant ID and phone number/routing ID
  • VOICEOPS_WEBHOOK_SECRET for signed webhook validation
  • Real internal test call evidence before patient traffic
Before saving
  • Paste the server-side Vapi private API key in the Secret field.
  • Keep the base URL as https://api.vapi.ai unless Vapi gives a different production endpoint.
  • Assistant ID and phone number ID can stay blank until the provider dashboard is ready.
Before live activation
  • Create/select the clinic assistant in Vapi.
  • Attach a Vapi phone number or routing setup.
  • Register the deployed /api/voice/webhooks/vapi callback URL with webhook authentication.
  • Record one real internal test call before patient traffic.
Only non-secret setup identifiers are shown here. API keys, tokens, webhook secrets, and callback signatures remain server-side.
Provider Health

Provider Readiness

warning

Production mode stores only real provider credentials through the credential API. Demo credential seeding is disabled.

CheckStatusRequired action
Run readiness check before connecting real Vapi/Bolna voice, optional Exotel routing, and WhatsApp credentials.
Credential Vault

Masked credentials

0 stored
ProviderPreviewStatus
No masked credentials stored yetStore real Vapi/Bolna, optional Exotel, and WhatsApp credentials through the production credential flow. Raw provider keys never return to the browser.Base URL: RequiredAssistant ID: OptionalPhone number ID: OptionalWebhook path: Optional
Phase 17A-17B

Provider Connection Workbench

blocked
Connection packet not reviewed0 blockers · 0 callback routes · no provider calls
No external callsNo secret values returnedProvider keys still requiredLive traffic blocked
Operator runbook

External provider activation guide

Use this before external-provider activation so a non-technical service provider knows exactly what is missing, where to enter it, and what proof is required before live patient calls or WhatsApp messages.

Public callback URLblocked

Use one stable HTTPS domain for every provider dashboard. Localhost and non-HTTPS URLs stay blocked.

Set VOICEOPS_PUBLIC_APP_URL after deployment, then copy the route URLs below.HTTPS public URL ready
Webhook secretsblocked

Voice, Exotel, and WhatsApp callbacks must fail closed unless server-side secrets/tokens are configured.

Set VOICEOPS_WEBHOOK_SECRET plus WhatsApp app secret/verify token and optional Exotel token on the server.Server callback secrets ready
Vapi/Bolna routingblocked

Default route is Vapi primary with Bolna fallback. Exotel/SIP is optional only for clinic-owned DID/SIP forwarding.

Store and verify the Vapi key first, add Bolna as secondary, then record a real internal test call.Voice credential and route ready
WhatsApp sender and templatesblocked

Manual WhatsApp can work locally, but automated reminders, registrations, reports, and feedback require Cloud/BSP sender setup.

Collect WABA, phone number ID, approved templates, app secret, verify token, and one consent-safe test message.WhatsApp credential and templates ready
Evidence before liveblocked

Patient traffic remains blocked until provider fixtures and real call/message/callback evidence are recorded.

Approve sandbox fixtures, run staging dry-run, then record real test call and message evidence in Live Readiness.Sandbox and live proof ready
Voice callback routesRegister these only after the public HTTPS URL and webhook secret are available.
  • Vapi voice webhook/api/voice/webhooks/vapiblocked
  • Bolna voice webhook/api/voice/webhooks/bolnablocked
WhatsApp sender and callback setupAutomated delivery requires Cloud/BSP sender setup and approved templates.
  • WhatsApp Cloud status webhook/api/clinic/notifications/webhooks/whatsapp-cloudblocked
  • Template approvalbooking_confirm, reminder_1h, report_ready, feedback_request, opt_outrequired
Collect for Vapi primaryPrivate API key, assistant ID, phone/routing ID, deployed callback URL, webhook secret, internal test call id.
Collect for Bolna fallbackAPI key, agent ID, connected India phone/routing number, deployed callback URL, callback token, internal test call id.
Collect for WhatsApp Cloud/BSPWABA ID, phone number ID per sender, access token, app secret, verify token, approved template names, test message id.
Evidence required before liveApproved provider fixtures, rejected negative fixture, staging dry-run, real test call, real test WhatsApp, owner and VoiceOps signoff.
Activation stageStatusAllowed now / blocked by
Refresh the connection workbench to separate local-safe work from staging and live-traffic blockers.
RequirementStatusMissing / next action
Refresh the connection workbench to see the exact Vapi/Bolna, optional Exotel, WhatsApp, and callback values required for Phase 17.
Callback routeStatusProvider dashboard URL
Callback routes load after the workbench refreshes. Localhost URLs are intentionally not accepted for provider dashboards.

