Generate an API Token

📘

BEARER TOKEN LIFESPAN

The lifespan of a Bearer token is one hour (3600 seconds) for both sandbox and production environments.

We recommend automating transactions to use the tokens generated over the token lifespan. Obtaining tokens for each transaction is less efficient and does not improve the security criteria for any transactions.

Bearer token request header

Content-Type: application/json
Authorization: Bearer <Your-Access-Token>

Bearer token request

```
curl -X POST \
  '**https://apigw.changehealthcare.com/apip/auth/v2/token/**' \
  -H 'Content-Type: application/json' \
  -d '{
  "client_id": "<Your-ClientId>",
  "client_secret": "<Your-ClientSecret>",
  "grant_type": "client_credentials"
}'
```

Bearer token request example

```cURL
curl -X POST \
    https://sandbox.apigw.changehealthcare.com/apip/auth/v2/token \\
    -H 'Content-Type: application/x-www-form-urlencoded' \\
    -d 'client_id=hghjhgjtgjtgjhhhjasdfhghjhgj\&client_secret=asdfdfjsdhfjhsdhf\&grant_type=client_credentials'
```

Bearer token request body

When you use an API client, such as a Postman tool, the JSON body for the request
must appear as follows:

```json
{
    "client_id": "hghjhgjtgjtgjhhhjasdfhghjhgj",
    "client_secret": "asdfdfjsdhfjhsdhf",
    "grant_type": "client_credentials"
}
```

Bearer token response

To test API in your sandbox, use your client_id and client_secret to get your token. If you do not have your credentials, reach out to your account manager or contact in Optum.

```json
{
    "access_token":
    "eyJraWQiOiIxIiwidHlwIjoiSldUIiwiYWxnIjoiUlMyNTYifQ.eyJhY2Nlc3NfdG9rZW4iOiJkc1JvRTMzSFYzbnpkYjh3ak1hWWtFUmY4VVF5IiwiYXVkIjoiYXBpUGxhdGZvcm0iLCJuYmYiOjE2MTA0OTMxMTAsImFwaV9wcm9kdWN0X2xpc3QiOlsiTU5fUHJvZHVjdF9DbGFpbVN0YXR1c192MiIsIk1OX1Byb2R1Y3RfRWxpZ2liaWxpdHlfdjMiLCJNTl9Qcm9kdWN0X1Byb2Zlc3Npb25hbENsYWltc192MyIsIlRQX1Byb2R1Y3RfVHJhZGluZ1BhcnRuZXJzX3Y3IiwiTU5fUHJvZHVjdF9SZXBvcnRzX3YxIiwiTU5fUHJvZHVjdF9BdHRhY2htZW50c192MSIsIk1OX1Byb2R1Y3RfSW5zdGl0dXRpb25hbENsYWltc192MSIsIk1OX1Byb2R1Y3RfUERfQ2xhaW1zU3RhdHVzX3YxIiwiTU5fUHJvZHVjdF9QRF9DbGFpbXNfdjEiLCJNTl9Qcm9kdWN0X1BEX0VsaWdpYmlsaXR5X3YxIiwiVFBfUHJvZHVjdF9UcmFkaW5nUGFydG5lciJdLCJhcHBsaWNhdGlvbl9uYW1lIjoiSU5fQVBJUF9NTl9DSENfVGVzdEFwcCIsImRldmVsb3Blcl9lbWFpbCI6ImNkcHRlYW1AY2hhbmdlaGVhbHRoY2FyZS5jb20iLCJpc3MiOiJodHRwczovL3NhbmRib3guYXBpcy5jaGFuZ2VoZWFsdGhjYXJlLmNvbSIsImV4cCI6MTYxMDQ5NjcxMCwiaWF0IjoxNjEwNDkzMTEwLCJqdGkiOiJjNjQ4ODBjMC1hZDFhLTQ1NzEtOGJjYi02YmI2NGQ1YWRlYTgifQ.t8YPbCuyn_CNXmMIwlIL0y14j-RqO1VsHSkahtXZrf5uURZ0grU_oDepwNeRKf2Sr8norTSEsKvjPSFHaKxb_U7yQ2g9UnyH5PA1X63-Lj5v8h38BdUk19p2GQBJSzmGPEyazvYoCCxSGZ68RN9kZb_WrQWObsrMyb1JFN_zeWa2j3YGgbBglZNO_Wt1Ty6ZQrDWcxeVMlbIRMDAKYBUrmmTTsIpHrol-5YzyYgZVBpO-Hxz_otD4t-_DRx5_cxLl4tG1qi7i2Ddb65eO3XxQU-Ibzb9bAT4HXIR3Ab735cTJMBlK9jCfDc0DDCBkpGAHwJV5rj0zOEitC1xciLt3g",

    "token_type": "bearer",
    "expires_in": 3600
}
```

📘

NOTE

When you are ready to move from sandbox to production, replace the sandbox authorization URL with the production URL:

https://apigw.changehealthcare.com/apip/auth/v2/token

Production API credentials

You will need a separate set of credentials for the production APIs. For more information, see API Onboarding.

You can use your bearer token to call all your contracted Optum APIs with these HTTP headers:

  • Content-Type: application/json
  • Authorization: Bearer

Legacy Authorization

For more information about the legacy Authorization APIs implementation: