Authentication
All API and embedded access is secured with industry-standard authentication. Access is controlled through API keys and JWT bearer tokens so only authorized systems and users can call the platform.- Tokens are time-limited and signed with RS256.
- Each session is scoped to a specific organisation; users can only access data for their authorised organisation.
- When a token expires, the integrating system must re-authenticate to obtain a new one.
For credentials, API keys, and onboarding, contact the medWrite team.
What’s in this reference
| Section | Description |
|---|---|
| Authentication | API authentication (API key + bearer token) and embedded authentication for EHR integration. |
| Get Records | Get approved outputs, mark output completed, get attachments, and get PDF documents. |
| HL7 Receiver | Send HL7 ADT messages and understand HL7 phases (admission, transfer, discharge, etc.). |
Next steps
API Authentication
API key and bearer token for API access.
Embedded Authentication
Embed MedWrite in your EHR with URL-based auth.