When all local connection requirements are ready, run backend provider verification and then record real provider round-trip evidence in Live Readiness.

Provider handoff packet not generatedGenerate a safe setup packet for Vapi/Bolna, optional Exotel, WhatsApp, callback URLs, and operator checklist.
Callback Evidence

Provider Callback Ops

warning
Callback operations not reviewed0 provider routes · 0 recent safe events

Refresh callback ops to load voice and WhatsApp callback metrics from the backend policy boundary.

RouteStatusSafe evidence
Run callback operations review to load Vapi, Exotel, WhatsApp Cloud, and Exotel WhatsApp route status.
EventStatusEvidence
No sanitized callback evidence recorded yet.

Raw callback payloads, signatures, phone numbers, transcripts, message bodies, recording URLs, tokens, and secure links stay server-side.

Contract Lab

Provider Fixture Lab

0 samples
Fixture lab not reviewedDry-run parser evidence only. These samples never enable live traffic or mutate patient records.

Record or refresh provider fixtures to review real callback contract readiness before any live patient traffic.

Fixture samplesStatusContract evidence
No provider fixture samples recorded yet. Capture sandbox callback samples before live activation.

Fixture review stores hashes and masked references only; raw provider payloads and headers stay out of browser state.

Production Gate

Deployment Readiness

blocked
Production gate not reviewedRun production gate before go-live.
GateStatusRequired action
Run the deployment gate before moving from the local prototype to a real clinic deployment.

Production launch needs real staff login, Postgres persistence, demo session disabled, Vapi/Bolna voice credentials, selected call-routing proof, WhatsApp credentials, webhook signatures, encryption, and audit review before live patient calls.

Live Patient Data Gate

Live Readiness

blocked
Live signoff not reviewed0 provider evidence records · 0 required signoff approvals
External activation

Live Activation Evidence Center

Track each real provider value and test result here after deployment and paid-provider access are ready. This is the live evidence ledger; staging fixtures and demo data do not unlock patient traffic.

Provider value trackerblocked
0 evidence record(s) · 0 signoff(s)Use this as the final checklist after public URL, provider keys, paid sender, and callback secrets are available.
Public callback URLblocked
A public HTTPS callback URL is required.Set VOICEOPS_PUBLIC_APP_URL before recording provider callback proof.
Fresh provider verificationblocked
Provider credentials must be verified on the server.Verify Vapi/Bolna, routing, and WhatsApp credentials before final signoff.
Real provider test results0/7
Voice call, routing call, WhatsApp send, provider callbacks, and human review must be recorded as real evidence.No mock, demo, localhost, phone, patient, token, or secret values.
Store only non-secret provider references and operational proof. Do not paste phone numbers, patient names, transcripts, report links, access tokens, webhook signatures, or raw provider payloads.
Next live evidence to collect
Evidence requirements are readyKeep evidence fresh until both live signoffs are recorded.ready
Live gateStatusRequired action
Run the live gate before any real patient calls, WhatsApp messages, reports, or clinic data are enabled.
EvidenceProviderExpiry
No live provider evidence recorded yet.

Final live patient data signoff requires fresh backend provider verification, live voice/routing/WhatsApp round-trip evidence, clinic owner/admin approval, and VoiceOps super-admin approval. Mock or localhost evidence is rejected in production.

