Run Aidbox locallyRun Aidbox in SandboxTalk to us Ask community

Authentication Tutorial

Basic Auth

The simplest way to interact with Aidbox API from your confidential (backend) code is a Basic Auth

To start you have to register in Aidbox Auth Client with secret and basic flow enabled in this form:

Auth Client form
PUT Client/basic

Let's create AccessPolicy for this Client

PUT AcessPolicy/basic-policy
GET /Patient

Client Credentials Flow

Client get access by OAuth 2.0 Client Credentials flow

To start you have to register in Aidbox OAuth Client with secret and client_credentials flow enabled

OAuth Client form

Before you start - create a Client

And policy for this client

When you have a token!

Now using this access token we can query Aidbox

Resource Owner Flow

This flow works for mobile and desktop apps.

Before you start - create a Client and User

When you have a token!

Now using this access token we can query Aidbox

Authorization Code Flown

This flow works for web and single page apps

Before you start - create a Client and User

Now we have to go to authorize endpoint to get code

/auth/authorize?client_id=web-app&response_type=code

When you have a token!

Now using this access token we can query Aidbox

Implicit Flow

This flow works for single page apps. Before you start - create a Client

Now we have to go to authorize endpoint to get code

/auth/authorize?client_id=web-app&response_type=code

When you have a token!

Now using this access token we can query Aidbox

JWT Auth

If you use external server, which provides you with JWT access token - you can configure Aidbox to trust this JWT token and act as Resource Server

You can use for example this app to generate test JWT__

First of all you have to register TokenIntrospector in Aidbox

SMART on FHIR Flow

When you have a token!

Now using this access token we can query Aidbox

PreviousSecurity & Access ControlNextCreating user & set up full user access

Last updated

Was this helpful?

#2416:

Change request updated