athenahealth · Authentication Profile

Athena Health Authentication

Authentication

athenahealth secures its APIs with oauth2 across 2 declared security schemes, as derived from its OpenAPI definitions. OAuth 2.0 is offered via the authorizationCode and clientCredentials flow(s).

EHRElectronic Health RecordsHealthcareHL7FHIRInteroperabilityPractice ManagementRevenue Cycle ManagementUSCDICures ActSMART on FHIRCDS HooksCloud EHR
Methods: oauth2 Schemes: 2 OAuth flows: authorizationCode, clientCredentials API key in:

Security Schemes

oauth2 oauth2
· flows: clientCredentials, authorizationCode
backend oauth2
· flows: clientCredentials

Source

Authentication Profile

Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/athenahealth-athenaone-rest-api-openapi.yml, openapi/athenahealth-fhir-bulk-data-api-openapi.yml,
  openapi/athenahealth-fhir-r4-api-openapi.yml, openapi/athenahealth-fhir-subscriptions-api-openapi.yml
summary:
  types:
  - oauth2
  oauth2_flows:
  - authorizationCode
  - clientCredentials
schemes:
- name: oauth2
  type: oauth2
  flows:
  - flow: clientCredentials
    tokenUrl: https://api.platform.athenahealth.com/oauth2/v1/token
    scopes: 1
  - flow: authorizationCode
    authorizationUrl: https://api.platform.athenahealth.com/oauth2/v1/authorize
    tokenUrl: https://api.platform.athenahealth.com/oauth2/v1/token
    scopes: 1
  sources:
  - openapi/athenahealth-athenaone-rest-api-openapi.yml
  - openapi/athenahealth-fhir-r4-api-openapi.yml
- name: backend
  type: oauth2
  flows:
  - flow: clientCredentials
    tokenUrl: https://api.platform.athenahealth.com/oauth2/v1/token
    scopes: 1
  description: SMART Backend Services (JWT client assertion)
  sources:
  - openapi/athenahealth-fhir-bulk-data-api-openapi.yml
  - openapi/athenahealth-fhir-subscriptions-api-openapi.yml