Staging To Live

Deployment Activation

blocked
Activation packet not reviewed0 blockers · 0 external dependencies
Activation stageStatusRequired action
Run the activation packet before staging/live deployment. This does not enable live patient traffic.
DependencyProviderEvidence
No activation dependencies loaded yet.

Phase 11M is a rehearsal packet only. Keep all provider tests on internal numbers and synthetic patients until Live Readiness and the activation packet both pass.

Dry Run Only

Phase 11N Rehearsal

blocked
No staging rehearsal started0 synthetic evidence records · 0 blockers · Live evidence remains 0
Synthetic onlyNo deploymentNo paid providersDoes not count for Live Readiness
Rehearsal checkStatusRequired evidence
Refresh or start the staging rehearsal to load dry-run checks. This flow is synthetic-only and cannot enable live patient traffic.
EvidenceReferenceObserved
No synthetic rehearsal evidence recorded yet.

Phase 11N is a dry-run ledger. It records synthetic evidence for staging HTTPS, auth, Postgres restore, callback fixtures, patient workflows, monitoring, rollback, and clinic go/no-go without mutating Live Readiness or calling paid providers.

Persistence Ops

Postgres Readiness

blocked
Persistence not reviewed0 required Prisma models ready · 0 current JSON records counted
Current source of truthJSON prototype storeSafe for local build validation only. Do not use this storage mode for real clinic operations.cutover required
Data to migrate0Current local records counted for migration planning. Review counts before importing prototype data.JSON snapshot
First production adminNot seededRun the super-admin bootstrap before any real clinic onboarding.admin seed
Local Dry-Run Runbook

Run these before live server cutover

These are local verification commands only. They do not call Vapi, Bolna, Exotel, WhatsApp, or any paid provider.

local proof only
1
Start local Postgresblocked
npm run db:local:upStarts the local database container used for cutover rehearsal.
2
Apply migrationsblocked
npm run db:migrate:deployApplies Prisma migrations before the app trusts Postgres tables.
3
Verify local DB countswarning
npm run db:verify:localChecks DB connectivity, migration table, and key PatientOps record counts.
4
Bootstrap first super adminblocked
npm run db:bootstrap:super-adminCreates the first service-provider admin only when the staff table is empty.
5
Run cutover dry-runwarning
npm run db:cutover:dry-runRuns production-like auth, Postgres persistence, browser validation, and screenshot proof locally.
Production Lockout

Demo controls must be off before Postgres goes live

0/4 safe
Real login providerProduction must use custom/Postgres or an external auth provider.blocked
Demo session disabledDemo receptionist fallback must be off before live use.blocked
Access-code login disabledShared local access codes must be removed before live use.blocked
Staff header auth disabledProtected APIs must not accept staff-id headers in production.blocked
GateStatusRequired action
Run the Postgres gate before moving services away from the JSON prototype store.

Cutover approval should be based on restored backup counts, successful custom-login proof, seeded super-admin evidence, demo controls disabled, and a clean browser run. Keep clinic patient traffic blocked until Live Readiness is separately approved.

Support Control

Support access and audit proof desk

Open service-provider access only with owner approval, verify every support event in the audit trail, and route data-rights or retention work into human-reviewed workflows.

0 open requests
Support accessClosedactive
Audit events0clear
Support logs0clear
Data-rights logs0clear
Open requests0clear
Retention review0clear
Support access must be explicitly opened by owner/admin approval before investigation.
Support staff should inspect only the minimum records needed for the active issue.
Every open, close, settings, and data-rights action must remain visible in audit history.
Data-rights and retention work stays human-reviewed before export, correction, or deletion.
Support Sessions

Clinic support access

off

Support access should be enabled only when the clinic asks VoiceOps to investigate an issue. Every support change and data-rights action is audited.

