MediLink AI Scribe

MediLink: A zero-trust medical agent using GLM 5.1 & Auth0 to turn native voice notes into standardized English clinical records with secure human-in-the-loop authorization.

Comment

Inspiration 💡

Global healthcare faces two massive crises: physician burnout (doctors spend up to 4 hours a day writing clinical notes) and interoperability/language barriers (clinical data is siloed and often not in standardized Medical English).

However, applying AI to healthcare is terrifying for hospitals. Giving an autonomous LLM raw API keys to write patient records or schedule appointments is a massive security risk. We needed a way to build an AI that is incredibly smart but cryptographically chained to human consent.

That’s why I built MediLink AI Scribe: to prove that we can bridge the language barrier in healthcare using Z.AI's advanced cross-lingual reasoning, while enforcing strict Zero-Trust security using Auth0 Token Vault.

What it does ⚙️

MediLink is a Zero-Trust, Cross-Lingual Clinical Agent. It acts as an orchestrator for medical professionals:

  1. Cross-Lingual Processing: A doctor in Latin America records a voice note in native Spanish ("Señora María Elena... le daremos el alta...").
  2. Native ASR & Reasoning: Z.AI's GLM-ASR-2512 transcribes the audio, and GLM-5.1 acts as a cultural and clinical bridge. It doesn't just translate; it reasons the clinical implications and structures the output in standardized Medical English.
  3. FHIR Integration: The agent automatically reads and writes the clinical notes to a Google Cloud Healthcare FHIR R4 Store.
  4. Zero-Trust Execution (Auth0): When the agent decides the patient is stable and attempts to schedule a discharge in Google Calendar, it halts. Auth0 Token Vault intercepts the action, pops up a secure consent window for the doctor, and only after cryptographic approval, resumes the workflow to create the event. The LLM never sees the raw Google access tokens.

How we built it 🛠️

  • Brain: GLM-5.1 (Z.AI) for core orchestration, medical reasoning, and cross-lingual translation.
  • Ears: GLM-ASR-2512 (Z.AI) for highly accurate Spanish medical transcription.
  • Security & Identity: Auth0 Token Vault and @auth0/ai-langchain to manage federated third-party tokens (Google Workspace) without exposing them to the LLM.
  • Framework: Next.js 15 (App Router), React, and TailwindCSS.
  • Orchestration: LangGraph to manage the state machine, tools, and the crucial "interrupt" human-in-the-loop nodes.
  • Database: Google Cloud Healthcare API (FHIR Store) for compliance-ready patient data.

Challenges we ran into 🚧

The hardest technical challenge was mastering the Agentic Interrupt Pattern over Server-Sent Events (SSE). When the agent realizes it needs to call Google Calendar, it triggers a tool. Auth0 intercepts this and throws an exception. Catching this specific exception in the backend, gracefully suspending the LangGraph execution, parsing the required scopes, and sending a specific interrupt payload to the Next.js frontend—all without breaking the streaming connection—required deep architectural planning.

Accomplishments that we're proud of 🏆

  1. Zero-Click Cross-Lingual Translation: Achieving a seamless flow where audio goes in as conversational Spanish and comes out as a structured, FHIR-compliant English medical record using GLM-5.1's native capabilities.
  2. True Human-in-the-Loop: Successfully implementing Auth0 Token Vault. Watching the agent halt its execution, wait for human consent, and seamlessly resume exactly where it left off is magical. It proves that AI in healthcare can be secure.

What we learned 🧠

I learned how to integrate LangGraph with Next.js Edge streams, and deeply understood the value of Auth0's Token Vault. Giving LLMs raw OAuth tokens is a bad practice of the past; delegated, just-in-time consent is the future of Agentic AI.

What's next for MediLink AI Scribe 🚀

The next step is converting this architecture into a standalone Model Context Protocol (MCP) server. This will allow hospitals to plug MediLink into any compatible EHR system, ensuring that cross-lingual medical reasoning and Zero-Trust execution become the standard for clinical workflows globally.

Bonus Blog Post: Securing Medical AI with Auth0 Token Vault 🛡️

When building AI agents for healthcare, the biggest architectural dilemma is: How do we let the AI take actions (like sending emails or scheduling appointments) without giving the LLM raw access tokens that could be hallucinated or hijacked?

In MediLink AI Scribe, I solved this using the Auth0 Token Vault.

Instead of hardcoding a Google Calendar API key into my LangChain tools, I configured the agent to use Auth0 as a proxy. Here is how the magic happens:

  1. The Request: The doctor tells the AI (GLM-5.1) to "Schedule a medical discharge."
  2. The Interception: The AI attempts to execute the googleCalendarTool. However, inside the tool, it lacks a valid token. The @auth0/ai-langchain SDK intercepts this and throws a specific GraphInterrupt.
  3. The Pause: My Next.js backend catches this interrupt, pauses the LangGraph state machine, and streams a signal to the frontend: "I need permissions for calendar.events."
  4. The Consent: The doctor sees a secure Auth0 popup, logs into Google, and grants consent. Auth0 stores this federated token securely in its Vault.
  5. The Resumption: The frontend sends a signal back to the backend. The backend resumes the LangGraph state. This time, when the tool executes, it requests the token directly from Auth0's Token Vault via an exchange grant. The token is injected just in time into the API call, and the event is created.

The result? The LLM never touches the raw Google Token. It only orchestrates the logic, while Auth0 handles the cryptography and consent. This pattern is an absolute game-changer for enterprise-grade Agentic AI, ensuring that every sensitive action is explicitly authorized by a human.

Built With

Share this project:

Updates