Skip to main content
Corti Assistant is a full-featured clinical AI application that can be embedded directly into your healthcare application. It provides ambient documentation, dictation, clinical decision support, and more—all accessible through a programmable interface.
Most common integration pattern: C# desktop application → WebView → localhost HTML page → Web Component. This approach is used by most integrators and provides full control from your native application while leveraging web technologies for the UI layer.
Ready to start building? Check out the Web Component examples on GitHub to see complete React and vanilla TypeScript implementations. The Web Component is the recommended integration method and provides the best developer experience.

Integration Architecture

When you embed Corti Assistant, you’re integrating a complete application into your own. This embedded Assistant communicates with your application through one of three integration methods: Your integration layer handles:
  • Authentication - Managing user sessions with OAuth2 tokens
  • API Communication - Creating interactions, generating documents, controlling recording
  • Event Handling - Receiving updates about interactions, documents, and user actions
  • UI Embedding - Displaying the Assistant interface in your application

Three Integration Methods

Corti provides three ways to embed the Assistant, each optimized for different architectural needs:

Quick Decision Guide

Comparison Table

Choose your integration method based on your architectural requirements:
Web ComponentPostMessageWindow API
Recommended ForNative apps (C#) + WebView, web appsExisting postMessage implementationsSame-origin / direct URL embedding
Native App Support✅ Yes (C#, .NET, Electron via WebView)✅ Yes (via WebView)⚠️ Same-origin only
Framework SupportUniversal (React, Vue, Angular…)UniversalUniversal (same-origin only)
Cross-Origin Support✅ Yes✅ Yes❌ No (same-origin only)
Type SafetyFull TypeScriptManual typing requiredFull TypeScript
API StylePromise-based methodspostMessage request/responsePromise-based methods
Event HandlingNative addEventListenerManual postMessage parsingNative addEventListener
Ease of Use5/53/54/5
React SupportBuilt-in hooks & componentsManual implementationManual implementation
Setup ComplexityInstall NPM packageCreate iframe + message handlersLoad script + direct API access
iframe ManagementAutomaticManualManual (if using iframe)
A modern, framework-agnostic custom HTML element that wraps the Assistant in a cross-origin iframe. The Web Component handles all postMessage complexity internally and provides a clean TypeScript API. Works for both:
  • Web applications - React, Vue, Angular, or any framework (including server-rendered pages)
  • Native applications - C#, .NET, Electron with WebView controls loading a local HTML page
Best for:
  • Native desktop applications (C#, .NET, Electron) with WebView controls
  • Web applications using React, Vue, Angular, or any modern framework
  • Mobile applications with WebView components
  • New integrations starting from scratch
  • Teams that want TypeScript support and native event handling
  • Cross-origin scenarios (different domains)
Architecture highlights:
  • Standard Web Component that works everywhere
  • Built-in React hooks and components for optimal DX
  • Automatic iframe communication handling
  • Promise-based API with TypeScript definitions

Web Component Integration Guide

Learn how to integrate using the Web Component API

PostMessage API

Direct iframe integration where you manually manage the iframe element and communicate via browser’s postMessage API. This is the low-level protocol that the Web Component abstracts. Best for:
  • Existing implementations already using postMessage
  • Teams with specific iframe management requirements
  • Legacy applications where adding new dependencies is difficult
Architecture highlights:
  • Full control over iframe lifecycle and positioning
  • Direct access to postMessage protocol
  • Works cross-origin (different domains)
  • Requires manual event parsing and error handling

PostMessage Integration Guide

Learn how to integrate using the PostMessage API

Window API

Same-origin integration where your application and Corti Assistant run on the same domain, allowing direct JavaScript API access through the global window.CortiEmbedded object. Best for:
  • Same-origin scenarios (both apps on same domain)
  • Direct URL embedding in webviews or popup windows
  • Mobile webview integrations where same-origin is guaranteed
  • Scenarios requiring the simplest possible integration
Architecture highlights:
  • No iframe or postMessage complexity
  • Direct function calls to JavaScript API
  • Only works when same-origin policy is satisfied
  • Promise-based API with full TypeScript support

Window API Integration Guide

Learn how to integrate using the Window API

Common Integration Flow

Regardless of which method you choose, the integration follows the same high-level flow:
1

Embed the Assistant

Add the Corti Assistant interface to your application using your chosen integration method (Web Component, iframe, or window reference).
2

Authenticate Users

Implement OAuth2 authentication to obtain user tokens. All methods require user-based authentication with OAuth2 tokens (access, refresh, and ID tokens).

Authentication Guide

Learn how to set up OAuth2 authentication for your users
3

Initialize the Assistant

Pass authentication tokens to the Assistant and configure the interface (features, appearance, locale).
4

Create Clinical Interactions

Use the API to create interactions that represent clinical encounters, associate them with patient data, and manage their lifecycle.
5

Handle Events

Listen for events from the Assistant (document generated, recording started, errors, etc.) and update your application UI accordingly.

Authentication Requirements

All three integration methods require OAuth2 user authentication. See the Authentication Guide for complete setup instructions.
All Embedded Assistant integrations require user-based OAuth2 authentication with access_token, refresh_token, and id_token. Client credentials and machine-to-machine flows are not supported.

API Capabilities

Once embedded and authenticated, all three integration methods provide access to the same comprehensive API:
  • Authenticate users with OAuth2 tokens
  • Refresh authentication tokens
  • Configure interface features and appearance
  • Set language and locale preferences
  • Create new clinical interactions - Associate encounters with patient context
  • Manage interaction lifecycle - Navigate between sessions
  • Start and stop audio recording - Control recording state - Monitor recording status - Handle recording events
  • Add clinical facts to interactions - Generate documents from captured data - Retrieve available templates - Configure document generation behavior
  • Listen for interaction events
  • Monitor document generation status
  • Track recording state changes
  • Handle errors and warnings

Complete API Reference

Full documentation of all API methods, parameters, and return types

Next Steps

Choose Web Component

Modern, recommended approach with framework support

Choose PostMessage

Direct iframe control with manual postMessage handling

Choose Window API

Same-origin integration with direct API access

View Working Examples

Complete TypeScript and React examples on GitHub