Versions Compared

Version Old Version 11 New Version Current
Changes made by

Sara Muse

Sara Muse

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • The environment you are connecting to (e.g. sandbox, UK production, EU production, etc.)

  • The API endpoint that you are calling (the Facade and Messaging FHIR endpoints share one token endpoint, which differs from the token endpoint for the Customer and Aggregated FHIR endpoints)

Please see the Connectivity page for details.

Excerpt
nameOAuth2ClientCredentialsParameters

Parameters

Parameter

Type

Optionality

Description

Example

grant_type

Form parameter

Required

Must be "client_credentials"

client_credentials

Authorization

HTTP header

Required

This is a standard HTTP basic authorization header.

The value should be a Base64 encoding of your client ID and client secret, concatenated together with a colon (:) separator, and prepended with "Basic ".

For example, if your client ID was example_client_id and your client secret was example_secret then your header value should be:

Basic ZXhhbXBsZV9jbGllbnRfaWQ6ZXhhbXBsZV9jbGllbnRfc2VjcmV0

Basic ZXhhbXBsZV9jbGllbnRfaWQ6ZXhhbXBsZV9jbGllbnRfc2VjcmV0

Content-Type

HTTP header

Required

Must be "application/x-www-form-urlencoded"

application/x-www-form-urlencoded

...

Code Block
HTTP/1.1 200 OK

{
    "access_token": "abcdef",
    "token_type": "bearer",
    "expires_in": 3599,
    "scope": "4e4a5165-af36-40ec-877a-0333cde24490-all",
    "client_name": "Your client name",
    "jti":"24eb74c3-ad03-4c4f-a93d-786cf47b6c2f"
}

Customer endpoint

Customer endpoint
Excerpt
nameOAuth2ClientCredentialsCustomerEndpointExampleResponse
Code Block
HTTP/1.1 200 OK

{
    "access_token": "abcdef",
    "expires_in": 300,
    "refresh_expires_in": 0,
    "token_type": "Bearer",
    "not-before-policy": 0,
    "scope": "email profile"
}

...