# Client credentials and OAuth 2.0 1upHealth uses the OAuth 2.0 flow for users to authenticate to our FHIR servers. 1up provides a FHIR server (Patient Access) and a FHIR Bulk Export server (Provider Access & Payer-to-Payer). For the OAuth 2.0 flow, you must have client credentials (`client_id` and `client_secret`) from 1upHealth. You provide these codes to 1up as part of the authentication request to receive a `Bearer` token, also known as a `access` token. The `Bearer` token is used for following requests. The method for obtaining client credentials depends on the API you want to use. ## Patient Access You must submit a request to create an application for the [1up Developer Console](https://developer.1up.health/). 1upHealth then reviews your information and syncs your application's credentials (`client_id`, `client_secret`, and redirect URIs) with our Demo Health Plan Sandbox environment. 1. In the 1up Developer Console, select Dashboard from the side navigation. 2. Click Add Your First Application. 3. Type a name for your application and an OAuth2 redirect URL. 4. Click Save. 5. Save your `client_id` and `client_secret` somewhere secure. These codes do not appear again. 6. Send an email to **payer-patient-access@1up.health** with the following information: - Company name - Short description of your application and use case - `client_id` for your application The below API request is used for requesting a `Bearer` token. After you have created your application and successfully receive a `Bearer` token, you must create a `user` for each member that wants to share their data with you. See [Info for third-party developers](/docs/patient-access/dev-implementation) for more information. ## Provider Access The required client credentials (`client_id` and `client_secret` codes) are obtained by registering an account in the [1up Dev Portal](https://developer.console.1up.health/1up-dev-portal). 1. Register on the [1up Dev Portal](https://developer.console.1up.health/1up-dev-portal), complete email verification, and login. 2. Click **Create a Client**. 3. Select an **Organization Type**. 4. Enter a Client Name. 5. Click **Create**. 6. From Sandbox Clients, copy your new client's `client_id` and `client_secret`. 7. Use the `client_id` and `client_secret` in the request below: 1. Copy the access_token from the successful response. ## Payer-to-Payer Data Exchange The required client credentials (`client_id` and `client_secret` codes) are obtained by registering an account in the [1up Dev Portal](https://developer.console.1up.health/1up-dev-portal). 1. Register on the [1up Dev Portal](https://developer.console.1up.health/1up-dev-portal), complete email verification, and login. 2. Click **Create a Client**. 3. Select an **Organization Type**. 4. Enter a Client Name. 5. Click **Create**. 6. From Sandbox Clients, copy your new client's `client_id` and `client_secret`. 7. Use the `client_id` and `client_secret` in the request below: 1. Copy the access_token from the successful response.