Exchange oAuth Code Grant to Access Token

Purpose

This method is designed to exchange an oAuth code Grant with requested scopes for an access token

Specification

Link	https://ehealthmisapi1.docs.apiary.io/#reference/public.-medical-service-provider-integration-layer/oauth/exchange-oauth-code-grant-to-access-token
Resource	/oauth/tokens
Scope	List of scopes that are required in application business logic, separated by space
Components	Auth
Using Dictionaries	API paragraph not found
Using Microservices	API paragraph not found
Protocol type	REST
Request type	POST
Sync/Async	Sync

Logic

Preconditions

oAuth code Grant has been obtained

Global and configuration parameters

API paragraph not found

Input parameters

Attributes

Token:

Attribute	Type	Description	Example
client_id (required)	String	Medical Service provider ID issued after legal_entity registration. Used to identify the context of the MSP/Pharmacy	6498d88e-97fb-47e2-85a5-99e884f888aa
client_secret (required)	String	Medical Information System secret key issued upon integration request. Used to identify application developer	msp-001-secret-key
code (required)	String	oAuth code grant	299383828
grant_type (required)	String	oAuth Grant Type. Currently only `authorization_code` is supported	authorization_code
redirect_uri (required)	String	URL where user will be redirected after authentification. This url will receive `code` and `state` parameters in query string	https://example.com/
scope (required)	String	List of scopes that is required in application business logic, separated by space. Different login forms will be shown based on scopes that you requested	capitation_contracts:view capitation_contracts:create patients:view patients:create

Filters

None

Request structure

See on Apiary

Example

Request example

curl --include \
     --request POST \
     --header "Content-Type: application/json" \
     --header "X-CSRF-Token: my-csrf-token" \
     --data-binary "{
  \"token\": {
    \"client_id\": \"6498d88e-97fb-47e2-85a5-99e884f888aa\",
    \"client_secret\": \"msp-001-secret-key\",
    \"code\": \"299383828\",
    \"grant_type\": \"authorization_code\",
    \"redirect_uri\": \"https://example.com/\",
    \"scope\": \"capitation_contracts:view capitation_contracts:create patients:view patients:create\"
  }
}" \
'http://ehealth.com/oauth/tokens'

Authorize

API paragraph not found

Validate request (JSON schema)

API paragraph not found

Validation data request

API paragraph not found

Processing

API paragraph not found

Response structure

See on Apiary

Example:

{
  "meta": {
    "code": 201,
    "url": "https://example.com/resource",
    "type": "object",
    "request_id": "req-adasdoijasdojsda"
  },
  "data": {
    "value": "SnNRdCtvU0tTOENBV2dLRUZwNmIzZz09",
    "user_id": "3ff33ced-69dc-415a-b231-c6446898335a",
    "name": "access_token",
    "id": "3ff33ced-69dc-415a-b231-c6446898335a",
    "expires_at": 1498749591,
    "details": {
      "scope": "capitation_contracts:view capitation_contracts:create patients:view patients:create",
      "refresh_token": "my-oauth-refresh-token",
      "redirect_uri": "https://example.com/",
      "grant_type": "authorization_code",
      "client_id": "d290f1ee-6c54-4b01-90e6-d701748f0851"
    }
  }
}

Post-processing processes

API paragraph not found

HTTP status codes

HTTP status code	Message	What caused the error
201

Backward compatibility

API paragraph not found