search

Authentication

OAuth layer for obtaining access tokens

Every call to MedeX APIs requires an access token to authenticate and authorize the request. MedeX follows OAuth principles and guidelines for generating access tokens and securing the APIs.

circle-info

The access token is specific to the client and not to the patient as the MedeX platform does not create credentials for each patient of the client. Although, the patient is identified by an id given by the client.

hashtag
Getting Access Token

Access Tokens can be obtained by using client credentials grant type

curl --location --request POST 'https://iam.demo.medeintegra.dev/oauth/token' \
--header 'Content-Type: application/json' \
--data-raw '{
    "client_id": "<<client_id>>",
    "client_secret": "<<client_secret>>",
    "audience": "https://play.medeintegra.dev",
    "grant_type": "client_credentials"
}'
circle-info

Client Credentials (ClientId and Client Secret) should be saved securely in the backend and should never be used in the front-end applications.

You will obtain a response that contains the access token

{
  "access_token": "<<ACCESS_TOKEN>>",
  "expires_in": 86400,
  "token_type": "Bearer"
}

Once you have an access_token, you are able to make authorized calls to the API

hashtag
Obtain Access Token

POST https://auth.demo.medeintegra.dev/oauth/token

Use your Client Credentials to obtain the access token

hashtag
Request Body

Name
Type
Description

grant_type

string

Use 'client_credentials'

audience

string

Use 'https://play.medeintegra.dev' for the PLAY environment

client_id

string

Client ID provided for your Application

client_secret

string

Client Secret provided for your Application

PreviousMedeX - API PlatformNextAppointment App

Last updated