Cigna · Authentication Profile

Cigna Authentication

Authentication

Cigna secures its APIs with oauth2 across 2 declared security schemes, as derived from its OpenAPI definitions. OAuth 2.0 is offered via the authorizationCode and clientCredentials flow(s).

CMS InteroperabilityDa VinciDrug FormularyFHIRHealth InsuranceHealthcarePatient AccessProvider DirectorySMART on FHIRFortune 100
Methods: oauth2 Schemes: 2 OAuth flows: authorizationCode, clientCredentials API key in:

Security Schemes

smartOnFhir oauth2
· flows: authorizationCode
bulkData oauth2
· flows: clientCredentials

Source

Authentication Profile

Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/cigna-patient-access-api-openapi.yml, openapi/cigna-provider-access-api-openapi.yml
summary:
  types:
  - oauth2
  oauth2_flows:
  - authorizationCode
  - clientCredentials
schemes:
- name: smartOnFhir
  type: oauth2
  flows:
  - flow: authorizationCode
    authorizationUrl: https://r-hi2.cigna.com/mga/sps/oauth/oauth20/authorize
    tokenUrl: https://r-hi2.cigna.com/mga/sps/oauth/oauth20/token
    scopes: 5
  description: SMART on FHIR authorization with patient-context launch
  sources:
  - openapi/cigna-patient-access-api-openapi.yml
- name: bulkData
  type: oauth2
  flows:
  - flow: clientCredentials
    tokenUrl: https://r-hi2.cigna.com/mga/sps/oauth/oauth20/token
    scopes: 1
  description: SMART Backend Services authorization for bulk FHIR export
  sources:
  - openapi/cigna-provider-access-api-openapi.yml