Orion Health · OAuth Scopes

Orion Health OAuth Scopes

OAuth 2.0 derived

Orion Health publishes 24 OAuth 2.0 scopes via the authorizationCode and clientCredentials flows. Scopes are the fine-grained permissions an application requests at authorization time to act against the Orion Health API on a user’s behalf.

Tokens are issued from https://auth.orionhealth.com/oauth2/token.

This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.

EHRFHIRHealth ITHealthcareHIEHL7IntegrationInteroperabilityPopulation Health
Scopes: 24 Flows: authorizationCode, clientCredentials Method: derived

OAuth endpoints

Authorization URL
https://auth.orionhealth.com/oauth2/authorize
Token URL
https://auth.orionhealth.com/oauth2/token
Flows
authorizationCodeclientCredentials

Scopes (24)

ScopeDescriptionFlows
fhirUser FHIR user identity authorizationCode
hie:audit-read Read audit logs clientCredentials
hie:consent-read Read consent directives clientCredentials
hie:consent-write Manage consent directives clientCredentials
hie:document-read Retrieve documents clientCredentials
hie:document-write Submit documents clientCredentials
hie:notification-manage Manage notification subscriptions clientCredentials
hie:notification-read Read notifications clientCredentials
hie:patient-query Query patient identity clientCredentials
hie:provider-read Query provider directory clientCredentials
launch Launch context authorizationCode
openid OpenID Connect authorizationCode
patient/*.read Read access to all patient data authorizationCode
patient/*.write Write access to all patient data authorizationCode
patient/Condition.read Read access to Condition resources authorizationCode
patient/MedicationRequest.read Read access to MedicationRequest resources authorizationCode
patient/Observation.read Read access to Observation resources authorizationCode
patient/Patient.read Read access to Patient resources authorizationCode
population-health:admin Administrative access clientCredentials
population-health:read Read population health data clientCredentials
population-health:write Write population health data clientCredentials
rhapsody:admin Administrative access clientCredentials
rhapsody:read Read access to Rhapsody engine clientCredentials
rhapsody:write Write access to Rhapsody engine clientCredentials

Source

OAuth Scopes

orion-scopes.yml Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/orion-fhir-openapi.yml, openapi/orion-hie-openapi.yml, openapi/orion-population-health-openapi.yml,
  openapi/orion-rhapsody-openapi.yml
schemes:
- name: oauth2
  source: openapi/orion-fhir-openapi.yml
  flows:
  - flow: authorizationCode
    authorizationUrl: https://auth.orionhealth.com/oauth2/authorize
    tokenUrl: https://auth.orionhealth.com/oauth2/token
  description: OAuth 2.0 authorization using SMART on FHIR
- name: oauth2
  source: openapi/orion-hie-openapi.yml
  flows:
  - flow: clientCredentials
    tokenUrl: https://auth.orionhealth.com/oauth2/token
- name: oauth2
  source: openapi/orion-population-health-openapi.yml
  flows:
  - flow: clientCredentials
    tokenUrl: https://auth.orionhealth.com/oauth2/token
- name: oauth2
  source: openapi/orion-rhapsody-openapi.yml
  flows:
  - flow: clientCredentials
    tokenUrl: https://auth.orionhealth.com/oauth2/token
scopes:
- scope: fhirUser
  description: FHIR user identity
  flows:
  - authorizationCode
  sources:
  - openapi/orion-fhir-openapi.yml
- scope: hie:audit-read
  description: Read audit logs
  flows:
  - clientCredentials
  sources:
  - openapi/orion-hie-openapi.yml
- scope: hie:consent-read
  description: Read consent directives
  flows:
  - clientCredentials
  sources:
  - openapi/orion-hie-openapi.yml
- scope: hie:consent-write
  description: Manage consent directives
  flows:
  - clientCredentials
  sources:
  - openapi/orion-hie-openapi.yml
- scope: hie:document-read
  description: Retrieve documents
  flows:
  - clientCredentials
  sources:
  - openapi/orion-hie-openapi.yml
- scope: hie:document-write
  description: Submit documents
  flows:
  - clientCredentials
  sources:
  - openapi/orion-hie-openapi.yml
- scope: hie:notification-manage
  description: Manage notification subscriptions
  flows:
  - clientCredentials
  sources:
  - openapi/orion-hie-openapi.yml
- scope: hie:notification-read
  description: Read notifications
  flows:
  - clientCredentials
  sources:
  - openapi/orion-hie-openapi.yml
- scope: hie:patient-query
  description: Query patient identity
  flows:
  - clientCredentials
  sources:
  - openapi/orion-hie-openapi.yml
- scope: hie:provider-read
  description: Query provider directory
  flows:
  - clientCredentials
  sources:
  - openapi/orion-hie-openapi.yml
- scope: launch
  description: Launch context
  flows:
  - authorizationCode
  sources:
  - openapi/orion-fhir-openapi.yml
- scope: openid
  description: OpenID Connect
  flows:
  - authorizationCode
  sources:
  - openapi/orion-fhir-openapi.yml
- scope: patient/*.read
  description: Read access to all patient data
  flows:
  - authorizationCode
  sources:
  - openapi/orion-fhir-openapi.yml
- scope: patient/*.write
  description: Write access to all patient data
  flows:
  - authorizationCode
  sources:
  - openapi/orion-fhir-openapi.yml
- scope: patient/Condition.read
  description: Read access to Condition resources
  flows:
  - authorizationCode
  sources:
  - openapi/orion-fhir-openapi.yml
- scope: patient/MedicationRequest.read
  description: Read access to MedicationRequest resources
  flows:
  - authorizationCode
  sources:
  - openapi/orion-fhir-openapi.yml
- scope: patient/Observation.read
  description: Read access to Observation resources
  flows:
  - authorizationCode
  sources:
  - openapi/orion-fhir-openapi.yml
- scope: patient/Patient.read
  description: Read access to Patient resources
  flows:
  - authorizationCode
  sources:
  - openapi/orion-fhir-openapi.yml
- scope: population-health:admin
  description: Administrative access
  flows:
  - clientCredentials
  sources:
  - openapi/orion-population-health-openapi.yml
- scope: population-health:read
  description: Read population health data
  flows:
  - clientCredentials
  sources:
  - openapi/orion-population-health-openapi.yml
- scope: population-health:write
  description: Write population health data
  flows:
  - clientCredentials
  sources:
  - openapi/orion-population-health-openapi.yml
- scope: rhapsody:admin
  description: Administrative access
  flows:
  - clientCredentials
  sources:
  - openapi/orion-rhapsody-openapi.yml
- scope: rhapsody:read
  description: Read access to Rhapsody engine
  flows:
  - clientCredentials
  sources:
  - openapi/orion-rhapsody-openapi.yml
- scope: rhapsody:write
  description: Write access to Rhapsody engine
  flows:
  - clientCredentials
  sources:
  - openapi/orion-rhapsody-openapi.yml