ClinicNo clinic
DeploymentShared SaaS
Open data requests0
Retention candidates0
Last support eventNo support window yet
Last settings changeNot recorded
1. Owner approvalOpen access only after clinic approval.
2. Audited investigationVoiceOps support reviews only the needed records.
3. Close and reviewClose access, then review audit and data-rights impact.

Support access is closed. Open a timed window only when the clinic owner/admin approves service-provider help.

Audit trail

Recent clinic events

No clinic audit events yet.

Data Rights Command

Request lifecycle and retention desk

Track patient export, correction, deletion, and retention work with human completion, external-system boundaries, and auditable patient-data handling.

0 review items
Open0clear
Completed0clear
Exports0clear
Corrections0clear
Deletions0clear
Retention0clear
Export requests prepare a staff-reviewed package; they do not expose raw system internals directly.
Corrections require human completion before profile or consent values change.
Deletion redacts VoiceOps PII but external CRM/HIS/LIMS records still need manual review.
Retention candidates are review tasks only; the system does not auto-delete clinical data.
Compliance Ops

Data Rights

0 open
No patient selectedSelect a patient from Patient CRM first
ExportPrepare a staff-reviewed operational data package.
CorrectionApply profile changes only after human completion.
DeletionRedact PII while preserving operational audit references.
RequestPatientDueStatus
No data rights requests yet. Create export, correction, or deletion workflows for the selected patient.
Human Review

Request detail

No data rights request selected.

RetentionOps

Retention review

0 candidates

Retention review compares patient records with the clinic retention window. It flags candidates for staff review; it does not auto-delete medical or operational data.

No retention candidates loaded. Refresh data rights to run the review for the selected clinic.

Migration Mode

Migration Hub

not started
Step 1Preview legacy dataMap Excel/CRM rows and separate clean rows from duplicate review.
Step 2Import only clean rowsUncertain duplicates remain blocked until staff resolution.
Step 3Parallel run and cutoverOwner approves VoiceOps as source of truth only after checklist completion.

Production migrations start from an uploaded CSV or connected CRM export. Demo preview generation is disabled.

Total rows0
Clean rows0
Review rows0
Imported0
Legacy rowMapped patientStatus
No migration preview yet. Start with a mapped CSV preview before importing rows.
Duplicate Resolution

Staff review

0 duplicates

No migration row selected.

Cutover Checklist

Parallel to primary

0/0 done

Checklist appears after migration preview is created.

Data Export

Backup and audit

No export generated yet.

WhatsApp Command

Delivery evidence and recovery desk

Track queued messages, provider callback proof, dry-run evidence, consent-safe manual handoff, and failed-message recovery from one operating view.

0 recovery items
Queued0clear
Delivered0clear
Failed0clear
Follow-ups0clear
Callback proof0clear
Dry-runs0clear
Use manual WhatsApp only for approved service messages and consent-safe handoff.
Accept provider delivery only when sanitized callback proof is attached.
Failed or follow-up-required messages need staff review before retry.
Respect opt-out immediately for non-essential workflows.
WhatsApp Workflows

Message queue

0 queued
Selected appointmentNot selected
Selected patientNot selected
ConsentNo patient selected
Delivery modeWhatsApp Cloud/BSP
Manual handoffOpens WhatsApp onlyStaff can send approved text manually. This never proves provider delivery.
Local dry-runDisabled in productionNo paid API call and no patient message. Use for workflow QA.
WhatsApp Cloud/BSPRequires live callback proofNeeds sender setup, approved templates, webhook verification, and real message evidence.
WorkflowPatientScheduledStatusFollow-up
No WhatsApp workflow events yet. Book an appointment or queue the selected appointment workflow.
Provider Delivery

Delivery controls

No WhatsApp event selected.

Production delivery status comes from WhatsApp/provider webhooks. Demo delivery actions and manual status overrides are disabled.

Approved templates
Phase gate

Connect Mode foundation now shows connector status, source-of-truth controls, external mappings, and sync error review. Migration Mode is the next phase.