1upHealth uses the OAuth 2.0 flow for users to authenticate to our FHIR servers. 1up provides a FHIR server (Patient Access) and a FHIR Bulk Export server (Provider Access & Payer-to-Payer).
For the OAuth 2.0 flow, you must have client credentials (client_id and client_secret) from 1upHealth. You provide these codes to 1up as part of the authentication request to receive a Bearer token, also known as a access token. The Bearer token is used for following requests.
The method for obtaining client credentials depends on the API you want to use.
In addition to client credentials (client_id and client_secret), Patient Access requires a code obtained by connecting to a demo health plan's auth application.
Review Info for third-party developers for instructions on obtaining the required parameters and requesting a Bearer token.
Contact customer-engagement@1up.health to request EPA client credentials for OAuth 2.0. You must have client credentials for either the demo or production environments.
Replace the curly brackets {} and all text inside them with the client credentials provided to you.
curl -I -X POST 'https://gateway.1upcoreuat.com/auth/realms/epa-uat/protocol/openid-connect/token' \
-H 'Content-Type: application/x-www-form-urlencoded' \
-d 'client_id={your_client_id}' \
-d 'client_secret={your_client_secret}' \
-d 'grant_type=client_credentials'curl -I -X POST 'https://gateway.1upcoreprod.com/auth/realms/epa-prod/protocol/openid-connect/token' \
-H 'Content-Type: application/x-www-form-urlencoded' \
-d 'client_id={your_client_id}' \
-d 'client_secret={your_client_secret}' \
-d 'grant_type=client_credentials'The required client credentials (client_id and client_secret codes) are obtained by registering an account in the 1up Dev Portal.
- Register on the 1up Dev Portal, complete email verification, and login.
- Click Create a Client.
- Select an Access Type.
- Enter a Client Name.
- Click Create.
- From Sandbox Clients, copy your new client's
client_idandclient_secret. - Use the
client_idandclient_secretin the request below:curl -i -X GET \ https://gateway.1up.health/auth/realms/dev-portal/protocol/openid-connect/token \ -H 'Content-Type: application/x-www-form-urlencoded' \ -d client_id={your-id-here} \ -d client_secret={your-secret-here} \ -d grant_type=client_credentials \ -d 'scope=bulk-data|user/*.rs' - Copy the access_token from the successful response.
The required client credentials (client_id and client_secret codes) are obtained by registering an account in the 1up Dev Portal.
- Register on the 1up Dev Portal, complete email verification, and login.
- Click Create a Client.
- Select an Access Type.
- Enter a Client Name.
- Click Create.
- From Sandbox Clients, copy your new client's
client_idandclient_secret. - Use the
client_idandclient_secretin the request below:curl -i -X GET \ https://gateway.1up.health/auth/realms/dev-portal/protocol/openid-connect/token \ -H 'Content-Type: application/x-www-form-urlencoded' \ -d client_id={your-id-here} \ -d client_secret={your-secret-here} \ -d grant_type=client_credentials \ -d 'scope=bulk-data|user/*.rs' - Copy the access_token from the successful response.