The iHealth Open API uses OAuth 2.0 for security. OAuth enables users to use your
application or web-based software with their iHealth product without having to share
passwords.

a. Register your application or web-based software with the iHealth developer
    account,which is different from the developer sandbox account.

b. Include the following information:
    The name of your application;
    Application website;
    Authorization removal callback URL.

a. iHealth will verify your information which may take 1-2 business days

b. Once verified, you will receive a Client ID and Client Secret via the registered
    email address

a. iHealth Open API’s process is based on OAuth 2.0 protocol.
Use “client_id”, “response_type”, “redirect_uri” and “APIName” and obtain the
“code”, which is the key for “AccessToken” and “RefreshToken”
Use “AccessToken” and some related and necessary parameters, like “client_id”,
“client_secret” etc., to fetch iHealth product data, like blood pressure
measurements and weight
“AccessToken” is a type of temporary token; it will expire after 48 hours. So
“AccessToken” would need to be refreshed by the “RefreshToken” at a specific
period within 48 hours
Your application is connected to iHealth Cloud and you can now fetch user data via
the Open API.