Aidbox
Search…
⌃K

Authentication Tutorial

Basic Auth

The simplest way to interact with Aidbox API from your confidential (backend) code is a Basic Auth
To start you have to register in Aidbox Auth Client with secret and basic flow enabled in this form:
Auth Client form
PUT Client/basic
Let's create AccessPolicy for this Client
PUT AcessPolicy/basic-policy
GET /Patient

Client Credentials Flow

Client get access by OAuth 2.0 Client Credentials flow
To start you have to register in Aidbox OAuth Client with secret and client_credentials flow enabled
OAuth Client form
Before you start - create a Client
And policy for this client

When you have a token!

Now using this access token we can query Aidbox

Resource Owner Flow

This flow works for mobile and desktop apps.
Before you start - create a Client and User

When you have a token!

Now using this access token we can query Aidbox

Authorization Code Flown

This flow works for web and single page apps
Before you start - create a Client and User
Now we have to go to authorize endpoint to get code
/auth/authorize?client_id=web-app&response_type=code

When you have a token!

Now using this access token we can query Aidbox

Implicit Flow

This flow works for single page apps. Before you start - create a Client
Now we have to go to authorize endpoint to get code
/auth/authorize?client_id=web-app&response_type=code

When you have a token!

Now using this access token we can query Aidbox

JWT Auth

If you use external server, which provides you with JWT access token - you can configure Aidbox to trust this JWT token and act as Resource Server
You can use for example this app to generate test JWT__
First of all you have to register TokenIntrospector in Aidbox

SMART on FHIR Flow

When you have a token!

Now using this access token we can query Aidbox