AI Services
Credentials
The credentials are used to authenticate requests when consuming services such as: Real-time transcriptions, Pre-recorded transcriptions, Report generation, etc.
To obtain these credentials, you must have an application registered on the Invox Medical platform. If you do not have your application registered yet, you can request registration from the following link:
Associated with the application, several access credentials can be generated, which may have permission to interact with any of the following services: Real-time transcription, Pre-recorded audio transcription, and report generation.
Whether you make the request to create the new application or to request additional credentials, the permissions that the application has must be clearly specified (if not specified, it is assumed that the credential has access to consume all the AI services exposed on the platform)
Each access credential is made up of two fields: APP Id and API Key. These fields are necessary to get a new access token.
Access tokens
Our authorization system for AI services is based on OAuth2. This means that to use any of our services, each request must be authorized using an access token.
The access token is valid for two hours. Once it expires—or if a new one is required—a different token must be generated.
The process for obtaining these access tokens is detailed below.
How to get an AI access token
Every request made to AI services must be authenticated, and to do so, the access token must be obtained for authorization. To complete this task, follow these steps:
- APP Id and API Key values are concatenated, using the : character as a separator.
- The previous concatenation must be encoded to base64, which will allow us to obtain an access token to complete the call to the AI services we need.
- Using the generated token, we need to consume the service that returns the access token to us.
Request description
Below we will describe the entire process that allows get an accessToken for using all AI services.
Endpoint: /api/v1/token
Method: POST
Remember: you can see the URL to consume this API in the Introduction section.
Header
{
"Content-Type": "application/json",
"Authorization": "Basic <token>"
}
appId:apiKeyPayload
{
"grant_type": "client_credentials"
}
Below we give examples of this implementation using Javascript/Typescript:
const getTokenUrl = `<baseUrl>/api/v1/token`;
const token = `${btoa("<appId>:<apiKey>")}`;
fetch(getTokenUrl, {
method: "POST",
headers: {
Authorization: `Basic ${token}`,
},
body: JSON.stringify({ "grant_type": "client_credentials" }),
}).then(async (response) => {
if (response.ok) {
const data = await response.json();
const accessToken = data.accessToken;
// continue with the logic
});
It is important to take into consideration:
- You must replace
<baseUrl>with the API base url - You must replace
<appId>with the provided appId value - You must replace
<apiKey>with the provided apiKey value
Correct response
Successful request
Describe the characteristics of a satisfactory response
200
Response example:
{
"accessToken": "mock-access-token",
"token_type": "Bearer",
"grant_type": "client_credentials",
"expires_in": 1758717415053 // timestamp in seconds
}
type GetSuccessAccessToken= {
accessToken: string
token_type: string
grant_type: string
expires_in: number
}
Wrong responses
Unauthorized
Describes the response when invalid credentials are passed to generate the access token
401
Response example:
{
"message": "Invalid app id",
"errorType": "unauthorized"
}
type RequestInvalidSignature= {
message: INVALID_TOKEN_GENERATION_MESSAGES
errorType: string
}
type INVALID_TOKEN_GENERATION_MESSAGES = "Invalid authorization header" | "Invalid app id" | "Invalid api key"
Bad request
Describes the response when an invalid input parameter is passed
400
Response example:
{
"message": "Invalid or missing grant_type.",
"errorType": "invalidRequestBody"
}
type RequestInvalidInput= {
message: string
errorType: string
}