API Products

Different APIs have different sequrity requirements and that is why the APIs have mainly been categorized based on this. A category of APIs is called an API product and to get access to an API product you need a subscription.

At the moment Cambio Open Services have identified four different API products:

  • Open API requires a valid subscription (API key)
  • Care provider's API requires an identified professional using an approved application
  • Patient's API requires an identified private person using an approved application
  • Partner's API for partners (other care providers) applications

The same API can of course belong to more than one category at the same time. For example may an API that provides a prescription list for a patient be used by both a patient and a care provider. The contents of the list may differ though depending on who is using the API.

A subscription is always needed

API keys are provided to the organisation that provides the application. A key is valid for one API product only and this is called a subscription. No matter which API product is being used, a valid subscription is always needed.

Approved applications

Only approved applications can get access to Care provider's API and Patient's API. This means that the application must be registered and given a unique identity and also be registered and published with valid credentials in the authorisation server that is being used, see also OpenID Connect/OAuth2.