Machine To Machine Communications¶
Sometimes, connecting users to establish trust between Lifen's APIs and the client doesn't make sense. For instance, when accessing the API from a backend service or process, there is no need for a user to interact with the system to authenticate. For these scenarios, machine to machine (M2M) communications can be used as a secure way to establish trust directly with the client.
Accessing Lifen's APIs in Machine To Machine involves obtaining an Access Token with the Client credentials grant flow of OAuth 2.0 from a back-end server. You can also find implementation details in the Connect API Reference and use any client library compliant with OAuth 2.0.
Get a token¶
A request to Lifen must be perfomed to generate an access token. In the request, the client has to provide his credentials and some configuration.
Here is a request example:
curl --request POST \ --url 'https://login.lifen.fr/oauth/token' \ --data 'client_id=clientidclientidclientid' \ --data 'client_secret=clientsecretclientsecret' \ --data 'audience=https://post-prod.platform-apis/' \ --data 'database_reference=KA5hEDzf73' \ --data 'grant_type=client_credentials'
The following parameters are important:
client_id, which you obtain from your account manager
client_secret, which you obtain from your account manager
audienceis the domain where your access token is available
database_referencewhich you obtain from your account manager, is the identifier connecting your application with a healthcare organization
grant_typeallows you to request server to server Lifen's API
See the Connect API Reference for more details about all the parameters.
You will get an HTTP 200 response with a payload containing the
Perform an API call¶
The Access Token allows you to make requests to the API on the behalf of the client. Each request must include the Access Token in the Authorization header using the Bearer format.
curl -H "Authorization: Bearer $ACCESS_TOKEN" https://api.lifen.fr/$endpoint