HomeGuidesFAQsAPI ReferenceChangelog

Create Patient Portal access token

post https://api.staging.hint.com/api/provider/patients//account_access_tokens

Usage Instructions and Security Best Practices

  • Authenticate Patients: Only generate access tokens for patients that your system has already authenticated.
  • On-Demand Links: Generate the access token only when a patient requests to view their data.
  • New Windows/Tabs: Automatically redirect patients to the URL provided, instead of showing them the link directly.
  • Avoid Caching: Do not cache or store access tokens in your application.
  • Do Not Display Directly: Avoid displaying the access tokens directly in your application.
  • Avoid Email Transmission: Never send access tokens via email due to token expiry and security concerns.

Example Workflow

  1. Request Access: Patient logs into your system and requests to view their Hint Health data.
  2. Generate Token: Your system makes a POST request to the Access Tokens endpoint.
  3. Provide Link: Your application receives the URL and automatically redirects the patient to the URL in a new window or tab.
Language
Click Try It! to start a request and see the response here!