Clients

Clients allow 3rd party applications to access the Platform APIs using OAuth2. This allows the external application to access the APIs on behalf of a user, or programatically.

Usage

The clients page shows a list of all the clients that have been created. You can create a new client by clicking the Create New button.

• Name: Name of the application / client
• ID: Unique identifier for the client - readonly field
• Logo: Logo of the application / client as a URL
• Scope: The scope of the client. This is used to limit the access of the client to the APIs. Possible options for the scope are:
  • patient/*.read
  • launch/patient
  • emulate_user
  • openid
  • offline
  • offline_access Scope must be entered as space seperated values - patient/*.read launch/patient emulate_user openid offline offline_access
• Client Type: Single Page Application or Backend Application:
  • Single Page Application: This is a client that runs in the browser. It is not allowed to store the client secret, and it is not allowed to access the APIs directly. It uses the Authorization Code flow to access the APIs.
  • Backend Application: This is a client that runs on a server. It is allowed to store the client secret, and it is allowed to access the APIs directly. It uses the Client Credentials flow to access the APIs. Ensure you copy the Client Secret right after creation of the backend client.
• Redirect URIs: The URIs to redirect to after the user has authenticated. This is only used for Single Page Applications. Redirect URLs are expected as comma seperated values - http://localhost:3000,http://localhost:3001

Creation of backend client will generate a client secret which is required for the client to access the APIs. Ensure you copy the client secret right after creation of the backend client.