JSPM

  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 557
  • Score
    100M100P100Q111873F
  • License SEE LICENSE IN LICENSE

Embeddable CareCompass SDK and CLI for payer-whitelabeled deployments.

Package Exports

  • @nexalink/carecompass-sdk
  • @nexalink/carecompass-sdk/cli
  • @nexalink/carecompass-sdk/schema

Readme

CareCompass Payer Embed SDK

@nexalink/carecompass-sdk helps payer teams embed a branded CareCompass chat experience in their own websites and applications. It includes a React component, a vanilla JavaScript mount helper, shared configuration validation, and a CLI for setup, validation, snippet generation, and local diagnostics.

CareCompass lets a payer offer member-facing navigation support while keeping LLM inference behind Nexalink-hosted APIs. The payer controls the placement, branding, theme, labels, support links, allowed origins, and approved prompt configuration. Nexalink controls account validation, API-key enforcement, embed-key authorization, usage tracking, and the hosted model path.

This package is publicly installable for developer convenience, but meaningful use requires a Nexalink payer account and a Nexalink-issued API key.

Who This Is For

This SDK is for enterprise healthcare teams that want to add CareCompass to a payer-owned frontend without building their own model gateway, prompt validation layer, key-management flow, or token-metering pipeline.

Typical users include:

  • payer portal developers embedding CareCompass in a member site
  • implementation engineers configuring staging and production deployments
  • technical operators validating origins, branding, and prompt policy
  • non-technical payer admins issuing SDK keys from the payer portal

Account Required

You need a Nexalink payer account before using the SDK beyond package installation.

The account is required because Nexalink validates:

  • the payer ID
  • the secret SDK API key
  • the public browser embed key
  • the deployment environment
  • the allowed website origins
  • the approved prompt configuration
  • API usage and token counts for future metered billing

API keys are issued in the Nexalink payer portal under the CareCompass SDK section. The secret API key is shown once and should be stored locally by the developer. It should never be committed to source control or placed in browser code.

If you do not have an API key, run:

npx @nexalink/carecompass-sdk login

The CLI will direct you to the payer signup path.

Install And Run

Use any common JavaScript package manager. For first-time testing, the simplest path is to run each command with npx.

npx @nexalink/carecompass-sdk login --api-key <nexalink-api-key>
npx @nexalink/carecompass-sdk init --payer-id acme-health --origin https://members.acme-health.com
npx @nexalink/carecompass-sdk validate --config carecompass.config.json
npx @nexalink/carecompass-sdk snippet --config carecompass.config.json --output carecompass-embed.html
npx @nexalink/carecompass-sdk doctor --config carecompass.config.json

npx does not permanently install a carecompass shell command. If you use npx for login, keep using npx @nexalink/carecompass-sdk <command> for init, validate, snippet, and doctor.

Package-manager equivalents:

npm exec --package @nexalink/carecompass-sdk -- carecompass init
pnpm dlx @nexalink/carecompass-sdk init
yarn dlx @nexalink/carecompass-sdk init
bunx @nexalink/carecompass-sdk init

You can also install it in a project and run the binary through your package manager:

npm install @nexalink/carecompass-sdk
npm exec carecompass -- init --payer-id acme-health --origin https://members.acme-health.com

Or install it globally if your organization permits global npm tools:

npm install -g @nexalink/carecompass-sdk
carecompass init --payer-id acme-health --origin https://members.acme-health.com

CLI Commands

login

Stores your secret Nexalink API key locally so the other SDK commands can validate your payer configuration.

npx @nexalink/carecompass-sdk login --api-key <nexalink-api-key>

Credentials are stored at ~/.nexalink/carecompass/credentials.json by default. You can also set CARECOMPASS_API_KEY in your shell or CI environment.

init

Creates a starter carecompass.config.json file. This file contains payer-facing configuration only. It does not contain the secret API key.

npx @nexalink/carecompass-sdk init --payer-id acme-health --origin https://members.acme-health.com

validate

Checks that the config shape is valid and that credentials are available.

npx @nexalink/carecompass-sdk validate --config carecompass.config.json

snippet

Generates an HTML embed snippet that can be pasted into a payer-owned page or reviewed by non-technical stakeholders.

npx @nexalink/carecompass-sdk snippet --config carecompass.config.json --output carecompass-embed.html

doctor

Prints a deployment readiness summary for the selected config.

npx @nexalink/carecompass-sdk doctor --config carecompass.config.json

Configuration

carecompass.config.json is safe to commit when it only contains public embed configuration. Do not add the secret API key to this file.

