Getting Started with OpesCare APIs
OpesCare provides five integration pathways so any healthcare system can connect securely: a REST API, an SDK, a Bridge Agent for legacy HIS systems, an embeddable Widget, and event-driven Webhooks. This guide gets you from zero to your first API call in five minutes.
Sandbox environment: All examples use sandbox credentials.
No real patient data is accessed. You can start immediately — no approval needed for sandbox.
Base URLs
| Environment | Base URL | Access |
|---|---|---|
| Sandbox | https://opescare.test/api/v1 | Open — use sandbox credentials below |
| Production | https://api.opescare.health/v1 | Requires approved developer account |
Sandbox Credentials
Use these credentials to authenticate against the sandbox. They are pre-loaded and ready — no approval needed.
| Field | Value |
|---|---|
client_id | demo_dev_sandbox |
client_secret | demo_secret_sandbox_2026 |
| Scopes available |
patient:profile:read
pharmacy:stock:read
blood:inventory:read
lab:results:read
patient:diagnostics:read
|
Production Credentials — OpesCare HIS
For the production integration with OpesCare HIS, use the credentials below. These are fully approved with access to Health ID resolution, patient data read, and clinical record push.
| Field | Value |
|---|---|
client_id | opeshisos_production |
client_secret | prod_secret_opeshisos_2026 |
environment | production |
| Approved scopes |
health_id:verify
patient:read
encounter:push
lab:push
prescription:push
facility:sync
|
| Key endpoint | POST /api/v1/connect/patients/resolve — find or auto-create Health ID |
Integration workflow for OpesCare HIS: (1) Call
/auth/token with production credentials. (2) For each patient, call /patients/resolve — OpesCare returns or creates a Health ID. (3) Push clinical data using the Health ID via /records/encounters, /records/lab-results, or the Bridge Agent. See Health ID Resolution for full examples.5-Minute Quickstart
Step 1 — get an access token. Step 2 — use it to call any endpoint.
Step 1: Get a Token
curl -X POST https://opescare.test/api/v1/connect/auth/token \
-H "Content-Type: application/json" \
-d '{
"grant_type": "client_credentials",
"client_id": "demo_dev_sandbox",
"client_secret": "demo_secret_sandbox_2026",
"scope": "patient:profile:read"
}'
<?php
// Laravel / Guzzle example
$response = Http::post('https://opescare.test/api/v1/connect/auth/token', [
'grant_type' => 'client_credentials',
'client_id' => 'demo_dev_sandbox',
'client_secret' => 'demo_secret_sandbox_2026',
'scope' => 'patient:profile:read',
]);
$token = $response->json('access_token');
const res = await fetch('https://opescare.test/api/v1/connect/auth/token', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({
grant_type: 'client_credentials',
client_id: 'demo_dev_sandbox',
client_secret: 'demo_secret_sandbox_2026',
scope: 'patient:profile:read',
}),
});
const { access_token } = await res.json();
import requests
resp = requests.post('https://opescare.test/api/v1/connect/auth/token', json={
'grant_type': 'client_credentials',
'client_id': 'demo_dev_sandbox',
'client_secret': 'demo_secret_sandbox_2026',
'scope': 'patient:profile:read',
})
access_token = resp.json()['access_token']
import java.net.http.*;
import java.net.URI;
HttpClient client = HttpClient.newHttpClient();
String body = """
{
"grant_type": "client_credentials",
"client_id": "demo_dev_sandbox",
"client_secret": "demo_secret_sandbox_2026",
"scope": "patient:profile:read"
}
""";
HttpRequest request = HttpRequest.newBuilder()
.uri(URI.create("https://opescare.test/api/v1/connect/auth/token"))
.header("Content-Type", "application/json")
.POST(HttpRequest.BodyPublishers.ofString(body))
.build();
HttpResponse<String> response = client.send(request, HttpResponse.BodyHandlers.ofString());
Response:
{
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9...",
"token_type": "Bearer",
"expires_in": 3600,
"scope": "patient:profile:read"
}
Step 2: Call an Endpoint
curl "https://opescare.test/api/v1/connect/patient/search?health_id=OPC-2024-DEMO1" \
-H "Authorization: Bearer {access_token}"
$patient = Http::withToken($token)
->get('https://opescare.test/api/v1/connect/patient/search', [
'health_id' => 'OPC-2024-DEMO1',
])->json();
const patient = await fetch(
'https://opescare.test/api/v1/connect/patient/search?health_id=OPC-2024-DEMO1',
{ headers: { 'Authorization': `Bearer ${access_token}` } }
).then(r => r.json());
patient = requests.get(
'https://opescare.test/api/v1/connect/patient/search',
params={'health_id': 'OPC-2024-DEMO1'},
headers={'Authorization': f'Bearer {access_token}'}
).json()
HttpRequest req = HttpRequest.newBuilder()
.uri(URI.create("https://opescare.test/api/v1/connect/patient/search?health_id=OPC-2024-DEMO1"))
.header("Authorization", "Bearer " + accessToken)
.GET().build();
HttpResponse<String> res = client.send(req, HttpResponse.BodyHandlers.ofString());
Which Integration Type?
| Integration | Best For | Auth |
|---|---|---|
| Connect API | Backend integrations, partner systems, EMR bridges | OAuth 2.0 client credentials |
| SDK | PHP/JS apps that want a typed wrapper | SDK Bearer token |
| Bridge Agent | On-premise HIS pushing data to OpesCare | Bridge token header |
| Widget | Embed patient health summary in any web page | SDK token in config |
| Webhooks | Receive push events when records change | Subscribe via API |