{"templateId":"markdown","sharedDataIds":{"sidebar":"sidebar-sidebars.yaml"},"props":{"metadata":{"markdoc":{"tagList":["partial"]},"type":"markdown"},"seo":{"title":"Client credentials and OAuth 2.0","llmstxt":{"hide":false,"sections":[{"title":"Table of contents","includeFiles":["**/*"],"excludeFiles":[]}],"excludeFiles":[]}},"dynamicMarkdocComponents":[],"compilationErrors":[],"ast":{"$$mdtype":"Tag","name":"article","attributes":{},"children":[{"$$mdtype":"Tag","name":"Heading","attributes":{"level":1,"id":"client-credentials-and-oauth-20","__idx":0},"children":["Client credentials and OAuth 2.0"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["1upHealth uses the OAuth 2.0 flow for users to authenticate to our FHIR servers. 1up provides a FHIR server (Patient Access) and a FHIR Bulk Export server (Provider Access & Payer-to-Payer)."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["For the OAuth 2.0 flow, you must have client credentials (",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["client_id"]}," and ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["client_secret"]},") from 1upHealth. You provide these codes to 1up as part of the authentication request to receive a ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["Bearer"]}," token, also known as a ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["access"]}," token. The ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["Bearer"]}," token is used for following requests."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["The method for obtaining client credentials depends on the API you want to use."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"patient-access","__idx":1},"children":["Patient Access"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["In addition to client credentials (",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["client_id"]}," and ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["client_secret"]},"), Patient Access requires a ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["code"]}," obtained by connecting to a demo health plan's auth application."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Review ",{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"/docs/patient-access/dev-implementation"},"children":["Info for third-party developers"]}," for instructions on obtaining the required parameters and requesting a Bearer token."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"provider-access","__idx":2},"children":["Provider Access"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["The required client credentials (",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["client_id"]}," and ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["client_secret"]}," codes) are obtained by registering an account in the ",{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"https://developer.console.1up.health/1up-dev-portal"},"children":["1up Dev Portal"]},"."]},{"$$mdtype":"Tag","name":"ol","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Register on the ",{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"https://developer.console.1up.health/1up-dev-portal"},"children":["1up Dev Portal"]},", complete email verification, and login."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Click ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Create a Client"]},"."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Select an ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Access Type"]},"."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Enter a Client Name."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Click ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Create"]},"."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["From Sandbox Clients, copy your new client's ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["client_id"]}," and ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["client_secret"]},"."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Use the ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["client_id"]}," and ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["client_secret"]}," in the request below:",{"$$mdtype":"Tag","name":"CodeBlock","attributes":{"data-language":"curl","header":{"controls":{"copy":{}}},"source":"curl -i -X GET \\\n    https://gateway.1up.health/auth/realms/dev-portal/protocol/openid-connect/token \\\n    -H 'Content-Type: application/x-www-form-urlencoded' \\\n    -d client_id={your-id-here} \\\n    -d client_secret={your-secret-here} \\\n    -d grant_type=client_credentials \\\n    -d 'scope=bulk-data|user/*.rs'\n","lang":"curl"},"children":[]}]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Copy the access_token from the successful response."]}]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"payer-to-payer-data-exchange","__idx":3},"children":["Payer-to-Payer Data Exchange"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["The required client credentials (",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["client_id"]}," and ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["client_secret"]}," codes) are obtained by registering an account in the ",{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"https://developer.console.1up.health/1up-dev-portal"},"children":["1up Dev Portal"]},"."]},{"$$mdtype":"Tag","name":"ol","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Register on the ",{"$$mdtype":"Tag","name":"MarkdownLink","attributes":{"href":"https://developer.console.1up.health/1up-dev-portal"},"children":["1up Dev Portal"]},", complete email verification, and login."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Click ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Create a Client"]},"."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Select an ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Access Type"]},"."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Enter a Client Name."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Click ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Create"]},"."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["From Sandbox Clients, copy your new client's ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["client_id"]}," and ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["client_secret"]},"."]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Use the ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["client_id"]}," and ",{"$$mdtype":"Tag","name":"code","attributes":{},"children":["client_secret"]}," in the request below:",{"$$mdtype":"Tag","name":"CodeBlock","attributes":{"data-language":"curl","header":{"controls":{"copy":{}}},"source":"curl -i -X GET \\\n    https://gateway.1up.health/auth/realms/dev-portal/protocol/openid-connect/token \\\n    -H 'Content-Type: application/x-www-form-urlencoded' \\\n    -d client_id={your-id-here} \\\n    -d client_secret={your-secret-here} \\\n    -d grant_type=client_credentials \\\n    -d 'scope=bulk-data|user/*.rs'\n","lang":"curl"},"children":[]}]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["Copy the access_token from the successful response."]}]}]},"headings":[{"value":"Client credentials and OAuth 2.0","id":"client-credentials-and-oauth-20","depth":1},{"value":"Patient Access","id":"patient-access","depth":2},{"value":"Provider Access","id":"provider-access","depth":2},{"value":"Payer-to-Payer Data Exchange","id":"payer-to-payer-data-exchange","depth":2}],"frontmatter":{"seo":{"title":"Client credentials and OAuth 2.0"}},"lastModified":"2026-05-18T18:54:14.000Z","pagePropGetterError":{"message":"","name":""}},"slug":"/docs/get-started/o-auth","userData":{"isAuthenticated":false,"teams":["anonymous"]},"isPublic":true}