Going to Production

A checklist for launching your PearMedica integration. Use this guide to ensure your deployment is secure, reliable, and clinically safe before going live.

API Keys & Security

Switch from sk_test_ to sk_live_ keys

Store API keys in environment variables — never in source code

Use separate API keys for staging and production

Enable key rotation schedule (quarterly recommended)

Restrict API calls to server-side only — never expose keys in client-side code

Error Handling

Implement retry logic with exponential backoff for 429/500/503 errors

Add circuit breaker pattern (stop calling after 5 consecutive failures)

Build a fallback UI for when the API is unavailable

Log all API errors with request context for debugging

Handle QUOTA_EXCEEDED (403) gracefully — show upgrade prompt

Monitoring & Observability

Poll GET /v1/health every 30 seconds to monitor API availability

Track assessment latency (p50, p95, p99) in your monitoring stack

Set up alerts for error rate spikes (>1% of requests failing)

Monitor rate limit headers (X-RateLimit-Remaining) and alert at 80% utilisation

Review GET /v1/usage regularly to track quota consumption

Clinical Safety

Display the medical disclaimer on every assessment shown to patients

Handle "emergency" triage responses with immediate escalation to human staff

Never present AI assessments as definitive diagnoses

Log all emergency-level assessments for clinical audit

Test red flag scenarios (chest pain + shortness of breath) to verify emergency detection

Switching from Test to Live

Verify in Sandbox

Ensure all integration tests pass using your sk_test_ key. Verify all edge cases: empty evidence, emergency patterns, rate limit handling.

Generate Production Key

Go to Dashboard → API Keys → Create New Key → Select "Production". Save the key securely — it is shown only once.

Update Environment Variables

Set PEARMEDICA_API_KEY=sk_live_your_key in your production environment. Never commit this to version control.

Deploy & Monitor

Deploy your application. Monitor the first 100 assessments for error rates, latency, and triage distribution. Check the Dashboard for real-time usage.

NDPA 2023 Compliance Note

If your application processes real patient data in Nigeria, ensure your setup complies with the Nigeria Data Protection Act 2023. PearMedica's MVP uses synthetic data on Supabase. Post-funding, production data will be migrated to Nigerian-hosted infrastructure. Contact us for guidance on compliance requirements.

Related Resources

Error Handling — retry strategies and graceful degradation Authentication — API key format and rate limits

Loading documentation…

Integration Patterns Knowledge Base