Cigna · OAuth Scopes

Cigna OAuth Scopes

OAuth 2.0 derived

Cigna publishes 6 OAuth 2.0 scopes via the authorizationCode and clientCredentials flows. Scopes are the fine-grained permissions an application requests at authorization time to act against the Cigna API on a user’s behalf.

Tokens are issued from https://r-hi2.cigna.com/mga/sps/oauth/oauth20/token.

This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.

CMS InteroperabilityDa VinciDrug FormularyFHIRHealth InsuranceHealthcarePatient AccessProvider DirectorySMART on FHIRFortune 100
Scopes: 6 Flows: authorizationCode, clientCredentials Method: derived

OAuth endpoints

Authorization URL
https://r-hi2.cigna.com/mga/sps/oauth/oauth20/authorize
Token URL
https://r-hi2.cigna.com/mga/sps/oauth/oauth20/token
Flows
authorizationCodeclientCredentials

Scopes (6)

ScopeDescriptionFlows
fhirUser Receive the user resource identifier authorizationCode
launch/patient Launch in patient context authorizationCode
offline_access Receive a refresh token authorizationCode
openid Receive an OpenID Connect identity token authorizationCode
patient/*.read Read all patient-context FHIR resources authorizationCode
system/*.read System-level read access to FHIR resources clientCredentials

Source

OAuth Scopes

cigna-scopes.yml Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/cigna-patient-access-api-openapi.yml, openapi/cigna-provider-access-api-openapi.yml
schemes:
- name: smartOnFhir
  source: openapi/cigna-patient-access-api-openapi.yml
  flows:
  - flow: authorizationCode
    authorizationUrl: https://r-hi2.cigna.com/mga/sps/oauth/oauth20/authorize
    tokenUrl: https://r-hi2.cigna.com/mga/sps/oauth/oauth20/token
  description: SMART on FHIR authorization with patient-context launch
- name: bulkData
  source: openapi/cigna-provider-access-api-openapi.yml
  flows:
  - flow: clientCredentials
    tokenUrl: https://r-hi2.cigna.com/mga/sps/oauth/oauth20/token
  description: SMART Backend Services authorization for bulk FHIR export
scopes:
- scope: fhirUser
  description: Receive the user resource identifier
  flows:
  - authorizationCode
  sources:
  - openapi/cigna-patient-access-api-openapi.yml
- scope: launch/patient
  description: Launch in patient context
  flows:
  - authorizationCode
  sources:
  - openapi/cigna-patient-access-api-openapi.yml
- scope: offline_access
  description: Receive a refresh token
  flows:
  - authorizationCode
  sources:
  - openapi/cigna-patient-access-api-openapi.yml
- scope: openid
  description: Receive an OpenID Connect identity token
  flows:
  - authorizationCode
  sources:
  - openapi/cigna-patient-access-api-openapi.yml
- scope: patient/*.read
  description: Read all patient-context FHIR resources
  flows:
  - authorizationCode
  sources:
  - openapi/cigna-patient-access-api-openapi.yml
- scope: system/*.read
  description: System-level read access to FHIR resources
  flows:
  - clientCredentials
  sources:
  - openapi/cigna-provider-access-api-openapi.yml