Development Environment — APIs and data are non-production

SHC Integration API
Developer Documentation

Reference documentation for the Sovereign Health Care Integration APIs. These APIs provide access to customer, organisation, location, and reference data within the SHC platform.

APIs

Enterprise FE

OAuth2 required

Authenticated API for managing core business entities — customers, organisations, and locations. All operations require a valid access token obtained from the SHC Entra ID tenant.

Customers Organisations Locations Reference Data
View documentation →

Enterprise Public

No auth required

Unauthenticated API providing access to reference data — choice lists and their values. No credentials are required to call these endpoints.

Choice Lists
View documentation →

Authentication

The Enterprise FE API uses OAuth 2.0 with Authorization Code + PKCE via the SHC CIAM tenant. Authentication instructions for additional clients and integration patterns will be added as the platform matures. The guide below covers connecting during development using Postman.

Connecting with Postman

1

Open the Authorization tab

In your Postman request or collection, go to the Authorization tab and set the type to OAuth 2.0.

2

Configure the token request

Under Configure New Token, enter the following values exactly:

Grant Type Authorization Code (with PKCE)
Callback URL https://oauth.pstmn.io/v1/callback
Auth URL https://shcintegrationnp.ciamlogin.com/1a65d85e-74c5-461b-a156-d253499c6d93/oauth2/v2.0/authorize
Access Token URL https://shcintegrationnp.ciamlogin.com/1a65d85e-74c5-461b-a156-d253499c6d93/oauth2/v2.0/token
Client ID 8cc538f4-9e17-4be6-b659-78699a79a46f
Client Secret Leave blank — not required for PKCE
Scope openid offline_access api://d8b322f0-9b4d-478b-a4ee-8c54484375a9/api.write
Client Authentication Send as Body
3

Get a new access token

Click Get New Access Token. A login window will open — sign in with your SHC account credentials. Postman will capture the token automatically on successful authentication.

4

Use the token

Click Use Token. Postman will attach it as a Bearer token in the Authorization header on all requests in the collection automatically.

Need access? Contact the SHC platform team to have your account provisioned with the appropriate permissions. Additional connection methods for programmatic integrations will be documented here as the platform matures.