Services API: Temporary Token Service


Note

When employing the pre-signed URL option, as detailed in in Health data sharing and Clinical document sharing technical implementation guidance, please note that the call to the Temporary Token Service remains optional. This flexibility allows you to choose the most suitable method for accessing your data, depending on your specific requirements and preferences.

The purpose of this endpoint is to get a Temporary Token required to retrieve files in a S3 bucket.


Resource:

POST /partners/services/api/v1/token


Authentication:

Endpoint is secured with mutual TLS. More information can be found here: API Authentication


Request Headers:


Name Type Description Example
org_id String Organization OID 3.16.724.4.41
x-origin-request-id String Request Unique ID generated by EMR middleware (UUID) 5109d51b-421e-4746-b673-16e3fe2b3442"
client_id String Public identifier for organizations generated by Roche DC e63ab70a4fea4034bcf50b5ecfdb2994
client_secret String Client related secret known only to the EMR and Roche DC CaC74B40140D4a0280478E4188682241
Content-Type String application/json application/json


Example cURL Request:

curl -L -X POST 'https://api-services-demo.rochedcplatform-sandbox.com/partners/services/api/v1/token' -H 'client_id: {CLIENT_ID}' -H 'client_secret: {CLIENT_SECRET}' -H 'org_id: {ORG_ID}' -H 'Content-Type: application/json' -H 'Accept: application/json' --data-raw ''

Success Reponse:

HTTP Status Code 200 with temporary aws credentials to retrieve files from S3 access points.


Example:

{ "awsCredentials": { "AccessKeyId": "ASIAQJARWRBBSH", "SecretAccessKey": "MDcJAurLlByzmeAPMszWkd6Xy12ZioCZK", "SessionToken": "FwoGZXIvYXdzEEkaDDeTFvNtX7xj/AAvgCLIAXte7G6fwnc8O91oifBOhZO/i8HQ1eWKoxO5KW2AUEHLt8dn2Q5io0UgsjM", "Expiration": "2020-11-12T08:49:00.000Z" }, "awsResources": [ "arn:aws:s3:us-east-1:019364481091:accesspoint/example-emr-integration-1.1.1.1.1-accesspoint" ] }