Admin Portal
Internal operations dashboard for prescription management, patient service, and system monitoring.
Overview
The Admin Portal is a React single-page application hosted on CloudFront at
admin.yourera.com. It serves as the primary internal operations tool for
the YourEra clinical team, providing a unified interface for prescription management,
patient service, and system monitoring.
All data is fetched from the Integration Service API. The portal is built with
React 19, Vite 7, and Tailwind 4, deployed to S3 with CloudFront distribution
E377C28XG5JL8L.
Pages
| Page | Path | Description |
|---|---|---|
| Dashboard | / |
Revenue metrics, Rx review count, shipment pipeline, pharmacy routing split |
| RxQueue | /rx-queue |
Prescription approval queue with H&P form and dosage selector |
| Orders | /orders |
Paginated order table with payment and shipment joined view |
| Customer Service | /customers |
Patient search, detail view with tabs for intake, payments, Rx, shipments, refills |
| Appointments | /appointments |
Telehealth appointment list with Zoom links and status filter |
| Messenger | /messenger |
HubSpot conversation inbox with thread management and reply |
| Sync Logs | /sync-logs |
Canvas-to-PioneerRx integration audit trail |
Architecture
┌─────────────────────────────────────────┐
│ admin.yourera.com (CloudFront + S3) │
│ React 19 + Vite 7 + Tailwind 4 │
└──────────────────┬──────────────────────┘
│ HTTPS (JWT auth)
┌──────────────────▼──────────────────────┐
│ Integration Service (ECS) │
│ /api/admin/* /api/tasks /api/rx-queue│
└──────────────────┬──────────────────────┘
┌────────┼────────┐
Canvas Stripe PioneerRxAuthentication
The Admin Portal supports three authentication methods, each issuing a JWT with 24-hour expiry
that is included as a Bearer token in all subsequent API requests.
1. OTP Email
Available to any @yourera.com email address. The integration service sends
a one-time passcode via AWS SES from noreply@yourera.com. The OTP is stored
in memory on the server with a 5-minute TTL.
Sends an OTP to the provided @yourera.com email address.
Validates the OTP and returns a signed JWT.
2. Canvas HMAC
Used by the Canvas prescription_queue plugin. The plugin generates an HMAC-signed URL containing a timestamp and signature, which the integration service validates before issuing a JWT. This provides seamless SSO from Canvas into the RxQueue page.
Validates the HMAC signature and timestamp, returns a JWT, and redirects to /rx-queue.
3. Magic Link
Sends a one-click login link to the admin's email. The link contains a signed token that is validated on click to issue a session JWT.
requireAdmin() middleware
also accepts an ADMIN_SECRET header for server-to-server calls (e.g., from
the Canvas plugin or cron jobs).
Dashboard
The dashboard provides a real-time operational snapshot of the YourEra platform, with metrics that auto-refresh every 60 seconds.
Metrics Cards
- Revenue — Total revenue for the current period from Stripe payment intents
- Rx Review Count — Number of pending prescriptions awaiting practitioner review
- Shipment Pipeline — Breakdown of shipments by status (label_created, packed, shipped, delivered)
- Pharmacy Routing Split — Percentage of orders routed to GMP vs Boothwyn/Strive
Data Source
Returns aggregated dashboard statistics including revenue, pending Rx count, shipment statuses, and routing distribution.
RxQueue
The RxQueue is the primary clinical workflow interface. Practitioners review incoming prescriptions, complete History & Physical (H&P) documentation, select dosage options, and approve or deny prescriptions.
Workflow
- Tasks are loaded from Canvas FHIR as "Rx Review" tasks, enriched with patient data
- Practitioner selects a task to view full patient details and intake data
- H&P form is completed inline (no popup modal)
- Dosage is selected from available options for the medication
- Practitioner approves or denies the prescription
- On approval, the orchestrator pipeline is triggered (pharmacy routing, payment, shipping, notifications)
H&P Data
The /api/rx-queue/hp-data/:taskId endpoint returns a comprehensive data package
for the practitioner review:
- Patient demographics (name, DOB, sex, address)
- Intake questionnaire responses
- Medical conditions and observations
- Assigned practitioners
- Available dosage options for the medication
Task Actions
Approve or deny a prescription task. On approval, triggers the 7-step orchestrator pipeline and creates an H&P note in Canvas.
AutoPrescribeOnApproval plugin does NOT fire on FHIR API task updates
(only Canvas UI). The RxQueue approve action calls the orchestrator directly, which is the
sole production path for prescription fulfillment.
Orders
The Orders page presents a paginated table of all patient orders with joined payment and shipment data. Orders can be filtered by status, date range, medication type, and pharmacy.
