How It Works
Figure 5-1 Access Token Process
- Client application or user authenticates with the OAuth Server (at say, the /ms_oauth/oauth2/endpoints/tokens endpoint) using the client ID and secret. The client ID and secret would have been obtained at the time of registering the OAuth client with OAuth Server.
- OAuth Server validates the client ID and secret.
- OAuth Server responds with an Access Token.
- Client application or user uses the Access Token to call an HDR FHIR API.
- HDR FHIR server intercepts the request and validates the Access Token.
- HDR FHIR API responds with requested data.