Authorization
Intrahealth EMR supports OAuth2 authorization for external vendors/applications.
Intrahealth provides the following values as part of the initial configuration:
- Client ID (from eMessage service)
- Client Secret (from eMessage service)
- URL of the related environment (incliding Token request URL)
External applications can initiate OAuth2 authorization to the provided server using the client_credentials flow.
Sample Token message from the application to IH server:
- Token request URL: https://utility2.intrahealth.com/990/ocean/token
- Method: POST
- HEADERS:
content-type: application/x-www-form-urlencoded;charset=UTF-8 - BODY:
grant_type: client_credentials
client_id: XXImUukSE1
client_secret: XXKjU9HiPqp2vPgQvqHK2d0Qjhuiplr2
Sample response from EMR to application:
{
"access_token": "ic2k31F26DjgFJtkNrKb871Bzgof9FcmExnaqEic5i",
"token_type": "bearer",
"refresh_token": "akUJJDolfgIIE4rmHRQFpk5qoeGFQVzChWYa6pTaCR",
"expires_in": 3600
}