Skip to content

Machine To Machine Communications

Sometimes, connecting users to establish trust between Lifen's APIs and the client doesn't make sense. For instance, when accessing the API from a backend service or process, there is no need for a user to interact with the system to authenticate. For these scenarios, machine to machine (M2M) communications can be used as a secure way to establish trust directly with the client.

Accessing Lifen's APIs in Machine To Machine involves obtaining an Access Token with the Client credentials grant flow of OAuth 2.0 from a back-end server. You can also find implementation details in the Connect API Reference and use any client library compliant with OAuth 2.0.

Get a token

A request to Lifen must be perfomed to generate an access token. In the request, the client has to provide his credentials and some configuration.

Here is a request example:

curl --request POST \
  --url '' \
  --data 'client_id=clientidclientidclientid' \
  --data 'client_secret=clientsecretclientsecret' \
  --data 'audience=https://post-prod.platform-apis/' \
  --data 'database_reference=KA5hEDzf73' \
  --data 'grant_type=client_credentials'

The following parameters are important:

  • client_id, which you obtain from your account manager

  • client_secret, which you obtain from your account manager

  • audience is the domain where your access token is available

  • database_reference which you obtain from your account manager, is the identifier connecting your application with a healthcare organization

  • grant_type allows you to request server to server Lifen's API

See the Connect API Reference for more details about all the parameters.

You will get an HTTP 200 response with a payload containing the access_token.

Perform an API call

The Access Token allows you to make requests to the API on the behalf of the client. Each request must include the Access Token in the Authorization header using the Bearer format.

Example :

curl -H "Authorization: Bearer $ACCESS_TOKEN"$endpoint