This API is used by the CCP API team to configure a higher environment and manage new and existing client data sources.
Authorization via OAuth2
Access to Change Healthcare APIs is controlled via OAuth2 using the client credentials grant. This is a secure authorization workflow that allows consumers to obtain a short-lived (one hour) access token that must be transmitted with subsequent API requests.
To obtain a token, consumers first need a client_id and client_secret, credentials provided during the customer onboarding process. To request access credentials, please use the 'Contact Us' link to contact the Product Manager of a specific API.
Obtaining an access token
The following documentation describes how to get an access token in a particular environment. Note that Your-ClientId and Your-ClientSecret should be replaced with a valid set of credentials. Also, note that the URL is environment-specific and may need to be modified according to the target environment.
curl -X POST \
https://${EDGE_HOSTNAME}${api_basepath} \
-H 'Content-Type: application/x-www-form-urlencoded' \
-d 'client_id=<Your-ClientId>&client_secret=<Your-ClientSecret>&grant_type=client_credentials'
A successful call to this API will return a new access_token, which can be used to authorize subsequent calls to other APIs on the platform. By default, the access_token will be valid for one hour from the time of its issuance.
Example response:
{
"access_token": "eyJraWQiOiIxIiwidHlwIjoiSldUIiwiYW...",
"token_type": "bearer",
"expires_in": 3600
}
The access token returned in the above response can be used to access APIs on this platform that is secured via the standard Authorization implementation. Calls to these APIs must include the following headers:
Content-Type: application/json
Authorization: Bearer <Your-Access-Token>