No announcement yet.

Using Mirth 3.12- Need to invoke APIs that have OAuth2 authentication mechanism

  • Filter
  • Time
  • Show
Clear All
new posts

  • Using Mirth 3.12- Need to invoke APIs that have OAuth2 authentication mechanism

    Mirth Version - 3.12
    Could you please share channel setup
    I have a callback url, Auth URL , Token URL, Client Id , Client Secret, Grant Type and Scope.
    When I do this complete setup in PostMan and then click on GetAccessToken, It brings up a popup that asks me for the username and password.
    Once the UserName and Password is entered I can then get the access to the APIs.

    Please note that the token expires so I need a mechanism in the channel to hit the Token URL again.

    Could someone please share similar channel setup.
    I am new to Mirth so need guidance.

  • #2
    Where I have had to implement oAuth whereby a user clicks a link that then asks them to credential to an outside system to "OK" my system interacting, then hosting the call back that receives an initial token, then using the initial token to get and usually a renewal token is a least 3 channels for me. In my opinion it's a larger body of work and of course includes configuration on the vendor side for the call back URL - which in my experience means you need to host your part on valid TLS http listeners.

    I will tell that you can have a channel that just renews the "final" token on a fixed interval and stores that token in the gloalMap (aka $g) for use by other channels.
    Last edited by pacmano; 02-21-2022, 08:00 AM.
    Diridium Technologies, Inc.


    • #3
      You are exactly to the point that is what I am looking for. Could you please share the channel that you have.
      Thanks a lot


      • #4
        Language barrier there. I wasn't going to share a channel, that's work paid for by our clients and their property.
        Diridium Technologies, Inc.


        • #5
          I am sorry If I misunderstood, do you have any other resources...helper links that can help me built what you have implemented for your clients ...not the code but few pointers or steps would help me out...Is that something that you can help with?


          • #6
            hi can you help me with this to we need to use the token to access data insertion on fhir server , We use grant type ,client id ,client secret, and scope ,thanks in advance
            You do not have permission to view this gallery.
            This gallery has 1 photos.


            • #7
              1. Create an HTTP-POST request via an HTTP-Sender destination
              2. Enter the URL from where you obtain the token in the URL-field. (Even if indicated otherwise, also HTTPS locations will work)
              3. Enter grant type, client id, and client secret as shown in the screenshot under Query Parameters:

              4. Set the Content Type to application/x-www-form-urlencoded
              5. Extract the token, you will receive from this request in the response transformer of this destination and put it in the channel map
              6. Create a 2nd HTTP-Sender destination. Here you do the request to your actuall target by using the just obtained OAUTH2 token.
              7. For doing so enter an Authorization header like shown below. The variable behind BEARER<space> must contain the token obtained by the preceding call

              I am not sure how you are using the client authorization (username/password) as this, to my understanding, would be redundant to the authentication approach described above.

              The approach would however be quite similar to the one described. You would reference the Authentication URL in you first destination and use the following Query parameters:
              • grant_type=password
              • username=<YOUR USER>
              • password=<YOUR PASSWORD>
              • client_id=<YOUR CLIENT ID>
              Attached Files


              • #8
                EXCELLENT! many thanks, odo