athenahealth · OAuth Scopes
athenahealth OAuth Scopes
OAuth 2.0
derived
athenahealth publishes 11 OAuth 2.0 scopes via the clientCredentials and authorizationCode flows. Scopes are the fine-grained permissions an application requests at authorization time to act against the athenahealth API on a user’s behalf.
Tokens are issued from https://api.platform.athenahealth.com/oauth2/v1/token.
This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.
EHRElectronic Health RecordsHealthcareHL7FHIRInteroperabilityPractice ManagementRevenue Cycle ManagementUSCDICures ActSMART on FHIRCDS HooksCloud EHR
Scopes: 11
Flows: clientCredentials, authorizationCode
Method: derived
OAuth endpoints
Authorization URL
https://api.platform.athenahealth.com/oauth2/v1/authorize
https://api.platform.athenahealth.com/oauth2/v1/authorize
Token URL
https://api.platform.athenahealth.com/oauth2/v1/token
https://api.platform.athenahealth.com/oauth2/v1/token
Flows
clientCredentialsauthorizationCode
clientCredentialsauthorizationCode
Scopes (11)
| Scope | Description | Flows |
|---|---|---|
| athena/service/Athenanet.MDP.* | athenahealth MDP scope | authorizationCode, clientCredentials |
| fhirUser | Current FHIR user identity | authorizationCode |
| launch | SMART launch context | authorizationCode |
| launch/patient | Patient launch context | authorizationCode |
| offline_access | Issue refresh token | authorizationCode |
| openid | OpenID Connect | authorizationCode |
| patient/*.read | Read patient-scoped resources | authorizationCode |
| system/*.read | System-level read for Bulk Data | authorizationCode, clientCredentials |
| system/Subscription.read | Read Subscriptions | clientCredentials |
| system/Subscription.write | Manage Subscriptions | clientCredentials |
| user/*.read | Read user-scoped resources | authorizationCode |