In order to interact with the PKB REST API, you must identify yourself to PKB. The Client ID allows us to know who you are.
Which type of REST API Client do I need?
You need a User Client if you wish to provide a service to any registered PKB user that agrees to grant you access to their account. For example, you might be building a mobile App and wish to let patients link their PKB account to your product. If you'd like a User Client you'll need to provide PKB with a redirection URI which we will use as part of the OAuth 2.0 workflow. If a PKB user chooses to grant you permission, you will prompt them to manually enter their credentials into a PKB hosted landing page as part of the process. You will then be able to access that user's PKB account, via the REST API, using the tokens generated. When requesting a User Client, we'll agree with you which scopes (user types) you have been approved for. Any connection you make will be limited to functionality accessible by the authenticated user.
You need a System Client if you are building a system or service that interacts directly with PKB, without a specific person being logged in. For example, perhaps you are building ahybrid mail solution which makes use of our read receipt API. In this design, PKB will issue you with a client and a client secret, which you will use to obtain an access token whenever you need to make a call against the API.
These clients can be used to access the Facade and Messaging FHIR endpoints.
If you are building a system or service that will interact with some of our older APIs, you might need a Tethered-Token System Client. This design is based on a Team Coordinator for an existing PKB site granting you permission to access their team's data. They will grant you this permission by manually generating OAuth 2.0 tokens via the web interface for you to use. These tokens will be tethered to that particular team.
These clients can predominantly access thecustom REST API, and when doing so will automatically have access to both CLINICIAN and TEAMCOORD scoped REST API operations.