Psyter API - Enhanced Documentation¶

Version: 1.0
Last Updated: November 7, 2025
Technology: ASP.NET Web API 2 (.NET Framework 4.7.2)

Table of Contents¶

1. Overview
2. Prerequisites
3. Getting Started
4. Configuration
5. Database Setup
6. Running the Application
7. API Documentation
8. Authentication
9. Common Tasks
10. Troubleshooting
11. Deployment
12. Contributing

Overview¶

Psyter API is the core backend REST API for the Psyter mental health telemedicine platform. It provides comprehensive endpoints for user management, appointment booking, payment processing, messaging, prescriptions, and administrative functions.

Key Features¶

• 🔐 OAuth 2.0 Authentication - Secure token-based authentication
• 👥 User Management - Client and provider registration/profiles
• 📅 Appointment Booking - Scheduling and booking management
• 💳 Payment Processing - SmartRouting payment gateway integration
• 📱 Push Notifications - Firebase Cloud Messaging integration
• 💬 Real-time Messaging - Chat messaging between clients and providers
• 📄 Electronic Prescriptions - Digital prescription management with PDF generation
• 📊 Admin Dashboard - Provider approval and system analytics
• 📹 Video SDK Integration - Video call room management

Technology Stack¶

Prerequisites¶

Required Software¶

1. Visual Studio¶

• Version: Visual Studio 2017 or later (2022 recommended)
• Workload: ASP.NET and web development
• Individual Components:
• .NET Framework 4.7.2 SDK
• .NET Framework 4.7.2 targeting pack
• NuGet package manager

Download: https://visualstudio.microsoft.com/downloads/

2. .NET Framework¶

• .NET Framework 4.7.2 Runtime (if not included with Visual Studio)
• Download: https://dotnet.microsoft.com/download/dotnet-framework/net472

3. SQL Server¶

• Version: SQL Server 2016 or later (2019/2022 recommended)
• Edition: Developer Edition (free) or higher
• Tools: SQL Server Management Studio (SSMS)

Download SQL Server: https://www.microsoft.com/en-us/sql-server/sql-server-downloads
Download SSMS: https://aka.ms/ssmsfullsetup

4. IIS (Internet Information Services)¶

• Version: IIS 8.0 or later (included with Windows)
• Required Features:
• ASP.NET 4.7
• .NET Extensibility 4.7
• ISAPI Extensions
• ISAPI Filters
• WebSocket Protocol (optional, for future use)

Enable IIS on Windows:

# Run as Administrator
Enable-WindowsOptionalFeature -Online -FeatureName IIS-WebServerRole
Enable-WindowsOptionalFeature -Online -FeatureName IIS-ASPNET45
Enable-WindowsOptionalFeature -Online -FeatureName NetFx4Extended-ASPNET45

5. Git¶

• Version: Latest
• Download: https://git-scm.com/downloads

Optional Tools¶

• Postman - API testing (https://www.postman.com/)
• Azure Data Studio - Modern database management tool
• Visual Studio Code - Lightweight editor for configuration files
• LINQPad - For testing database queries

Getting Started¶

1. Clone the Repository¶

# Navigate to your projects directory
cd D:\Projects

# Clone the repository
git clone <repository-url> Psyter
cd Psyter\APIs

2. Restore NuGet Packages¶

Option A: Visual Studio
1. Open PsyterAPI.sln in Visual Studio
2. Right-click on Solution → Restore NuGet Packages
3. Wait for packages to download

Option B: Command Line

# Navigate to solution directory
cd D:\Projects\Psyter\APIs

# Restore packages
nuget restore PsyterAPI.sln

If nuget.exe is not in PATH:

# Download nuget.exe first
Invoke-WebRequest -Uri https://dist.nuget.org/win-x86-commandline/latest/nuget.exe -OutFile nuget.exe

# Then restore
.\nuget.exe restore PsyterAPI.sln

3. Configure Connection Strings¶

Important: Connection strings in Web.config are encrypted. You need to decrypt and update them.

