...
The objective is to manage User authentication directly from the FHIR module. The JWT authentication mechanism is used. FHIR module is using the authentication services so the token can be used in both FHIR REST API and GraphQL queries.
FHIR REST API Login endpoint
| Code Block | ||
|---|---|---|
| ||
POST /api_fhir_r4/login Request body: { "username": [username], "password": [password] } HTTP 200 Response body: { "token": [token] "exp": [expire_date] } HTTP 401 Response if credentials are not valid |
FHIR REST API Authentication header
All other FHIR R4 requests should contain the Authentication header with the Bearer token.
| Code Block |
|---|
Authentication: Bearer [token]
HTTP 401 Response when:
if Authentication header is missing
if Bearer prefix is missing
if error on decoding Authentication header
if token is expired |
FHIR Authorisation
Related pages:
...