Client Credentials
The Medplum API uses standard OAuth2/OpenID authentication. The "Client Credentials Flow" is recommended for machine-to-machine access.
Obtaining Credentials
This tutorial assumes you already have a Medplum account. (If not, please register.)
Create a ClientApplication if one does not already exist. You can create a new ClientApplication on the Project Admin page.
For this example you will need the ID
and Secret
.
Connecting to the service
Execute an HTTP POST request to the OAuth2 Token endpoint:
Note: If you are hosting this on localhost, without editing the configuration file, the URL will be http://localhost:8103/oauth2/token
On success, the response will be a JSON object with the following properties:
{
"token_type": "Bearer",
"access_token": "<YOUR_AUTH_TOKEN>",
"expires_in": 3600
}
The value of "access_token" can then be used in future requests for authentication.
Alternatively, you can initiate the process in the Medplum Client by using the startClientLogin
convenience method.
For more details about OAuth2 Client Credentials Flow: