Authentication

OAuth layer for obtaining access tokens

Every call to MedeX APIs requires an access token to authenticate and authorize the request. MedeX follows OAuth principles and guidelines for generating access tokens and securing the APIs.

The access token is specific to the client and not to the patient as the MedeX platform does not create credentials for each patient of the client. Although, the patient is identified by an id given by the client.

Getting Access Token

Access Tokens can be obtained by using client credentials grant type

curl --location --request POST 'https://iam.demo.medeintegra.dev/oauth/token' \
--header 'Content-Type: application/json' \
--data-raw '{
    "client_id": "<<client_id>>",
    "client_secret": "<<client_secret>>",
    "audience": "https://play.medeintegra.dev",
    "grant_type": "client_credentials"
}'

Client Credentials (ClientId and Client Secret) should be saved securely in the backend and should never be used in the front-end applications.

You will obtain a response that contains the access token

{
  "access_token": "<<ACCESS_TOKEN>>",
  "expires_in": 86400,
  "token_type": "Bearer"
}

Once you have an access_token, you are able to make authorized calls to the API

$ curl --request GET \
  --url http://path_to_your_api/ \
  --header 'authorization: Bearer <<ACCESS_TOKEN>>'

Obtain Access Token

POST https://auth.demo.medeintegra.dev/oauth/token

Use your Client Credentials to obtain the access token

Request Body

Name

Type

Description

grant_type

string

Use 'client_credentials'

audience

string

Use 'https://play.medeintegra.dev' for the PLAY environment

client_id

string

Client ID provided for your Application

client_secret

string

Client Secret provided for your Application

{
  "access_token": "<<ACCESS_TOKEN>>",
  "token_type": "Bearer"
}

PreviousMedeX - API Platform NextAppointment App

Last updated 4 years ago

Was this helpful?