Guides
Developer Portal (sandbox)Developer Portal (production)Lifen Platform status
These docs are for v2. Click to read the latest docs for v3.

Machine To Machine Communications v2

Suggest Edits

Sometimes, Connect Users v2 to establish trust between Lifen's APIs and the client doesn't make sense. For instance, when accessing the API from a backend service or process, there is no need for a user to interact with the system to authenticate. For these scenarios, machine to machine (M2M) communications can be used as a secure way to establish trust directly with the client.

Accessing Lifen's APIs in Machine To Machine involves obtaining an Access Token with the Client credentials grant flow of OAuth 2.0 from a back-end server. You can also find implementation details in the Machine To Machine Communications v2 and use any client library compliant with OAuth 2.0.

Get a token

A request to Lifen must be perfomed to generate an access token. In the request, the client has to provide his credentials and some configuration.

Here is a request example:

curl --request POST \
  --url 'https://login.lifen.fr/oauth/token' \
  --data 'client_id=clientidclientidclientid' \
  --data 'client_secret=clientsecretclientsecret' \
  --data 'audience=https://post-prod.platform-apis/' \
  --data 'database_reference=KA5hEDzf73' \
  --data 'grant_type=client_credentials'

The following parameters are important:

  • client_id, which you obtain from your account manager

  • client_secret, which you obtain from your account manager

  • audience is the domain where your access token is available

  • database_reference which you obtain from your account manager, is the identifier connecting your application with a healthcare organization

  • grant_type allows you to request server to server Lifen's API

See the Machine To Machine Communications v2 for more details about all the parameters.

You will get an HTTP 200 response with a payload containing the access_token.

Perform an API call

The Access Token allows you to make requests to the API on the behalf of the client. Each request must include the Access Token in
the Authorization header using the Bearer format.

Example :

curl -H "Authorization: Bearer $ACCESS_TOKEN" https://api.lifen.fr/fhir/v2/$endpoint

Updated about 2 years ago