Orion Health · OAuth Scopes
Orion Health OAuth Scopes
OAuth 2.0
derived
Orion Health publishes 24 OAuth 2.0 scopes via the authorizationCode and clientCredentials flows. Scopes are the fine-grained permissions an application requests at authorization time to act against the Orion Health API on a user’s behalf.
Tokens are issued from https://auth.orionhealth.com/oauth2/token.
This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.
EHRFHIRHealth ITHealthcareHIEHL7IntegrationInteroperabilityPopulation Health
Scopes: 24
Flows: authorizationCode, clientCredentials
Method: derived
OAuth endpoints
Authorization URL
https://auth.orionhealth.com/oauth2/authorize
https://auth.orionhealth.com/oauth2/authorize
Token URL
https://auth.orionhealth.com/oauth2/token
https://auth.orionhealth.com/oauth2/token
Flows
authorizationCodeclientCredentials
authorizationCodeclientCredentials
Scopes (24)
| Scope | Description | Flows |
|---|---|---|
| fhirUser | FHIR user identity | authorizationCode |
| hie:audit-read | Read audit logs | clientCredentials |
| hie:consent-read | Read consent directives | clientCredentials |
| hie:consent-write | Manage consent directives | clientCredentials |
| hie:document-read | Retrieve documents | clientCredentials |
| hie:document-write | Submit documents | clientCredentials |
| hie:notification-manage | Manage notification subscriptions | clientCredentials |
| hie:notification-read | Read notifications | clientCredentials |
| hie:patient-query | Query patient identity | clientCredentials |
| hie:provider-read | Query provider directory | clientCredentials |
| launch | Launch context | authorizationCode |
| openid | OpenID Connect | authorizationCode |
| patient/*.read | Read access to all patient data | authorizationCode |
| patient/*.write | Write access to all patient data | authorizationCode |
| patient/Condition.read | Read access to Condition resources | authorizationCode |
| patient/MedicationRequest.read | Read access to MedicationRequest resources | authorizationCode |
| patient/Observation.read | Read access to Observation resources | authorizationCode |
| patient/Patient.read | Read access to Patient resources | authorizationCode |
| population-health:admin | Administrative access | clientCredentials |
| population-health:read | Read population health data | clientCredentials |
| population-health:write | Write population health data | clientCredentials |
| rhapsody:admin | Administrative access | clientCredentials |
| rhapsody:read | Read access to Rhapsody engine | clientCredentials |
| rhapsody:write | Write access to Rhapsody engine | clientCredentials |