Step 1: Locate Web.config

APIs\PsyterAPI\Web.config

Step 2: Update Connection Strings

The current format uses encrypted strings:

<add name="PsyterDatabase" 
     connectionString="Data Source=JbvRx05RJB6skIgFYZm1GpKjg2GdF%2FEJEGxZVRWzEfE%3D..." />

Replace with your actual connection strings:

<connectionStrings>
  <!-- Development Database -->
  <add name="PsyterDatabase" 
       connectionString="Data Source=localhost;Initial Catalog=Psyter_Dev;Integrated Security=True;" 
       providerName="System.Data.SqlClient"/>

  <!-- Scheduling Database -->
  <add name="SchedulingDatabase" 
       connectionString="Data Source=localhost;Initial Catalog=Scheduling_Dev;Integrated Security=True;" 
       providerName="System.Data.SqlClient"/>
</connectionStrings>

For SQL Authentication:

<add name="PsyterDatabase" 
     connectionString="Data Source=localhost;Initial Catalog=Psyter_Dev;User Id=sa;Password=YourPassword123;" 
     providerName="System.Data.SqlClient"/>

4. Configure Firebase¶

The API uses Firebase for push notifications.

Step 1: Obtain Firebase Service Account
1. Go to Firebase Console
2. Select your project (or create new)
3. Go to Project Settings → Service Accounts
4. Click Generate New Private Key
5. Download the JSON file

Step 2: Update Firebase Configuration

Replace the contents of these files:
- firebase-adminsdk.json (Development)
- firebase-adminsdk-live.json (Production)

⚠️ Security Warning: These files contain sensitive credentials. Do NOT commit them to source control.

Better Approach: Use environment variables or Azure Key Vault (see Security Best Practices)

5. Configure SMTP (Email)¶

Update Web.config with your SMTP settings:

<system.net>
  <mailSettings>
    <smtp from="noreply@psyter.com">
      <network host="smtp.gmail.com" 
               port="587" 
               userName="your-email@gmail.com" 
               password="your-app-password" 
               enableSsl="true" />
    </smtp>
  </mailSettings>
</system.net>

For Gmail:
1. Enable 2-factor authentication
2. Generate App Password: https://myaccount.google.com/apppasswords
3. Use the app password in configuration

6. Configure Logging¶

Update log file path in Web.config:

<appSettings>
  <add key="Log4NetConfigFile" value="C:\Logs\PsyterAPI\log4net.config"/>
</appSettings>

Create the log directory:

New-Item -ItemType Directory -Path "C:\Logs\PsyterAPI" -Force

Configuration¶

Application Settings¶

Edit Web.config → <appSettings> section:

<appSettings>
  <!-- Command timeout for SQL queries (seconds) -->
  <add key="commandTimeout" value="600"/>

  <!-- Scheduler API endpoint -->
  <add key="SchedulerApiUri" value="https://localhost:44300/authenticate"/>

  <!-- Maximum file upload size (bytes) - 100 MB -->
  <add key="MaxFileSize" value="104857600"/>

  <!-- CORS Configuration -->
  <add key="origins" value="http://localhost:4200,https://app.psyter.com"/>
  <add key="headers" value="*"/>
  <add key="methods" value="*"/>
  <add key="applyCORS" value="true"/>

  <!-- Log4Net configuration file path -->
  <add key="Log4NetConfigFile" value="C:\Logs\PsyterAPI\log4net.config"/>
</appSettings>

Security Settings¶

Custom Errors (Production)¶

Development:

<customErrors mode="Off"/>

Production:

<customErrors mode="On" defaultRedirect="~/Error">
  <error statusCode="404" redirect="~/Error/NotFound"/>
  <error statusCode="500" redirect="~/Error/ServerError"/>
</customErrors>

Security Headers¶

Add recommended security headers to Web.config:

<system.webServer>
  <httpProtocol>
    <customHeaders>
      <remove name="X-Powered-By"/>
      <add name="X-Frame-Options" value="DENY"/>
      <add name="X-Content-Type-Options" value="nosniff"/>
      <add name="X-XSS-Protection" value="1; mode=block"/>
      <add name="Referrer-Policy" value="no-referrer"/>
      <add name="Permissions-Policy" value="geolocation=(), microphone=(), camera=()"/>
    </customHeaders>
  </httpProtocol>
</system.webServer>

OAuth Configuration¶

Token settings are in App_Start\Startup.cs:

OAuthAuthorizationServerOptions OAuthServerOptions = new OAuthAuthorizationServerOptions()
{
    AllowInsecureHttp = true,  // Set to false in production
    TokenEndpointPath = new PathString("/token"),
    AccessTokenExpireTimeSpan = TimeSpan.FromDays(30),  // 30-day token expiration
    Provider = new MyAuthorizationServerProvider(),
    RefreshTokenProvider = new RefreshTokenProvider()
};

