Comment on page

Auth Guide

Learn how to make authorized and authenticated calls to 1upHealth's APIs

Generating a New User Authorization Code
1upHealth utilizes the oAuth2 process which entails generating an authentication code and exchanging it for an access token. Generate the authentication code by requesting the user management api with the client_id, client_secret, oneup_user_id and/or app_user_id.
curl -X POST "https://api.1up.health/user-management/v1/user/auth-code" \
    -d "client_id=clientidclientidclientid" \
    -d "client_secret=clientsecretclientsecret" \
    -d "app_user_id=myappsuserid"
Sample Response:
{    
    "success": true,    
    "code": "75b74e18e1504fde865f40f4308317b2",    
    "oneup_user_id": 62198,    
    "app_user_id": "akuafo100",    
    "active": true
}
Getting an access token (valid for 2 hours)
Then use the generated authentication code to exchange for the access token, using the ‘client_id’, ‘client_secret’, ‘grant_type=token’, and ‘app_user_id’.
curl -X POST "https://auth.1up.health/oauth2/token" \
    -d "client_id=clientidclientidclientid" \
    -d "client_secret=clientsecretclientsecret" \
    -d "code=codecodecodecodecodecode" \
    -d "grant_type=authorization_code"
Sample Response:
{
    "access_token": "xxxxxxxxxx",
    "token_type": "Bearer",
    "expires_in": 7199,
    "refresh_token": "yyyyyyyyyy",
    "scope": "user/*.*"
}
You can test the access token by either authorizing data from a provider or creating a FHIR resource using the token. Following either step, call the Patient resource to retrieve data the data existing for this resource.
Making a FHIR Request
get
https://api.1up.health
/dstu2/Patient?query-param=queryvalue
Get Patient
Queries across all your users
You can make a request across all your users via client based authentication. This requires the client_id, client_secret, and the x-oneup-user-id headers. Rather than setting the x-oneup-user-id to an actual 1up user id, set the x-oneup-user-id string client and you can query all data for all your client's users.
curl -XGET 'https://api.1up.health/r4/Patient' \
    -H 'client_id: clientidclientidclientid' \
    -H 'client_secret: clientsecretclientsecret' \
    -H 'x-oneup-user-id: client'
This returns a valid FHIR response with data from all created users under this client.
{
  "resourceType": "Bundle",
  "type": "searchset",
  "total": 20800,
  "entry": [
    { ... },
    { ... },
    { ... },
  ]
}
​

Auth Reference

Next - APIs

User Management

Last modified 1yr ago