Features
- Pagination — Server-side pagination with configurable page size
- Joined View — Each order row shows Stripe payment status alongside shipment tracking status
- Filters — Filter by order status, date range, medication, and routed pharmacy
- Detail Drawer — Click a row to see full order details including payment history and tracking events
Returns paginated orders with payment and shipment data joined.
Customer Service
The Customer Service page provides a comprehensive patient lookup and management interface. Staff can search patients and view a full detail view with tabbed sections.
Patient Search
Search by name, email, phone, or Canvas patient ID. Results are returned from the integration service which queries both Canvas FHIR and the local database.
Searches patients across Canvas and the integration service database.
Patient Detail Tabs
| Tab | Data Source | Description |
|---|---|---|
| Intake | Integration DB | Original intake questionnaire responses and submitted data |
| Payments | Stripe | Payment history, charges, refunds, and saved payment methods |
| Prescriptions | Canvas FHIR | Active and historical prescriptions from Canvas MedicationRequest |
| Shipments | Integration DB | All shipments with tracking status and FedEx/Boothwyn details |
| Refills | Integration DB | Refill schedule, upcoming refills, and refill history |
Actions
- Refund — Issue a full or partial refund via Stripe
- Charge — Charge a saved payment method (e.g., for missed payment)
- Cancel Subscription — Cancel the patient's recurring subscription
- Void Shipment — Void a FedEx shipping label before it ships
Appointments
The Appointments page displays all scheduled telehealth appointments with Zoom meeting links. The list auto-refreshes every 30 seconds to keep the view current.
Features
- Status Filter — Filter by upcoming, in-progress, completed, or cancelled
- Zoom Links — Direct links to join each telehealth meeting
- Auto-Refresh — Polling every 30 seconds for real-time status updates
- Patient Context — Quick-view of patient name, medication, and appointment reason
Returns telehealth appointments with Zoom meeting details and patient context.
Messenger
The Messenger page integrates with HubSpot's Conversations API to provide an in-app messaging interface. Staff can view conversation threads, send replies, and manage patient communications without leaving the admin portal.
HubSpot Integration
- Inbox — Connected to HubSpot inbox
1541952535(default inbox) - Email Channel — Messages sent via
hello-444@youreramanagementllc(channel ID2146856356) - Thread Management — View, reply, and close conversation threads
- Actor — Replies are attributed to the authenticated admin user
Returns HubSpot conversation threads with messages, filtered by status.
Sends a reply to an existing HubSpot conversation thread.
Sync Logs
The Sync Logs page provides an audit trail for all Canvas-to-PioneerRx integration events. Every prescription sync, patient creation, and pharmacy submission is logged with request/response payloads for debugging and compliance.
Log Entry Fields
- Timestamp — When the sync event occurred
- Event Type — Patient sync, prescription submit, status update, webhook received
- Source — Canvas, PioneerRx, Boothwyn, or internal
- Status — Success, failure, or retry
- Payload — Expandable request/response JSON for debugging
Returns paginated sync log entries with optional filtering by event type and status.
API Endpoints
All endpoints require admin authentication via JWT Bearer token or ADMIN_SECRET header.
The base URL is the Integration Service: https://api.yourera.com.
Authentication
| Method | Endpoint | Description |
|---|---|---|
| POST | /api/admin/auth/send-code |
Send OTP to @yourera.com email |
| POST | /api/admin/auth/verify |
Verify OTP and return JWT |
| GET | /api/admin/auth/validate-canvas |
Validate Canvas HMAC and return JWT |
Dashboard & Operations
| Method | Endpoint | Description |
|---|---|---|
| GET | /api/admin/stats |
Dashboard aggregated statistics |
| GET | /api/admin/patients |
Patient search |
| GET | /api/admin/patients/:id |
Patient detail with all tabs |
| GET | /api/admin/orders |
Paginated orders with filters |
| GET | /api/admin/appointments |
Telehealth appointment list |
| GET | /api/admin/conversations |
HubSpot conversation threads |
| POST | /api/admin/conversations/:id/reply |
Reply to conversation thread |
| GET | /api/admin/sync-logs |
Integration audit trail |
Patient Management Actions
| Method | Endpoint | Description |
|---|---|---|
| POST | /api/admin/refund |
Issue full or partial Stripe refund |
| POST | /api/admin/charge-hold |
Charge a saved payment method |
| GET | /api/admin/prescriptions/:patientId |
Patient prescriptions from Canvas |
| GET | /api/admin/shipments/:patientId |
Patient shipment history |
| GET | /api/admin/refills/:patientId |
Patient refill schedule and history |
RxQueue
| Method | Endpoint | Description |
|---|---|---|
| GET | /api/tasks |
List Rx Review tasks with patient enrichment |
| GET | /api/rx-queue/hp-data/:taskId |
H&P data package for practitioner review |
| POST | /api/task-action |
Approve or deny prescription (triggers orchestrator) |
| GET | /api/practitioners |
Canvas practitioner list |