Production Settings:
- Set AllowInsecureHttp = false (HTTPS only)
- Consider shorter token expiration (e.g., 24 hours)
- Implement token refresh flow

Database Setup¶

1. Create Databases¶

Option A: Using SSMS

1. Open SQL Server Management Studio
2. Connect to your SQL Server instance
3. Right-click Databases → New Database
4. Create two databases:
   - Psyter_Dev
   - Scheduling_Dev

Option B: Using T-SQL

-- Create main database
CREATE DATABASE Psyter_Dev;
GO

-- Create scheduling database
CREATE DATABASE Scheduling_Dev;
GO

2. Run Database Scripts¶

⚠️ Note: Database schema scripts are not included in this repository. You need to:

1. Obtain schema scripts from DBA or senior developer
2. Run scripts in order:
   - 01_Tables.sql - Create tables
   - 02_StoredProcedures.sql - Create stored procedures
   - 03_Functions.sql - Create functions (if any)
   - 04_SeedData.sql - Insert master data

Example:

USE Psyter_Dev;
GO

-- Run table creation scripts
-- Run stored procedure scripts
-- Run seed data scripts

3. Verify Database Setup¶

-- Check tables
SELECT TABLE_NAME 
FROM INFORMATION_SCHEMA.TABLES 
WHERE TABLE_TYPE = 'BASE TABLE'
ORDER BY TABLE_NAME;

-- Check stored procedures
SELECT ROUTINE_NAME 
FROM INFORMATION_SCHEMA.ROUTINES 
WHERE ROUTINE_TYPE = 'PROCEDURE'
ORDER BY ROUTINE_NAME;

-- Verify seed data
SELECT COUNT(*) AS CountryCount FROM Countries;
SELECT COUNT(*) AS SpecialtyCount FROM Specializations;

4. Database Permissions¶

For Windows Authentication:

USE Psyter_Dev;
GO

-- Grant permissions to your Windows account
CREATE USER [DOMAIN\YourUsername] FOR LOGIN [DOMAIN\YourUsername];
ALTER ROLE db_owner ADD MEMBER [DOMAIN\YourUsername];

For SQL Authentication:

-- Create login
CREATE LOGIN psyter_api WITH PASSWORD = 'StrongPassword123!';

-- Create user and grant permissions
USE Psyter_Dev;
CREATE USER psyter_api FOR LOGIN psyter_api;
ALTER ROLE db_owner ADD MEMBER psyter_api;

-- Repeat for Scheduling database
USE Scheduling_Dev;
CREATE USER psyter_api FOR LOGIN psyter_api;
ALTER ROLE db_owner ADD MEMBER psyter_api;

Running the Application¶

Option 1: Visual Studio (Recommended for Development)¶

1. Open Solution
   - Double-click PsyterAPI.sln or open in Visual Studio

2. Set Startup Project
   - Right-click PsyterAPI project → Set as StartUp Project

3. Select Build Configuration
   - Toolbar → Select Debug (for development)

4. Run Application
   - Press F5 (with debugging) or Ctrl+F5 (without debugging)
   - Browser will open automatically to http://localhost:<port>/

5. Verify API is Running
   - Navigate to http://localhost:<port>/api/test (if available)
   - Or use Postman to test endpoints

Option 2: IIS Express (Visual Studio)¶

1. Configure IIS Express
   - Project properties → Web tab
   - Select IIS Express
   - Note the Project URL (e.g., http://localhost:12345/)

2. Run
   - Press F5
   - Application runs in IIS Express

Option 3: Local IIS¶

1. Build the Project
   

   # Navigate to project directory
   cd D:\Projects\Psyter\APIs
   
   # Build using MSBuild
   "C:\Program Files\Microsoft Visual Studio\2022\Community\MSBuild\Current\Bin\MSBuild.exe" PsyterAPI.sln /p:Configuration=Release
   

2. Publish to Folder
   - Right-click PsyterAPI project → Publish
   - Choose Folder → Select destination (e.g., C:\inetpub\wwwroot\PsyterAPI)
   - Click Publish

3. Create IIS Application
   - Open IIS Manager (inetmgr)
   - Expand Sites → Default Web Site
   - Right-click → Add Application
   - Alias: PsyterAPI
   - Physical path: C:\inetpub\wwwroot\PsyterAPI
   - Application pool: Select .NET v4.5 pool
   - Click OK