{
  "payerId": "acme-health",
  "environment": "staging",
  "apiBaseUrl": "https://api.nexalink.care",
  "embedKey": "embed_public_key_from_nexalink",
  "allowedOrigins": ["https://members.acme-health.com"],
  "branding": {
    "displayName": "Acme Health",
    "logoUrl": "https://members.acme-health.com/logo.svg",
    "supportUrl": "https://members.acme-health.com/support"
  },
  "theme": {
    "primaryColor": "#2563eb",
    "backgroundColor": "#ffffff",
    "textColor": "#111827",
    "borderRadius": "8px",
    "fontFamily": "system-ui, sans-serif"
  },
  "labels": {
    "title": "Acme Care Guide",
    "placeholder": "Ask about benefits, care options, or next steps...",
    "sendButton": "Send",
    "disclaimer": "CareCompass provides navigation support, not medical advice.",
    "errorMessage": "CareCompass is unavailable right now."
  },
  "prompt": {
    "systemInstruction": "Help members navigate benefits and care options within approved Acme Health support policies.",
    "welcomeMessage": "How can I help you navigate your care today?",
    "allowUserContext": false
  },
  "placement": {
    "mode": "inline"
  },
  "deploymentTarget": "web"
}

React Usage

import { CareCompassEmbed } from "@nexalink/carecompass-sdk";
import config from "./carecompass.config.json";

export function MemberSupport() {
  return <CareCompassEmbed config={config} />;
}

Vanilla JavaScript Usage

import { mountCareCompass } from "@nexalink/carecompass-sdk";
import config from "./carecompass.config.json";

mountCareCompass(document.getElementById("carecompass-root"), config);

Package Exports

import {
  CareCompassEmbed,
  mountCareCompass,
  validateCareCompassConfig,
  createCareCompassClient,
} from "@nexalink/carecompass-sdk";

import type {
  CareCompassConfig,
  CareCompassTheme,
  CareCompassLabels,
  CareCompassPromptConfig,
} from "@nexalink/carecompass-sdk";

Runtime Dependencies

The package has a small runtime surface:

  • zod for shared config validation
  • react as a peer dependency for the embed component
  • react-dom as a peer dependency for mounting

Peer dependency range:

{
  "react": "^18.3.0 || ^19.0.0",
  "react-dom": "^18.3.0 || ^19.0.0"
}

The CLI requires Node.js 18 or newer.

What Runs In The Browser

The browser receives only public embed configuration:

  • payer ID
  • environment
  • public embedKey
  • branding and theme values
  • labels and support links
  • approved prompt settings

The browser does not receive:

  • the secret SDK API key
  • SageMaker credentials
  • private model endpoint details
  • Nexalink server-side allowlists

Chat requests are sent to Nexalink-hosted CareCompass API routes. The component does not call the model endpoint directly.

API Keys And Usage Tracking

SDK API keys are issued in the payer portal and stored server-side as hashes. Each key is associated with a payer, environment, public embed key, and allowed origins.

CareCompass usage under a key is tracked so Nexalink can support future Stripe metered billing. The backend records estimated prompt tokens, completion tokens, total tokens, and last-used timestamps per payer/API key.

Staging And Production

Use separate keys and config files for staging and production.

npx @nexalink/carecompass-sdk validate --config carecompass.staging.json
npx @nexalink/carecompass-sdk snippet --config carecompass.staging.json --output staging-embed.html
npx @nexalink/carecompass-sdk doctor --config carecompass.staging.json

Before production, confirm:

  • production origin is allowlisted exactly
  • production embedKey is separate from staging
  • support links route to the payer's approved support surface
  • prompt instructions are approved by Nexalink and the payer
  • no secret API key appears in generated source code

Troubleshooting

Missing Nexalink API key

Run npx @nexalink/carecompass-sdk login --api-key <key> or set CARECOMPASS_API_KEY.

zsh: command not found: carecompass

You ran the SDK with npx, which does not install a permanent global command. Run the next command with npx @nexalink/carecompass-sdk <command>, install the package in your project, or install it globally.

Origin is not authorized

Add the exact website origin to the payer portal SDK configuration.

Prompt configuration violates CareCompass guardrails

Remove unsafe or unsupported instructions and re-run validation.

CareCompass embed client is not authorized

Confirm payerId, embedKey, environment, and allowed origins match the key issued in the payer portal.

CareCompass inference service is not configured

Nexalink server operators should confirm the hosted environment has CARECOMPASS_LLM_URL configured.

License

This SDK is proprietary software owned by Nexalink Health, Inc. See the included LICENSE file.