You can authenticate Redox Data Model API requests with legacy API keys.
- A user must be assigned to an engineer role to authenticate API keys. Learn about user roles.
- Have an existing API source. This is a prerequisite because sources and legacy API keys are tied 1:1. If you don’t have one yet, learn how to create an API source.
- Have a subscription with a source, destination, and data model to send a Redox Data Model API request. Talk to your Technical Account Manager if you need a subscription. For beta users, learn how to create a subscription.Not supported with the Redox FHIR API
- Log in to the Redox dashboard.
- From the navigation menu, click the Developer page.
- The Sources tab opens with any configured sources. In the table, find and click the row of the API source you want to send the request from.
- The Details pages opens. Under the Authentication section, copy the legacy API key ID value.
- You have two options to get the secret value:
- Use the existing secret value that you stored securely when you created the source. Learn how to set up sources.
- Generate a new secret value.
- If you didn't generate or store the secret value when you created the source, click the Edit button under the Authentication section.
- Click the Reset secret button.
- A confirmation modal appears. Click the Reset button.
- Copy the new secret value and store it securely.
- Click the Save button.
![A user follows the instructions to generate a new secret value in the Redox dashboard. A user follows the instructions to generate a new secret value in the Redox dashboard.]()
Generate a new secret value
- Send an authentication request:Example: Request for generating an access tokenbash
- You receive the following response:Example: Response for generating an access tokenjson
- Use the following values from the authentication response:
- accessToken: Use this value in the authorization header to initiate an API request.
- expires: Contains the exact date and time that your access token expires. Access tokens expire 24 hours after retrieval.401 error code
- refreshToken: Use this value to retrieve a new access token after the initial one expires. See the details for refreshing your token at the end of this article.
After successfully authenticating, you can initiate API requests from your API source to the verified destination(s) in your subscription.
The Data Model API relies on OAuth 2.0 Bearer to authenticate requests. All API requests must contain an Authorization header with a valid access token in the following format: Authorization: Bearer [your-accessToken].
Header | Value | Description |
|---|---|---|
Authentication | Bearer `your-authToken` | The token that authenticates your request. This header is required. |
Content-Type | application/json | The value that identifies the type of API call. |
Every Data Model API request must contain these body parameters.
Parameter | Type | Description |
|---|---|---|
Meta.DataModel | String | The data model corresponding to the type of data you're sending or requesting. |
Meta.EventType | String | The event type of the data model that you're sending or requesting. Learn more about event types. |
Meta.Source.ID | String | The identifier for the source sending the outgoing request. This parameter is required if you have more than one legacy API key. Learn more about identifying a source. |
Meta.Destinations[].ID | String array | Objects with ID value(s) of the endpoint(s) you're sending data to or the endpoint you're requesting data from. |
A request should generally look like this:
For test requests, send to https://api.redoxengine.com/endpoint. Learn how to send test messages.
You can use the refresh token returned from the most recent authentication request to retrieve a new access token via the refresh token endpoint:
The object returned for a successful response is the same as that for the original access token retrieval request noted above.
