Skip to main content

Authentication

The Zunder supports various authentication mechanisms depending on your deployment configuration.

Bearer Token Authentication

Most deployments use Bearer token authentication. Include the token in the Authorization header: 
curl -H "Authorization: Bearer YOUR_TOKEN" \
     https://your-server.com/fhir/Patient/123

API Key Authentication

Some deployments may use API keys. Include the key in a custom header: 
curl -H "X-API-Key: YOUR_API_KEY" \
     https://your-server.com/fhir/Patient/123

OAuth 2.0

For OAuth 2.0 authentication, follow the standard OAuth 2.0 flow:
  1. Obtain an access token from your authorization server
  2. Include the token in the Authorization header as a Bearer token
curl -H "Authorization: Bearer ACCESS_TOKEN" \
     https://your-server.com/fhir/Patient/123

Unauthenticated Access

Some endpoints may be configured for public access (read-only). Check your server configuration for details.
Always use HTTPS in production to protect authentication credentials.