Intro
Prerequisites
Corsano uses 2 clouds to store data:
- Users Cloud
- Health Cloud
Users Cloud
This cloud is used to store users' personal data.
The API Base is:
Health Cloud
This cloud is used to store anonymized health data.
The API Base is:
Making authorised requests
To authenticate requests JWT Bearer access tokens are used. You need to use Authorization header that you pass in each request. The content of this header is "Bearer TOKEN" where TOKEN is the JWT token of the user.
Obtaining access token
We recommend using the Oauth 2.0 flow for getting access_tokens of the user.
But if you know email (or code) and password of the user you can use method /login to obtain the access token in the Users Cloud and then exchange this token to the access token in Health Cloud.
Examples
Assume we have a user that has email "sabirjun@gmail.com" and the password "testpassword1A".
Getting access_token in Users Cloud
Below there's an example request to obtain access_token from Users Cloud.
You need to make POST request to /login with the object
{
"email": "sabirjun@gmail.com",
"password": "secret_password_of_the_user"
}
or if user uses code instead of email you need to pass
{
"code": "VVFFFGGHDF",
"password": "secret_password_of_the_user"
}
Request example
curl --request POST \
--url https://api.users.cloud.corsano.com/login \
--header 'Content-Type: application/json' \
--data '{
"email": "sabirjun@gmail.com",
"password": "testpassword1A"
}'
Response
{
"token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOlwvXC9hcGkudXNlcnMuY2xvdWQuY29yc2Fuby5jb21cL2xvZ2luIiwiaWF0IjoxNjY5MjkyMzE3LCJleHAiOjE2NjkyOTU5MTcsIm5iZiI6MTY2OTI5MjMxNywianRpIjoiQ2JTNEpUWVd4dUJVczNkNCIsInN1YiI6IjYwNDkyYzY4NmNlMWI5NzFkYzJhYTYzMiIsInBydiI6IjIzYmQ1Yzg5NDlmNjAwYWRiMzllNzAxYzQwMDg3MmRiN2E1OTc2ZjcifQ.8DAmOgq2QSwxWTL0mxH_HLwGDw_3-TK6XQ30wKE_drQ",
"ttl": 60,
"refresh_ttl": "518400",
"user": {
"_id": "60492c686ce1b971dc2aa632",
"uuid": "fc745ed3-f863-4425-b98b-d886910fbd94",
"role": "user",
"first_name": "David",
"last_name": "Richardson",
"birthday": "1992-01-04",
"gender": null,
"country": null,
"state": "confirmed",
"is_from_old_db": false,
"avatar_id": null,
"email": "sabirjun@gmail.com",
"updated_at": "2022-11-24 09:51:35",
"created_at": "2021-03-10 20:30:32",
"customer_tag": "NONE",
"agreement_to_terms_of_use": null,
"code": null,
"preventicus_b2b_study_center": null,
"customer_code": null,
"brand": null,
"avatar": null
}
}
Getting access_token in Health Cloud
When you got access_token from the Users Cloud you can make a request exchange this token to Health Cloud access_token
Request
curl --request POST \
--url https://api.health.cloud.corsano.com/login \
--header 'Content-Type: application/json' \
--data '{
"user_api_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOlwvXC9hcGkudXNlcnMuY2xvdWQuY29yc2Fuby5jb21cL2xvZ2luIiwiaWF0IjoxNjY5MjkyNTMwLCJleHAiOjE2NjkyOTYxMzAsIm5iZiI6MTY2OTI5MjUzMCwianRpIjoibnFNc21jZ01wcGl0dDcyUCIsInN1YiI6IjYwNDkyYzY4NmNlMWI5NzFkYzJhYTYzMiIsInBydiI6IjIzYmQ1Yzg5NDlmNjAwYWRiMzllNzAxYzQwMDg3MmRiN2E1OTc2ZjcifQ.Vx79xwzhZxNqftKAqKVGDhzp14i9I4UXEQWH4swsezY"
}'
Response
{
"token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOlwvXC9hcGkuaGVhbHRoLmNsb3VkLmNvcnNhbm8uY29tXC9sb2dpbiIsImlhdCI6MTY2OTI5MjYxMywiZXhwIjoxNjY5Mjk2MjEzLCJuYmYiOjE2NjkyOTI2MTMsImp0aSI6InhJcXY0c0ppcEVLMVpDR08iLCJzdWIiOiI2MDQ5MmNlOThhMjYwYmViMWNmMDVhNDciLCJwcnYiOiIyM2JkNWM4OTQ5ZjYwMGFkYjM5ZTcwMWM0MDA4NzJkYjdhNTk3NmY3In0.gmSZcsdiB8_Tyj2o_cHOB_0Ow8io_UM_9UYBmiICEFA",
"ttl": 60,
"refresh_ttl": "518400",
"user": {
"_id": "60492ce98a260beb1cf05a47",
"uuid": "fc745ed3-f863-4425-b98b-d886910fbd94",
"birthday": "1992-01-04",
"created_at": "2021-03-10 20:32:41",
"customer_code": null,
"gender": "male",
"height": 167,
"role": "user",
"updated_at": "2022-09-02 09:19:38",
"weight": 68,
"skin_color": null,
"hair_density": null
}
}
Response has token field which is the access_token you need to use when making authorized calls to the Health Cloud.