4. Configure Application Pool
   - Click Application Pools
   - Select the pool used by PsyterAPI
   - Advanced Settings:

   • .NET CLR Version: v4.0
   • Managed Pipeline Mode: Integrated
   • Identity: ApplicationPoolIdentity (or custom account with DB access)

5. Set Permissions
   

   # Grant IIS user permissions to application folder
   icacls "C:\inetpub\wwwroot\PsyterAPI" /grant "IIS APPPOOL\DefaultAppPool:(OI)(CI)F" /T
   
   # Grant permissions to log directory
   icacls "C:\Logs\PsyterAPI" /grant "IIS APPPOOL\DefaultAppPool:(OI)(CI)F" /T
   

6. Test Application
   - Browse to http://localhost/PsyterAPI/

API Documentation¶

Base URL¶

Development: http://localhost:<port>/
Production: https://api.psyter.com/

Response Format¶

All API responses follow this structure:

{
    "Status": 1,
    "Message": "Success",
    "Reason": "Success",
    "Data": { ... }
}

Status Codes:
- 1 = Success
- 0 = Failure

Reason Codes:
- Success = Operation successful
- Error = General error
- InvalidCredentials = Authentication failed
- UserNotFound = User does not exist
- NotAllowed = Authorization failed
- EmptyParameter = Missing required parameter

Endpoint Categories¶

Key Endpoints¶

Authentication¶

Login

POST /User/UserLogin
Content-Type: application/json

{
    "UserName": "user@example.com",
    "Password": "password123",
    "UserType": 1,
    "LastLoginFromOS": "Android"
}

Response:

{
    "Status": 1,
    "Message": "Login successful",
    "Reason": "Success",
    "Data": {
        "UserLoginInfo": {
            "UserLoginInfoId": 123,
            "Email": "user@example.com",
            "FirstName": "John",
            "LastName": "Doe",
            ...
        },
        "AccessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
    }
}

Register

POST /User/RegisterUser
Content-Type: application/json

{
    "UserType": 1,
    "FirstName": "John",
    "LastName": "Doe",
    "Email": "john.doe@example.com",
    "PhoneNumber": "+1234567890",
    "Password": "SecurePassword123!",
    "ConfirmPassword": "SecurePassword123!",
    "AgreeToTerms": true
}

Get User Profile¶

GET /User/GetUserProfile/123
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...

Search Providers¶

POST /ServiceProvider/SearchProviders
Authorization: Bearer <token>
Content-Type: application/json

{
    "Specialty": "Psychiatrist",
    "Language": "English",
    "MinPrice": 50,
    "MaxPrice": 200,
    "PageNumber": 1,
    "PageSize": 20
}

Create Booking¶

POST /BookingPayment/InsertBookingOrder
Authorization: Bearer <token>
Content-Type: application/json

{
    "UserLoginInfoProvider": 456,
    "SlotIds": [789],
    "ServiceId": 12,
    "TotalAmount": 100.00,
    "Currency": "USD",
    "PaymentMethod": 1
}

Swagger/OpenAPI (Recommended)¶

Install Swashbuckle:

Install-Package Swashbuckle -Version 5.6.0

Access Swagger UI:

http://localhost:<port>/swagger

Authentication¶

OAuth 2.0 Token Endpoint¶

Endpoint: POST /token

Request:

POST /token HTTP/1.1
Content-Type: application/x-www-form-urlencoded

grant_type=password&username=user@example.com&password=password123

Response:

{
    "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
    "token_type": "bearer",
    "expires_in": 2592000,
    "refresh_token": "def50200..."
}

Using Bearer Token¶

Include the access token in the Authorization header:

GET /User/GetUserProfile/123 HTTP/1.1
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...

Token Refresh¶

Endpoint: POST /token

Request:

POST /token HTTP/1.1
Content-Type: application/x-www-form-urlencoded

grant_type=refresh_token&refresh_token=def50200...

