Put your health front and center with iHealth mobile products

Registration & Authorization

1.1 The protocol of URL for the authorization request

1.1.1 The sent request

The definition of the sent request

Parameters	Description
client_id	The ID for the client request
response_type	The type of request, code is required
redirect_uri	That your redirect URI's host and path MUST match exactly (including trailing slashes) to your registered redirect_uri. You may also include additional query parameters in the supplied redirect_uri, if you need to vary your behavior dynamically.
APIName	The content of the request, they separated by a single space

The sample of the sent request
https://api.ihealthlabs.com:8443/api/OAuthv2/userauthorization.ashx?client_id=4cdeb7844e*****&response_type=code&redirect_uri=http%3a%2f%2f+yourcallback.com%2f%3fthis%3dthat&APIName=OpenApiBP

1.1.2 The returned value

The definition of the returned value

Parameters	Description
code	The key returned by authentication and authorization, for the request of AccessToken

The sample of the returned value
https://www.example.net?code=ZgrQu7bKfw7eXMqmjVSxgkLYBEG7NWb0E36Jq4p9SrZ Gb4LH0a2hBH5GjcEgCknH

1.2 Sending code and requesting for AccessToken

1.2.1 The sent request

The definition for the client request

Parameters	Description
client_id	The ID for the client request
client_secret	The key for the request
grant_type	The verification of authorization_code
redirect_uri	That your redirect URI's host and path MUST match exactly (including trailing slashes) to your registered redirect_uri. You may also include additional query parameters in the supplied redirect_uri, if you need to vary your behavior dynamically.
code	The key for the request of AccessToken

The definition which not be required

Parameters	Description
client_para	Client need more parameters to define its own meaning

The sample
https://api.ihealthlabs.com:8443/api/OAuthv2/userauthorization.ashx?client_id=ddb9cbc759*****&client_secret=4738f9d00e*****&grant_type=authorization_code&redirect_uri=http%3a%2f%2f+yourcallback.com%2f%3fthis%3dthat&code=xpoBt0ThQQ*****client_para=xxx

1.2.2 The returned value

The definition

Parameter	Description
APIName	The authorized API name
AccessToken	The token for access
Expires	The expired time of AccessToken
RefreshToken	A new AccessToken will be applied after the old one is expired. The new AccessToken, Expires, and APIName will be coming with the RefreshToken.
client_para	The same value to request. If it is not defined by request, the result will be empty string.

The sample of the returned value

{
"APIName": "OpenApiBP",
"AccessToken":"miY4mtt*90psO8Pz******xtIPAmhaUv",
"Expires": 172800,
"RefreshToken": "SlB9CCGdgXDANQ******VKSQNBZbAkKj4EMzsXN7Yj",
"client_para":"xxxxxxxx"
}

1.3 Sending RefreshToken and requesting new AccessToken

1.3.1 The sent request

The definition

Parameters	Description
client_id	The ID for the client request
client_secret	The key for the request
redirect_uri	That your redirect URI's host and path MUST match exactly (including trailing slashes) to your registered redirect_uri. You may also include additional query parameters in the supplied redirect_uri, if you need to vary your behavior dynamically.
response_type	The value is ‘refresh_token’
refresh_token	The key for the request of AccessToken The latest RefreshToken from 1.2.2 returned value or from 1.3.2 returned value.

The definition which not be required

Parameters	Description
client_para	Client need more parameters to define its own meaning

The sample
https://api.ihealthlabs.com:8443/api/OAuthv2/userauthorization.ashx?client_id=ddb9cbc759*****&client_secret=4738f9d00e*****&response_type=refresh_token&redirect_uri=http%3a%2f%2f+yourcallback.com%2f%3fthis%3dthat&refresh_token=xpoBt0ThQQ*****&client_para=xxx

1.3.2 The returned value

The definition

Parameter	Description
APIName	The authorized API name
AccessToken	The token for access
Expires	The expired time of AccessToken
RefreshToken	A new AccessToken will be applied after the old one is expired. The new AccessToken, Expires, and APIName will be coming with the RefreshToken.
client_para	The same value to request. If it is not defined by request, the result will be empty string.

The sample of the returned value

{
"APIName": "OpenApiBP",
"AccessToken": "gGsR-0eFP6nM******Aepd3GuS7A*EDz1WgY3kl3sFk2cIQ",
"Expires": 172800,
"RefreshToken": "gGsR-0eFP6nMJN******M7U1B7A7bUOQfsGGj7JkWZSg",
"client_para": "xxxxxxxx"
}