The Foundation API gives your applications direct access to qualified device data, regulatory compliance services, and fleet management.
Foundation is infrastructure, not licensed IP embedded in your product. Your clinical algorithms, data models, and application logic remain entirely within your domain. The API provides a service boundary, not a code dependency. Your investors see a product built on proven regulatory infrastructure, not encumbered by third-party IP.
High-level access to the regulatory infrastructure, qualified device data, and fleet management capabilities of the Foundation Platform.
Access data that has passed through Foundation Core's four-layer validation pipeline, cryptographically signed at the edge with a full chain of custody. Regulatory-grade data with provenance your notified body can verify.
Programmatic access to SBOM reports, SOUP management, CVE status, compliance dashboards, audit trail exports, and regulatory submission packages. Pull directly into your QMS.
Granular role-based access control across end users, organisations, manufacturers, and clinical staff. Manage hierarchies and permissions programmatically through your own systems.
Know the state of every device: firmware version, compliance status, calibration dates, service history. Integrate Foundation Manager's asset register into your operational systems.
Trigger, schedule, and monitor firmware updates to Foundation Core and subordinate processors. End users are never involved; the asset register updates automatically.
Subscribe to alarm events, compliance status changes, update completions, security alerts, and device health notifications. Build your own dashboards or integrate with existing clinical systems.
The Foundation API uses RESTful conventions with consistent authentication, pagination, and error handling. Responses carry qualified data with full provenance metadata.
Comprehensive documentation, SDKs, and integration guides are available to Foundation Platform members.
The Foundation API is Software as a Service (SaaS) available to Partners. All tiers include full API access. Pricing reflects the number of active devices under management. No hidden charges, no per-call metering, no surprises.
For products entering the market with initial deployments.
For established products scaling across markets and territories.
For large-scale deployments with bespoke requirements.
Every Foundation service, from the platform partnership through to the API, is designed so that you can model your total cost of ownership at the outset. No metered API calls, no bandwidth charges, no surprises at scale.
One rate per active device per month. Simple to model, simple to forecast.
Device-to-cloud data transport is included. No bandwidth metering.
All 12 report types, SBOM, SOUP, CVE monitoring, and audit trails are part of your tier.
Software maintenance, security patches, and regulatory alignment updates at no additional cost.
Building regulatory-compliant infrastructure from scratch requires sustained specialist investment across multiple disciplines, for the life of the product.
| Capability | Build in-house | Foundation API |
|---|---|---|
| Qualified data pipeline with edge signing | Custom build required | Included |
| IEC 62304 compliant SBOM/SOUP management | Specialist team required | Included |
| OTA firmware update infrastructure | Multi-year programme | Included |
| HSM-backed device provisioning | Significant capital outlay | Included |
| CVE monitoring and security patching | Ongoing specialist cost | Included |
| Post-market surveillance reporting | Regulatory expertise required | Included |
| Impact on your IP position | Retained but at high cost | Retained at service cost |
| Time to first API call | Months to years | Days after provisioning |