Class: CandidApiClient::Auth::V2::AsyncV2Client

Inherits:
Object
  • Object
show all
Defined in:
lib/candidhealth/auth/v_2/client.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(request_client:) ⇒ CandidApiClient::Auth::V2::AsyncV2Client

Parameters:



81
82
83
 
# File 'lib/candidhealth/auth/v_2/client.rb', line 81

def initialize(request_client:)
  @request_client = request_client
end

Instance Attribute Details

#request_clientCandidApiClient::AsyncRequestClient (readonly)

Returns:



77
78
79
 
# File 'lib/candidhealth/auth/v_2/client.rb', line 77

def request_client
  @request_client
end

Instance Method Details

#get_token(client_id:, client_secret:, request_options: nil) ⇒ CandidApiClient::Auth::V2::Types::AuthGetTokenResponse

<Callout intent=“info”>

Candid Health SDKs automatically handle authentication workflows after
configuring them with the `client_id` and
`client_secret`.
</Callout>
Candid Health utilizes the [OAuth 2.0 bearer token authentication
scheme](https://developer.mozilla.org/en-US/docs/Web/HTTP/Authentication) in our
auth flow. You obtain the bearer token for all
subsequent API requests via the `/auth/token` endpoint defined below, which
requires you to provide your `client_id` and `client_secret`. Your `client_id`
and `client_secret` can be
incandidhealth.com/hc/en-us/articles/23065219476244--Generating-Candid-API-Keys)
from the "Users & Credentials" tab by your org admin.
The bearer token is a signed [JWT](https://jwt.io/). The public key for the JWT
can be found [here](https://candidhealth.auth0.com/pem) for any verification
workflows.
The bearer token should be provided in the `Authorization` header for all
subsequent API calls.
<Callout intent="warning">
The bearer token expires 5 hours after it has been created. After it has
expired, the client will receive an "HTTP 401
Unauthorized" error, at which point the client should generate a new token. It
is important that tokens be reused between
requests; if the client attempts to generate a token too often, it will be
rate-limited and will receive an `HTTP 429 Too Many Requests` error.
</Callout>

Examples:

api = CandidApiClient::Client.new(base_url: "https://api.example.com", environment: CandidApiClient::Environment::PRODUCTION)
api.auth.v_2.get_token(client_id: "YOUR_CLIENT_ID", client_secret: "YOUR_CLIENT_SECRET")

Parameters:

  • client_id (String)

    Your application’s Client ID.

  • client_secret (String)

    Your application’s Client Secret.

  • request_options (CandidApiClient::RequestOptions) (defaults to: nil)

Returns:



119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
 
# File 'lib/candidhealth/auth/v_2/client.rb', line 119

def get_token(client_id:, client_secret:, request_options: nil)
  Async do
    response = @request_client.conn.post do |req|
      req.options.timeout = request_options.timeout_in_seconds unless request_options&.timeout_in_seconds.nil?
      req.headers["Authorization"] = request_options.token unless request_options&.token.nil?
      req.headers = {
    **(req.headers || {}),
    **@request_client.get_headers,
    **(request_options&.additional_headers || {})
      }.compact
      req.body = {
        **(request_options&.additional_body_parameters || {}),
        client_id: client_id,
        client_secret: client_secret
      }.compact
      req.url "#{@request_client.get_url(environment: CandidApi,
                                         request_options: request_options)}/api/auth/v2/token"
    end
    CandidApiClient::Auth::V2::Types::AuthGetTokenResponse.from_json(json_object: response.body)
  end
end