Before you can start integrating with the Aton Health Patient Referrals API, you'll need to complete a few setup steps.
1. Partnership Agreement
Ensure you have a signed partnership agreement with Aton Health that covers:
- Data sharing and privacy terms
- HIPAA compliance requirements
- Service level agreements
- Utilization terms and rate limits
2. Request API Credentials
Contact the Aton Health integration team to request your API credentials:
Email: integration-support@atonhealth.com
Include the following in your request:
- Company name and contact information
- Brief description of your integration use case
- Expected API usage volume
3. Credentials You'll Receive
For OAuth 2.0 authentication, you'll receive:
| Credential | Description | Example Format |
|---|---|---|
| Client ID | Your application's unique identifier | 87654321-4321-4321-4321-210987654321 |
| Client Secret | Secret key for your application | abc123XYZ... |
| API Scope | Permissions scope for Aton Health APIs | api://aton-health-api/.default |
⚠️ Keep Credentials Secure
Store these credentials securely and never commit them to version control. Use environment variables or secure key management services.
4. Development Environment Setup
Environment Variables
Set up these environment variables:
# OAuth 2.0 Credentials
export ATON_CLIENT_ID="your-client-id"
export ATON_CLIENT_SECRET="your-client-secret"
export ATON_API_SCOPE="your-api-scope"
# API Base URLs
export ATON_DEV-API_BASE_URL="https://dev-api.aton.health/"
export ATON_API_BASE_URL="https://api.aton.health/"
Required Tools
- HTTP client (curl, Postman, or programming language HTTP library)
- JSON parser for handling API responses
- Secure credential storage solution
5. Network Requirements
Ensure your environment can make outbound HTTPS requests to:
- Microsoft Identity Platform:
login.microsoftonline.com - Aton Health APIs:
- Development:
dev-api.aton.health - Production:
api.aton.health
Firewall Configuration: If behind a corporate firewall, add these domains to your allowlist.
6. Compliance Considerations
HIPAA Compliance
Your integration must maintain HIPAA compliance:
- Implement appropriate technical safeguards
- Establish administrative safeguards
- Ensure physical safeguards for systems handling PHI
- Maintain audit logs of API access
Data Handling
- Patient data must be encrypted in transit and at rest
- Implement proper access controls and authentication
- Follow data retention policies as specified in your agreement
Next Steps
Once you have your credentials:
- Test Authentication - Verify you can obtain access tokens
- Try the Quick Start - Make your first API call
- View the API Reference - Review available functionality and explore endpoint documentation
Need Help?
Contact our integration team at integration-support@atonhealth.com