Make your first API request
Last updated
Was this helpful?
Last updated
Was this helpful?
To make your first Medable API request, you need to know four things:
The API endpoint: for example, api.<env>.medable.com/<org_code>
The API key: for example, mwidxhb8ShcqmV1B9iOYJh
Authentication credentials: an email and password
The API client: a terminal, web, iOS, or Android
The endpoint for your API requests will look like the following:
Where your_org_code is the org code you specified when signing up and api_resource is the resource you are trying to access, such as an account. And remember, since we're making this request to the development org, we use the api.dev.medable.com URL.
In our case, we'll use the example org code we used when we made the new app: newhealthco.
Copy the API key that you generated in the previous step (see ). In our example, the API key is mwidxhb8ShcqmV1B9iOYJh.
Because we specified that our app uses sessions, a username and password is needed to authenticate and initiate a user session.
For the username, use your email address. In our case, it's john@newhealthco.com. For the password, use the password you set when signing up.
Note: This section is written assuming the request is being made through an OSX terminal.
Now that you're ready to make a request, you simply have to issue the command in the form of curl \[options...\] URL. Let's give it a shot using the API endpoint:
We got a result back! Unfortunately, the result is a fault.
This is because we need to pass in a few more options to get the request to work. First, we need to add the API key header. We can do this using the following option:
-H "medable-client-key: mwidxhb8ShcqmV1B9iOYJh"
So let's give that a try:
The fault is gone, but now we get back an unexpected result. Rather than a list of accounts, which should at least have our own account in it, we get an empty result.
This is because the Account resource requires authentication to access. If we had tried to access a specific account using an account ID (575f58281d0c03a53ccc3ac6 in this case), we would receive a 403 error like so:
One more thing before we log in. For session-based apps, Medable uses cookies to track the session ID. So we need to enable cookie support in curl. To do this, we pass in the additional options:-b cookies.txt -c cookies.txt
The first option -b reads any existing cookies from cookies.txt and sends with the request. The second option -c writes any cookies coming from Medable to cookies.txt.
And we've successfully logged in! We know this because after a successful login, we receive our account object in the response.
If, instead of a response similar to the above, you receive a fault response that resembles this:
This means that two-factor authentication (2FA) has been initiated. Note that the fault could be kNewLocation, kUnverifiedLocation, or kLocationClientMismatch.
When this happens, you will receive a verification token via SMS to your mobile number. Once you receive that token, you'll need to authenticate again as well as send along verificationToken like so:
Now that we've logged in and have an active session, let's try that account request again.
Success! You've made your first API request!
If you're interested in signature-based authentication, see .
There are a number of tools out there that make it easy to make API requests. One option is Postman and another option is the live API explorer in the API Reference page. In this guide, we'll keep it simple and make our requests from the command line using .
So let's authenticate. To log in, we need to POST to the login route with our username and password. For more information on the Account resource and the available routes, see the .
For more information on 2FA, see .