Auth Documentation for Lotus AI API

Application Programming Interfaces [APIs] for healthcare interoperability.

The auth API is used to authenticate users and generate tokens for access to the medplum server.

/api/auth/token

Receives a client_id and secret and returns an auth token

Expected format:

Headers:
  client_id [string]
  client_secret [string]
  scope [string]
Method: POST

Requests a token from the medplum server and forwards the information to the requester.

Sample response:

{
    "url": "/api/auth/token",
    "status": 200,
    "token_type": "Bearer",
    "expires_in": 3600,
    "scope": "openid",
    "id_token": "xxxx",
    "access_token": "xxx",
    "project": {
        "reference": "Project/xxxx",
        "display": "Local Practice"
    },
    "profile": {
        "reference": "ClientApplication/xxx",
        "display": "Local Practice Default Client"
    },
    "need_patient_banner": false
}

/api/auth/userinfo

Receives a token and returns information about the user profile if logged in

Expected format:

Headers:
  token [string]
Method: POST

Gets the profile information for the access token

Sample response:

{
    "url": "/api/auth/userinfo",
    "status": 200,
    "message": "logged in",
    "sub": "xx-xxx"
}