Skip to content

Developers Application onboarding

This page describes how to get onboarded as a developer of Kodjin-based SMART Application.

Application Registration

Once you are registered as a developer at Kodjin developers portal you will receive a credentials which allow you to register your own SMART Application.

This API call allow to register a new developer application as a client. If registration was successfully you will get client_id and client_secret for further authentication flow. See more at:



POST [registration_endpoint]


[registration_endpoint] - client registration endpoint uri SHALL observed from the FHIR base url Authorization observation endpoint


Body SHALL provide a JSON object as a data-raw.


    "redirect_uris": [""],
    "client_name": "My Application",
    "logo_uri": "",
    "token_endpoint_auth_method": "client_secret_basic",
    "contacts": [""]


The Authorization token SHALL be obtained from The Kodjin FHIR Server during developer registration process. For more information see the link.

Header Type Required/Optional Value
Authorization string required 'Bearer'


Code Description Comment
200 OK The request was processed successfully and a new client has been created
400 Bad request Invalid request parameters. Details will be provided in a body response
401 Unauthorized Invalid or expired initial token
404 no Route matched with those values The request was able to communicate with a given server, but the server could not find what was requested
500 Internal Server Error The server has encountered a situation it doesn't know how to handle

If client created successfully the body will contain client attributes:

  • redirect_uris - a string for array of redirect uris
  • grant_types - supported client grant types
  • response_types - supported response types
  • client_id - client id (assigned automatically)
  • client_secret - client secret
  • client_name - client name
  • scope - list of the assigned to client scopes
  • registration_client_uri - registration uri
  • registration_access_token - token for client registration during Auth flow. See more


    curl --location --request GET '' \
    --header 'Authorization: Bearer eyJhsGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI3ZDUyMzUxYS1mMzIyLTRjNmMtYTI1OC1lYTVlZTdjZWRiYWEifQ.eyJleHAiOjAsImlhdCI6MTY2NjU2MzcyOCwianRpIjoiNTk1OWE5OGMtMzQzYy00NzBmLWJmMTktMGJkNDdkZTIyZmYzIiwiaXNzIjoiaHR0cHM6Ly9zYW5kYm94LmZoaXIuZWxhdGlvbmVtci5jb20vYXV0aC9yZfFsbXMvZmhpciIsImF1ZCI6Imh0dHBzOi8vc2FuZGJveC5maGlyLmVsYXRpb25lbXIuY29tL2F1dGgvcmVhbG1zL2ZoaXIiLCJ0eXAiOiJJbml0aWFsQWNjZXNzVG9rZW4ifQ.hEC16yxDN0JTcEU83mi5pffk6sPuZ8dsbhttEoAoNhI' \
    --header 'Content-Type: application/json' \
    --header 'Cookie: cookie=f9dd0e1484656621' \
    --data-raw '{
        "client_name": "my-app"


        "redirect_uris": [],
        "token_endpoint_auth_method": "client_secret_basic",
        "grant_types": [
        "response_types": [
        "client_id": "a7c00c9e-a3c5-df52-a8eb-321dcafs97c9",
        "client_secret": "abaV5d46dn8U0ylx0vRJ1HktXXHBbrj8",
        "client_name": "my-app",
        "scope": "patient/ patient/ patient/ online_access patient/ user/ patient/ patient/ fhirUser patient/ patient/ offline_access patient/ user/ patient/ patient/ patient/ profile user/*.write user/*.read patient/ patient/ user/ user/*.* patient/ patient/ patient/ patient/ patient/ patient/*.read patient/ patient/ user/ patient/ patient/",
        "subject_type": "public",
        "request_uris": [],
        "tls_client_certificate_bound_access_tokens": false,
        "client_id_issued_at": 1666563023,
        "client_secret_expires_at": 0,
        "registration_client_uri": "",
        "registration_access_token": "eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI3ZDUyMzUxYS1mMzIyLTRjNmMtYTI1OC1lYTVlZTdjZWRiYWEifQ.eyJleHAiOjAsImlhdCI6MTY2NjU2MzAyMywianRpIjoiYjYyOGI5MTgtZDlhMS00M2Q0LWEwZmItMTM2Njg2NjNiMmNkIiwiaXNzIjoiaHR0cHM6Ly9zYW5kYm94LmZoaXIuZWxhdGlvbmVtci5jb20vYXV0aC9yZWFsbXMvZmhpciIsImF1ZCI6Imh0dHBzOi8vc2FuZGJveC5maGlyLmVsYXRpb25lbXIuY29tL2F1dGgvcmVhbG1zL2ZoaXIiLCJ0eXAiOiJSZWdpc3RyYXRpb25BY2Nlc3NUb2tlbiIsInJlZ2lzdHJhdGlvbl9hdXRoIjoiYXV0aGVudGljYXRlZCJ9.b_7s9StOOCKfeML-uui9TVgg465nyp4WtHm2egm8fro",
        "backchannel_logout_session_required": false,
        "require_pushed_authorization_requests": false