API specification

This is the specification of the "uLekare Public API".

Partner have to implement mandatory "uLekare Public API".

Partner is advised to implement an optional "uLekare Public Partner API" specified in another document to be able to receive selected notifications.

Rate limit

To guarantee the API stability and in order to provide quality service on uLékař API limit number of requests per hour to 5000 requests.

The returned HTTP headers of any API request show your current rate limit status:

curl -i
HTTP/1.1 200 OK
Date: Mon, 01 Jul 2019 17:27:06 GMT
Status: 200 OK
X-RateLimit-Limit: 60
X-RateLimit-Remaining: 56

If you exceed the rate limit, an error response returns:

HTTP/1.1 429 Too Many Requests
Date: Tue, 20 Aug 2019 14:50:41 GMT
Status: 429 Forbidden
X-RateLimit-Limit: 60
X-RateLimit-Remaining: 0
   "status": 429
   "code"": 123
   "message": "API rate limit exceeded for",

JSON minification

Responses return all JSON minified in the form {"orderId":1,"orderValue":99.90,"productId":1,"quantity":1} instead of:


API security

Partner has to share a list of IPs, per environment, from which API uLékaře will be called. Due to a security reasons API u Lékaře respond only to requests from allowed IPs having an API key - X-Api-Key and X-Api-Token.

X-Api-Token has to be passed as a header parameter in all requests and is valid for 30 minutes. When the X-Api-Token expires the current request returns HTTP status code 401.

At any point partner can get a new X-Api-Token using the method: /token. Example of the request body:

  "partnerId": 57,
  "partnerHash": "9207sdwd89302ojfk8843072mjxaly233",
  "partnerClientId": "123e4567-e89b-12d3-a456-426655440000"

where partnerId is issued by uLékaře, partnerClientId is issued by partner unique for each client. PartnerHash is generated on the partner side using private api key (issued by uLekare) and partnerClientId.

Example on how-to generate a partnerHash in PHP

// Unique private api key, issued by uLekare
$privateKey = '83927sdwd89302ojfk88390272mcswky839';

// Unique partner client id, issued by uLekare
$partnerClientId = "123e4567-e89b-12d3-a456-426655440000";

// Rounding the date to the nearest half hour
$date = new DateTime('now');
$timestamp = floor($date->getTimestamp() / 60 / 30);

// Creating a unique partnerHash using md5 encoding
$partnerHash = hash('md5', sprintf('%s%d%s', $privateKey, $partnerClientId, $timestamp));

Date, date-time or duration parameters

Date, date-time or duration parameters are formatted using ISO-8601. API excepts any timezone and returns UTC time-zone always. For example, entered date time 2019-11-29T09:49:56+01:00 in CET time-zone will be returned as 2019-11-29T08:49:50+00:00 in UTC time-zone Date and time expressed according to ISO 8601 | Description | Format| Example values | |-|-|-| | Complete date | YYYY-MM-DD | 2019-11-29 | | Complete date plus hours and minutes in UTC | YYYY-MM-DDThh:mmTZD | 2019-11-29T06:16:19+00:00 or
2019-11-29T06:16:19Z or
20191129T061619Z | | Complete date plus hours and minutes in CET | YYYY-MM-DDThh:mmTZD | 2019-11-29T06:17:19+01:00 or
2019-11-29T06:17:19+01:00 or
20191129T061719+01:00 | where:
YYYY = four-digit year
MM = two-digit month (01=January, etc.)
DD = two-digit day of month (01 through 31)
hh = two digits of hour (00 through 23) (am/pm NOT allowed)
mm = two digits of minute (00 through 59)
ss = two digits of second (00 through 59)
s = one or more digits representing a decimal fraction of a second
TZD = time zone designator (Z or +hh:mm or -hh:mm)

Contact Support: Name: uLékař Integration Email:

The largest online medical clinic for the Czech Republic and Slovakia.