Today we will begin connecting with DrChrono's APIs using Postman. Before we start let's make sure you download Postman here: https://www.postman.com/downloads/
If you have not set up an API application in your account, please review our "What is an API application" article.
A complete Postman collection of our APIs is at the bottom of this page.
Authorization
[If you are using our DrChrono Postman Collection skip to the Authorization tab from the collection's overview screen. Fill out the configure token section using the table below]
Let's begin by opening Postman and creating a collection. Navigate to the left-hand side of the page and select "Create Collection".
Once the collection is created, navigate to the tabs from the collection's overview screen. Select the "Authorization" tab, and choose "OAUTH 2.0" from the "Auth Type" dropdown box.
Under the "Configure New Token" section, please fill out the following:
| Token Name | This can be anything. EX: Token A |
| Grant Type | Leave as is |
| Callback URL | https://oauth.pstmn.io/v1/browser-callback [This should match the 'Redirect URIs' box from the DrChrono API page. Found in Account > API.] |
| Auth URL | https://drchrono.com/o/authorize/ |
| Access Token URL | https://drchrono.com/o/token/ |
| Client ID | From the DrChrono API Page |
| Client Secret | From the DrChrono API Page |
| Scope | labs:read labs:write messages:read messages:write patients:read patients:write patients:summary:read patients:summary:write settings:read settings:write tasks:read tasks:write user:read user:write billing:patient-payment:read billing:patient-payment:write billing:read billing:write calendar:read calendar:write clinical:read clinical:write |
| State | Leave as is |
| Client Authentication | Leave as is |
Once everything is filled, select the orange button at the bottom of the page - "Get New Access Token".
You will be redirected to a prompt box to sign into DrChrono and then redirected to another screen to authorize the connection...select "Authorize"
Congratulations! You received Access and Refresh Tokens. Select "Use Token" to set the access token to your collection.
First API Request
The first call will be to our USERS API endpoint, specifically https://app.drchrono.com/api/users/current. This endpoint will provide the connected DrChrono API user.
Alternative Configuration:
Instead of creating a collection, you can configure a connection from the request level.
To start, select the "New" or "+" button. If you select "New" you will be prompted to choose a specific method, select HTTP. If you select the "+" icon, Postman will automatically create a new HTTP request.
From the new request, navigate to the Authorization tab and configure the new token. You can use the same details from above.
Lastly, select "Get New Access Token" to generate a set of tokens.
Refresh Method
This method will help automate the process of grabbing new access tokens. The access token has an expiration time of 48 hours. The refresh token does not have an expiration, the refresh token only invalidates if you go through the OAuth process again with the same DrChrono user or utilize the /o/revoke_token endpoint.
Here is a Python snippet depicting the refresh method.
import requests
url = "https://drchrono.com/o/token/"
payload = 'client_id=1234&client_secret=1234&grant_type=refresh_token&refresh_token=1234'
headers = {
'Content-Type': 'application/x-www-form-urlencoded'
}
response = requests.request("POST", url, headers=headers, data=payload)
print(response.text)
Let's also take a look at this in Postman.
I hope this information was useful! If you have any questions please reach out to api@drchrono.com
References
https://app.drchrono.com/api-docs/#section/Introduction
https://app.drchrono.com/api-docs-old/v4/documentation#orevoke_token
DrChrono Postman Collection
DrChrono API Collection.postman_collection.json