Response: New access token and refresh token

Token Expiration¶

• Access Token: 30 days (configurable)
• Refresh Token: Does not expire (stored in database)

Common Tasks¶

Adding a New Controller¶

1. Create Controller Class
   

   // Controllers/MyNewController.cs
   using System.Web.Http;
   using PsyterAPI.Common;
   
   namespace PsyterAPI.Controllers
   {
       [RoutePrefix("MyNew")]
       public class MyNewController : BaseController
       {
           [Route("GetData")]
           [HttpGet]
           [Common.Authorize]
           public IHttpActionResult GetData()
           {
               // Your logic here
               return Ok(new { message = "Hello World" });
           }
       }
   }
   

2. Create Repository (if needed)
   

   // Repositories/MyNewRepository.cs
   namespace PsyterAPI.Repositories
   {
       public class MyNewRepository
       {
           // Data access methods
       }
   }
   

3. Test Endpoint
   

   GET /MyNew/GetData
   Authorization: Bearer <token>
   

Adding a Stored Procedure Constant¶

1. Open Repositories/DBConstant.cs

2. Add constant:
   

   public const string MY_NEW_PROCEDURE = "MyNewProcedure";
   

3. Use in repository:
   

   command.CommandText = DbConstant.MY_NEW_PROCEDURE;
   

Logging an Error¶

using PsyterAPI.Common;

try
{
    // Your code
}
catch (Exception ex)
{
    ExceptionManager.LogException(ex, "MethodName", userId);
    throw;
}

Sending an Email¶

using PsyterAPI.Common;

EmailManager.SendEmail(
    to: "user@example.com",
    subject: "Welcome to Psyter",
    body: "Your account has been created successfully."
);

Sending Push Notification¶

using PsyterAPI.Common;

FCMNotification.SendNotification(
    userLoginInfoId: 123,
    title: "New Message",
    body: "You have a new message from Dr. Smith",
    data: new Dictionary<string, string> 
    {
        { "type", "message" },
        { "messageId", "456" }
    }
);

Troubleshooting¶

Common Issues¶

1. “Could not load file or assembly” Error¶

Cause: Missing or mismatched NuGet package versions

Solution:

# Clean solution
dotnet clean

# Delete bin and obj folders
Remove-Item -Recurse -Force .\bin, .\obj

# Restore packages
nuget restore PsyterAPI.sln

# Rebuild
dotnet build

2. “Cannot open database” Error¶

Cause: SQL Server not running or wrong connection string

Solution:
1. Verify SQL Server is running:

Get-Service -Name MSSQLSERVER

2. Check connection string in Web.config
3. Test connection with SSMS

3. “401 Unauthorized” on API Calls¶

Cause: Missing or invalid bearer token

Solution:
1. Obtain valid token from /token endpoint
2. Include in Authorization header: Bearer <token>
3. Check token expiration

4. “500 Internal Server Error”¶

Cause: Various reasons (exception in code, database issue, etc.)

Solution:
1. Check log files in C:\Logs\PsyterAPI\
2. Enable detailed errors in Web.config:

<customErrors mode="Off"/>

5. Firebase Notification Not Sending¶

Cause: Invalid Firebase credentials or incorrect token

Solution:
1. Verify firebase-adminsdk.json is valid
2. Check device FCM token is registered
3. Review Firebase console logs

6. Payment Processing Fails¶

Cause: Invalid merchant certificate or gateway configuration

Solution:
1. Verify MerchantCertificates.p12 exists and is valid
2. Check payment gateway credentials
3. Review payment gateway logs

Debugging Tips¶

Enable Detailed Logging:

Edit log4net.config:

<root>
  <level value="ALL" />
  <appender-ref ref="RollingFileAppender" />
</root>

View Live Logs:

Get-Content -Path "C:\Logs\PsyterAPI\PsyterAPILogger.log" -Wait -Tail 50

Test Database Connection:

using (var conn = new SqlConnection(connectionString))
{
    conn.Open();
    Console.WriteLine("Connection successful!");
}

Clear NuGet Cache:

nuget locals all -clear

Deployment¶

Preparing for Production¶

1. Update Web.config
   - Enable custom errors: <customErrors mode="On" />
   - Update connection strings to production servers
   - Set AllowInsecureHttp = false in Startup.cs
   - Remove hardcoded credentials

2. Build Release Configuration
   

   MSBuild.exe PsyterAPI.sln /p:Configuration=Release /p:DeployOnBuild=true
   

3. Update Security Settings
   - Generate new machine keys for production
   - Use Azure Key Vault for secrets
   - Enable HTTPS only

4. Performance Optimizations
   - Enable response compression
   - Configure output caching
   - Optimize database connection pooling

Azure App Service Deployment¶

Using Visual Studio:

1. Right-click project → Publish
2. Choose Azure → Azure App Service
3. Select subscription and app service
4. Configure settings
5. Click Publish

Using Azure DevOps Pipeline:

See azure-pipelines.yml in repository root.

