Patient Portal

Task links

Secure, token-based URLs that let patients complete scheduled evaluations without logging in to the portal.

Not every patient needs a full portal account. A task link is a secure URL sent to a patient's email or phone number when a scheduled assessment is due. The link contains a unique token that identifies the patient and the evaluation they need to complete. Clicking the link opens the evaluation player directly — no login required.

Task links are designed for patients who interact with EVAL only through their email or phone — they never need to remember a username, manage a password, or navigate the portal interface.

How task links work

When a schedule reminder fires (because an assessment is due), the system generates a single-use token and embeds it in the notification email or SMS. The patient clicks the link, which opens a simplified version of the portal showing their pending tasks. From there, they click the evaluation to open the player and submit their responses.

Token expiration

Task link tokens expire after a set period (typically 24 hours). If a patient clicks an expired link, they see a message indicating the link is no longer valid. At that point, they can either log in to the portal with their account credentials (if they have one) or wait for the next scheduled reminder, which generates a fresh token.

Each task link token is tied to a specific assessment period. If a patient receives a new reminder for the same schedule, the new link contains a fresh token — the old one is no longer needed. This prevents confusion about which link to use.

What the task page shows

The task page displays a list of evaluations the patient needs to complete, similar to the Today dashboard but without the full portal navigation. Each task shows the evaluation name, the provider who assigned it, and an action to start the evaluation. The patient completes the evaluation through the same player interface used in the full portal.

After submitting, the patient sees a confirmation and can close the browser — there's nothing else to do until the next scheduled assessment.

Security

Task links use single-use, time-limited tokens that are bound to a specific patient and assessment. Even if a link is shared, it can only be used once and expires quickly. The response is always attributed to the correct patient because the token carries the patient identity.

Task links are not the same as public intakes. If you need the response linked to a known patient's record and schedule, use task links through scheduled assessments. Public intakes are anonymous by design and don't link to patient records.

How task tokens work behind the scenes

When a schedule reminder fires, EVAL generates a compact 12-character token using a collision-resistant Base58 alphabet (no ambiguous characters like 0, O, l, or I). The token is embedded in the notification email or SMS as part of the task URL.

Each token is tied to a specific patient and provider connection. If a valid token already exists for that patient within the current 24-hour window, the system reuses it rather than creating a new one — so multiple reminders on the same day share the same link.

Tokens expire after 24 hours. When a patient clicks an expired link, the system returns an expiration notice. At that point, the background reminder system automatically reissues a fresh token and sends a new notification. The old token is marked as reissued and linked to the replacement, creating an audit chain that tracks the full history of tokens issued for each patient.

Importantly, task link tokens don't require the patient to be logged in — the public task endpoints allow unauthenticated access scoped to only that patient's assigned evaluations. The token carries enough context to identify the patient, their provider, and the evaluations they need to complete, without exposing any other patient data.

Task tokens are not single-use — a patient can click the same link multiple times within the 24-hour window to return to their task list. This is intentional: patients who close the browser mid-evaluation can reopen the link to continue where they left off.

Public intakes

Anonymous evaluation forms that anyone can complete through a shared URL.

Scheduling assessments

How clinicians create schedules that generate task links for patients.

Schedules

How patients view their scheduled assessments, track completion progress, and understand upcoming evaluation timelines set by their healthcare providers.