# Client credentials and OAuth 2.0

1upHealth uses the OAuth 2.0 flow for users to authenticate to our FHIR servers. 1up provides a FHIR server (Patient Access) and a FHIR Bulk Export server (Provider Access & Payer-to-Payer).

For the OAuth 2.0 flow, you must have client credentials (`client_id` and `client_secret`) from 1upHealth. You provide these codes to 1up as part of the authentication request to receive a `Bearer` token, also known as a `access` token. The `Bearer` token is used for following requests.

The method for obtaining client credentials depends on the API you want to use.

## Patient Access

In addition to client credentials (`client_id` and `client_secret`), Patient Access requires a `code` obtained by connecting to a demo health plan's auth application.

Review [Info for third-party developers](/docs/patient-access/dev-implementation) for instructions on obtaining the required parameters and requesting a Bearer token.

## Provider Access

The required client credentials (`client_id` and `client_secret` codes) are obtained by registering an account in the [1up Dev Portal](https://developer.console.1up.health/1up-dev-portal).

1. Register on the [1up Dev Portal](https://developer.console.1up.health/1up-dev-portal), complete email verification, and login.
2. Click **Create a Client**.
3. Select an **Access Type**.
4. Enter a Client Name.
5. Click **Create**.
6. From Sandbox Clients, copy your new client's `client_id` and `client_secret`.
7. Use the `client_id` and `client_secret` in the request below:

8. Copy the access_token from the successful response.


## Payer-to-Payer Data Exchange

The required client credentials (`client_id` and `client_secret` codes) are obtained by registering an account in the [1up Dev Portal](https://developer.console.1up.health/1up-dev-portal).

1. Register on the [1up Dev Portal](https://developer.console.1up.health/1up-dev-portal), complete email verification, and login.
2. Click **Create a Client**.
3. Select an **Access Type**.
4. Enter a Client Name.
5. Click **Create**.
6. From Sandbox Clients, copy your new client's `client_id` and `client_secret`.
7. Use the `client_id` and `client_secret` in the request below:

8. Copy the access_token from the successful response.