Like other RESTful APIs, the MediRoutes API uses JWT to handle authentication and authorization with refresh tokens.
How to Obtain a Bearer Token
Once the MediRoutes Team grants you access to the MediRoutes API, you can obtain a bearer token which can be used to hit all other API endpoints.
A. Authorization Grant: Using a client (or Swagger/Postman for testing), POST to the https://api.mediroutes.com/token endpoint to obtain access and refresh tokens using your MediRoutes Username and Password:
- grant_type = “password”
- username =
- password =
B. MediRoutes returns Access token & Refresh token
C. Send Access token in request header as a bearer token for all other API endpoints
D. MediRoutes returns requested Resources
E. Once an Access Token expires,
F. An Invalid Token Error (401 Unauthorized Error) will be returned
G. a Refresh Token must be used to obtain new access token
Please Note: Access tokens expire after 24 hours and will require use of a refresh token.
Request
| POST | {root_url}/token |
|---|
| Parameter | Type | Description | Notes |
|---|---|---|---|
| grant_type | string | type in the string "password" | REQUIRED |
| username | string | MediRoutes username | REQUIRED |
| password | string | MediRoutes password | REQUIRED |
Expected Response Codes
| Code | Description |
|---|---|
| 200 | Request was successful; Access and Refresh tokens returned. |
| 401 | Request was unsuccessful; Username, Password and/or Grant Type incorrect. (grant_type value is equal to the string "password") |
| 500 | Unknown error; Contact MediRoutes. |
Expected Response Body
| Parameter | Type | Description |
|---|---|---|
| access_token | string | |
| token_type | string | bearer |
| expires_in | int | 1 day = 24 hours = 86400 seconds |
| refresh_token | string | |
| userName | string | MediRoutes username |
| .issued | string | UTC date / time that token was issued |
| .expires | string | UTC date / time that token was issued |
Sample 200 Response Body - Token Endpoint
{
"access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI3ZDUyMmNiMS1iZDYxLTQzZDctOWY3OS04MzgyM...",
"token_type": "Bearer",
"expires_in": 86400,
"refresh_token": "CfDJ8EMw3GMoAG1Khpbl5wMJxvmsmeu553OU7whkKzFLC3h0ote-3NzDlA_I7PIqGnPn4UnmP6pZ8cS3...",
"userName": "[email protected]",
".issued": "Mon, 08 Jun 2020 17:17:55 GMT",
".expires": "Tue, 09 Jun 2020 17:17:55 GMT"
}