Product Summary

Third party app developers need a self-serviceable way to authorize for our various endpoints:

• Patient Access

• Provider Access

• Payer

• ePA (Prior Auth)

• Patient Connect

In order to do so, they need to be able to create and manage client credentials on their own. Our platform leverages Keycloak for authentication/authorization, and the rules that govern our data access endpoints are configured onto access tokens, which are generated by Keycloak, based on client credentials.

By giving our customers a UI to create and manage Keycloak client credentials (clients id’s and secrets), we can allow our customers to manage and maintain a minimal set of client credentials that can authorize for our data access endpoints. By doing so, we put simple product-level decisions into the customer’s control within the UI (i.e. options for what type of data a specific client will have access to). Meanwhile we can configure the rules, protections, and logic on the back end that enables these credentials to properly authorize across our platform.

The 1up Dev Portal is that UI, and in turn also orchestrates much of the Keycloak configuration and authorization logic to ensure client credentials can properly authorize for the intended endpoints.