Today we will begin connecting with DrChrono's APIs using Postman. Before we start let's make sure you download Postman here: https://www.postman.com/downloads/
Authorization
Let's begin by opening Postman and creating a collection. Navigate to the left-hand side of the page and select "Create Collection".
Once the collection is created and named, you should see tabs from the overview screen. Select "Authorization", choose the "Type" dropdown box and select "OAUTH 2.0", then scroll down to the "Configure New Token" section.
Under the "Configure New Token" section, please fill out the following:
| Token Name | This can be anything. EX: Token A |
| Grant Type | Leave as is |
| Callback URL | https://oauth.pstmn.io/v1/browser-callback |
| Auth URL | https://drchrono.com/o/authorize/ |
| Access Token URL | https://drchrono.com/o/token/ |
| Client ID | From the DrChrono API Page |
| Client Secret | From the DrChrono API Page |
| Scope | labs:read labs:write messages:read messages:write patients:read patients:write patients:summary:read patients:summary:write settings:read settings:write tasks:read tasks:write user:read user:write billing:patient-payment:read billing:patient-payment:write billing:read billing:write calendar:read calendar:write clinical:read clinical:write |
| State | Leave as is |
| Client Authentication |
Leave as is |
Once everything is filled, select the orange button at the bottom of the page "Get New Access Token".
You will be redirected to a prompt box to sign into DrChrono and then redirected to another screen to Authorize the connection...select "Authorize"
Congratulations! You received Access and Refresh Tokens. Select "Use Token" from Postman to set the access token to your collection.
First Request Call
Let's create your first DrChrono API Request Call. Add a request within your collection and let's call the following endpoint: https://app.drchrono.com/api/users/current
When adding a request, ensure that it is made inside your collection. We want to inherit the token we generated when making API calls.
Here is how the request appears in Postman:
Alternative Configuration:
Instead of creating a collection, you can configure a connection from the request level. To start, select the "New" or "+" button. If you select "New" you will be prompted to choose a specific method, select HTTP. If you select "+" icon, Postman will automatically create a new HTTP request.
From the new request, navigate to the Authorization tab and configure the new token. You can use the same details from above.
Once you are finished select "Get New Access Token" and you should be able to receive a new set of tokens to use. In that same instance, you can run any API resource from that request tab.
Refresh Method
Lastly, I would like to introduce the refresh token method. This will help automate the process of grabbing new access tokens. Our access token has an expiration date of 48 hours. Our refresh token does not have an expiration, the refresh token only invalidates if you go through the OAuth process again or utilize the /o/revoke_token endpoint.
Here is a Python snippet depicting the refresh method.
import requests
url = "https://drchrono.com/o/token/"
payload = 'client_id=1234&client_secret=1234&grant_type=refresh_token&refresh_token=1234'
headers = {
'Content-Type': 'application/x-www-form-urlencoded'
}
response = requests.request("POST", url, headers=headers, data=payload)
print(response.text)
Let's also take a look at this in Postman.
I hope this information was useful! If you have any questions please reach out to api@drchrono.com
References
https://app.drchrono.com/api-docs/#section/Introduction
https://app.drchrono.com/api-docs-old/v4/documentation#orevoke_token