“HealthJibe Sign On” allows users to log into your website or application using their HealthJibe account credentials. It utilizes OAUTH and although the flow is very similar, the authorization URL and workflow differs slightly.
“HealthJibe Sign On” uses the following Authorization Endpoints:
- Sandbox: http://sandbox.healthjibe.net/jibe/authenticate
- Production: https://www.healthjibe.net/jibe/authenticate
The oauth/authenticate method will act in different ways depending on the status of the user and their previous interaction with the calling application:
- If the user is logged into HealthJibe and has already approved the calling application, the user will be immediately authenticated and returned to the callback URL.
- If the user is not logged into HealthJibe and has already approved the calling application, the user will be prompted to login to HealthJibe then will be immediately authenticated and returned to the callback URL.
- If the user is logged into HealthJibe and has not already approved the calling application, the OAUTH authorization prompt will be presented. Authorizing users will then be redirected to the callback URL.
- If the user is not logged into HealthJibe and has not already approved the calling application, the user will be prompted to login to HealthJibe then will be presented the authorization prompt before redirecting back to the callback URL.
Once redirected back to the callback URL the calling application can complete the OAUTH process to obtain an Access Token* which can be used to identify the user, and to sign future OAUTH calls.
*NOTE: An authorized request token is returned only when it is the first time the user has authenticated to HealthJibe. In this case, you must change the Request Token into an Access Token. If the user has authenticated before then the token returned from the authenticate endpoint will be the same Access Token that you should have stored for the user. Do not attempt to turn this token into an Access Token because the operation will fail with a “token rejected” error message.
