Platform capability Β· operational API Β· OpenAPI & MCP tooling

Laboratory API & MCP Integrations

Connect Flask Track to internal applications, laboratory automation, reporting pipelines, AI agents, robotics, and external business systems.

Programmatically manage biological records, create operational work, inspect schedules, complete protocol steps, retrieve execution data, and run reporting workflows through organization-scoped interfaces.

Bring Flask Track into the rest of your infrastructure

Laboratory operations rarely exist in a single application. Flask Track provides structured programmatic access so approved systems can exchange operational data without bypassing organization boundaries, authorization rules, validation, or audit attribution.

πŸ”Œ
System Integrations Connect internal applications, LIMS and ERP systems, laboratory interfaces, inventory services, and external operational tools.
βš™οΈ
Operational Automation Create records, retrieve execution context, inspect schedules, complete supported steps, and coordinate repeatable laboratory processes programmatically.
πŸ“Š
Reporting Pipelines Discover available reports, connect analytical consumers, and incorporate Flask Track data into dashboards, scheduled exports, and downstream reporting workflows.
πŸ€–
Agents & MCP Clients Give approved AI clients a structured tool surface for retrieving context and performing permitted Flask Track operations through governed machine identities.

Manage operational biology programmatically

The API exposes structured laboratory records and execution context, allowing external systems to participate in daily operations instead of functioning only as passive data exports.

🧬
Catalog & Reference Records Retrieve species, ingredients, tools, plasmids, protocols, workflows, and other structured reference data required by connected systems.
🧫
Samples & Batches Create operational records, retrieve sample or batch details, resolve identifiers, and connect external systems to active laboratory work.
πŸ“…
Schedules & Execution Context Inspect generated batch and sample schedules so dashboards, alerts, automation services, and operators can act on the same execution plan.
βœ…
Step Completion & Actions Complete supported protocol steps and submit operational actions from approved systems while retaining timestamps, actor attribution, and validation.
🧾
Events & Execution History Retrieve recorded sample events, execution metadata, timestamps, notes, and linked operational entities for synchronization and analysis.
πŸ‘₯
Organization Users Retrieve active organization users when connected tools need to resolve ownership, responsibility, assignments, or human attribution.

OpenAPI-based integration

Flask Track publishes an interactive OpenAPI interface describing available routes, request bodies, authentication requirements, parameters, and response structures.

πŸ“–
Interactive API Documentation Inspect the currently available operations and schemas directly through the live API documentation.
🧩
Typed Request & Response Schemas Use documented JSON structures to generate clients, validate payloads, and reduce ambiguity between connected applications.
πŸ› οΈ
Client Generation Use the OpenAPI specification with compatible code generators, testing tools, API clients, and integration development workflows.
πŸ“ˆ
Continuously Expanding Surface The Flask Track API evolves alongside the platform. The live OpenAPI documentation remains the authoritative reference for currently available operations.

MCP tooling for governed AI operations

Flask Track also provides Model Context Protocol tooling that maps approved platform capabilities into structured tools for compatible AI clients and agent environments.

🧠
Structured Agent Tools Allow compatible agents to discover supported operations as defined tools instead of relying on unstructured browser automation or direct database access.
πŸ”—
Backed by the API Surface MCP operations connect to the same evolving Flask Track capabilities represented through the platform’s structured API and OpenAPI definitions.
πŸ›‘οΈ
Permission-Aware Execution Agent actions remain subject to the service user’s role, organization context, compliance restrictions, and available API permissions.
πŸ”
Reviewable Machine Activity Distinguish machine-driven activity from human activity and retain the actor, credential, request context, and affected records for review.

Automate execution without bypassing the operator

Connected systems can assist with execution, data capture, and synchronization while human operators remain responsible for laboratory judgment, exception handling, and production decisions.

πŸ“‹
Retrieve the Current Schedule Load batch or sample schedules into operator interfaces, robotics systems, dashboards, and alerting services.
πŸ“₯
Submit Execution Data Record supported actions and completion information from connected equipment or applications rather than requiring duplicate manual entry.
⏱️
Preserve Actual Completion Times Submit supported completion timestamps so historical records represent when work occurred, not merely when a synchronized request reached the platform.
⚠️
Respect Operational Restrictions API-driven execution remains subject to record state, validation, role permissions, compliance controls, and action-specific authorization.

Programmatic reporting and analytical access

Use the API to discover reusable reports and connect Flask Track to dashboards, scheduled reporting jobs, data consumers, and broader analytical infrastructure.

Service users for accountable machine access

API keys are associated with service users: dedicated machine identities that can be assigned organization roles and governed separately from human accounts.

Organization-scoped authentication

API requests use organization-aware authentication so each request is evaluated within the correct tenant, identity, and permission context.

🏒
Organization Context Requests identify the target organization using the x-organization header.
πŸ”
API Key Authentication Authenticate machine requests using the x-api-key header and a managed organization credential.
πŸ‘€
Session Authentication Supported API operations may also be accessed through authorized user sessions where appropriate.
🚦
Rate-Limited Access Requests are rate limited per authenticated user or API key to protect availability and reduce uncontrolled integration traffic.

Currently documented API areas

The API documentation currently includes operations across the following platform areas. Available routes continue to expand, so integrations should use the live OpenAPI documentation as the source of truth.

🧬
Catalogs Species, ingredients, tools, plasmids, protocols, and workflows.
🧫
Operational Records Samples, sample lookups, batches, sample events, and record details.
πŸ“…
Scheduling Generated schedules for samples and batches, including workflow execution context.
πŸ“Š
Reports & Users Organization report discovery and active user lookup for connected applications.

Built for practical integration workflows

  • βœ” Connect internal applications, automation services, robotics, dashboards, and external operational systems
  • βœ” Read structured species, ingredient, tool, plasmid, protocol, workflow, sample, and batch records
  • βœ” Create supported operational records through validated, organization-scoped routes
  • βœ” Retrieve sample events and inspect generated batch and sample schedules
  • βœ” Complete supported protocol steps and submit execution timestamps programmatically
  • βœ” Discover reusable reports for dashboards, BI tools, and analytical pipelines
  • βœ” Authenticate with managed service users and organization API keys
  • βœ” Connect compatible AI agents through structured MCP tooling
  • βœ” Generate clients and integrations from an evolving OpenAPI specification
  • βœ” Preserve permission checks, compliance rules, rate limits, and audit attribution for machine activity

Programmatic access without surrendering operational control

Flask Track gives approved systems meaningful access to laboratory operations while preserving human responsibility, organization isolation, service-user accountability, validation, compliance-aware authorization, and auditable execution history.