IIS Deployment¶

1. Create IIS Site
   

   Import-Module WebAdministration
   
   New-WebAppPool -Name "PsyterAPI"
   Set-ItemProperty IIS:\AppPools\PsyterAPI -Name managedRuntimeVersion -Value "v4.0"
   
   New-Website -Name "PsyterAPI" `
               -PhysicalPath "C:\inetpub\wwwroot\PsyterAPI" `
               -ApplicationPool "PsyterAPI" `
               -Port 80
   

2. Configure SSL Certificate
   - Obtain SSL certificate
   - Bind to IIS site
   - Enforce HTTPS

3. Set Permissions
   

   icacls "C:\inetpub\wwwroot\PsyterAPI" /grant "IIS APPPOOL\PsyterAPI:(OI)(CI)F" /T
   

Contributing¶

Code Style¶

• Follow C# naming conventions
• Use meaningful variable names
• Add XML comments to public methods
• Keep methods under 100 lines
• One class per file

Pull Request Process¶

1. Create feature branch: git checkout -b feature/my-feature
2. Make changes and commit: git commit -am "Add new feature"
3. Push to branch: git push origin feature/my-feature
4. Create Pull Request
5. Wait for code review
6. Address feedback
7. Merge when approved

Testing¶

Before submitting PR:
- Test all endpoints with Postman
- Verify database changes
- Check for breaking changes
- Update documentation

Security Best Practices¶

1. Secrets Management¶

Don’t:
- ❌ Commit firebase-adminsdk.json to Git
- ❌ Store passwords in Web.config
- ❌ Hardcode API keys in code

Do:
- ✅ Use Azure Key Vault for secrets
- ✅ Use environment variables
- ✅ Use Azure App Configuration

Example with Environment Variables:

string firebaseCredentials = Environment.GetEnvironmentVariable("FIREBASE_CREDENTIALS");

2. Connection String Encryption¶

Encrypt connection strings:

# Encrypt connectionStrings section
aspnet_regiis -pef "connectionStrings" "C:\inetpub\wwwroot\PsyterAPI"

# Decrypt (if needed)
aspnet_regiis -pdf "connectionStrings" "C:\inetpub\wwwroot\PsyterAPI"

3. Secure Password Storage¶

Current Implementation Issues:
- ⚠️ Uses MD5 hashing (deprecated)

Recommended:
- Use PBKDF2, bcrypt, or Argon2
- Implement password strength requirements
- Add rate limiting on login attempts

Performance Tips¶

1. Enable Response Compression¶

Web.config:

<system.webServer>
  <urlCompression doStaticCompression="true" doDynamicCompression="true" />
</system.webServer>

2. Implement Caching¶

Add caching attribute to controllers:

[CacheFilter(Duration = 3600)] // Cache for 1 hour
[Route("GetCountries")]
public IHttpActionResult GetCountries()
{
    // Returns list of countries
}

3. Database Connection Pooling¶

Connection String:

connectionString="...;Min Pool Size=5;Max Pool Size=100;Pooling=true;"

4. Use Async/Await¶

public async Task<IHttpActionResult> GetUserProfile(int id)
{
    var user = await repository.GetUserAsync(id);
    return Ok(user);
}

Support & Resources¶

Documentation¶

• API Structure Analysis: Audit/APIs/STRUCTURE_ANALYSIS.md
• Feature Inventory: Audit/APIs/FEATURE_INVENTORY.md
• Security Audit: Audit/APIs/SECURITY_AUDIT.md

External Resources¶

• ASP.NET Web API Docs: https://docs.microsoft.com/en-us/aspnet/web-api/
• OAuth 2.0 Spec: https://oauth.net/2/
• Firebase Admin SDK: https://firebase.google.com/docs/admin/setup
• iTextSharp Documentation: https://github.com/itext/itextsharp

Getting Help¶

For development questions:
- Check existing documentation
- Review code comments
- Consult with senior developers

For production issues:
- Check application logs
- Review Azure Application Insights (if configured)
- Contact DevOps team

License¶

[Specify your license here]

Changelog¶

Version 1.0.0 (Current)¶

• Initial API implementation
• OAuth 2.0 authentication
• Core features: Users, Providers, Booking, Payments
• Firebase integration
• Payment gateway integration

Last Updated: November 7, 2025
Maintained By: Development Team