Follow these steps to use your application's Client ID, Client Secret, authorization codes, and tokens to securely connect your application to the Patient Access API.
Authorization Overview
The Patient Access API relies on the OAuth 2.0 specification for securing connections. The Health Chain FHIR server supports both the standard OAuth 2.0 and OIDC web application authorization flow and the Proof Key for Code Exchange (PKCE) authorization flow.
Note:
- When using the Patient Access portion of the Health Chain APIs, you will need to utilize security protocols to connect to the Health Chain FHIR server.