2.5 KiB
name, description, metadata
| name | description | metadata | ||
|---|---|---|---|---|
| reference_alis_medtelligent | ALIS (Medtelligent assisted-living EHR) API + staff-import facts for Cascades Tucson — auth quirk, read-only staff, web-UI import path. Use the `alis` skill. |
|
ALIS = Medtelligent's assisted-living EHR (Cascades of Tucson client). All API traffic
goes to the shared host api.alisonline.com (the tenant URL cascadestucson.alisonline.com
is just the login subdomain), scoped by the user's company + a communityId. Cascades =
communityId 622 (the only community this credential sees). Use the alis skill — don't
hand-roll the API.
Auth (verified live 2026-06-29): POST /user/tokens with {username, password} → JWT
(accessToken ~1h) + refreshToken; send Authorization: Bearer <accessToken>. The
username MUST be tenant-qualified: howard.enos@cascadestucson works; bare howard.enos
returns HTTP 400. Login creds in vault: clients/cascades-tucson/alis-api-howard-user
(Howard's password was exposed in chat 2026-06-29 — flagged to rotate). Other ALIS vault
entries: alis-api-microsoft-basic (BasicAuth used by Microsoft), alis-sso-app-registration.
Global API security is OR(Bearer|BasicAuth|VendorKey) — a user JWT alone authorizes reads.
Staff are READ-ONLY via the API — only GET endpoints exist (/v1/integration/staff?communityId=622
etc.); no create/update/delete. To create/change staff (and their logins) you upload a
13-column .xls in the ALIS web UI: Staff → Import. That import sets Login Enabled + Password,
so it's also how staff logins are provisioned. The alis skill builds that workbook from a
CSV/JSON and infers each new hire's Security Roles from how existing staff of the same Job Role
are set up (job-role → security-role map learned from live data; 23 real security roles, Job
Role is free text). The API does allow writes for residents/prospects/billing (not staff).
Import format (confirmed from a real ALIS export, ALIS_Staff_Update_Import.xls): two layouts.
CREATE (new staff) has a Password column + NO ALIS ID — rows without an ALIS ID are created.
UPDATE (existing staff) leads with ALIS ID (the staffId, the match key) + no Password. So
present-ALIS-ID = update, absent = create. Dates are MM/DD/YYYY. Security Roles are
comma-separated multi-values; the alis skill infers the full typical combo per job role from
current staff. Still test ONE row first before a bulk run.
Related: reference_resource_map, feedback-vault-every-credential.