7.1 Accessing HIN Protected Applications with Access Token
Introduction
With an Access Token, a GET request can be sent to an application or API to access protected data. The Access Token is transmitted in the request to ensure that the request comes from an authorized source. Once the application has verified the token, it returns the requested data if the token is valid. The Access Token thus ensures that only authorized users or applications can access protected information.
Accessing with Access Token via Curl
The exact parameters must be specified by the application provider. Here are general guidelines for using an Access Token with Curl:
curl --header 'Authorization: Bearer <Access Token>' https://<oauth2.application.hin.ch>
Example with Covercard
Here is an example using Covercard:
curl --location 'https://oauth2.covercard.hin.ch/covercard/servlet/ch.ofac.ca.covercard.CaValidationHorizontale?type=XML&langue=3&carte=<krankenkassen_karten_nr>&ReturnType=42a' \
--header 'Authorization: Bearer <covercard_Access Token>'