How to create new token for patients

There are tokens available for doctors and admin. but there are no tokens for patients. please guide us how to create patients for token ?

How do we get the access token for patient as we get it for users ( admin or practitioners

In OpenEMR, token-based access is typically managed for API authentication (such as FHIR or REST APIs). If tokens are available for doctors and admin, but not for patients, it means the patient user accounts have not been set up properly with API access or credentials.

Here’s how to enable and generate tokens for patients in OpenEMR:

:white_check_mark: Step-by-Step to Enable Token for Patients in OpenEMR

  1. Create a Portal Login for the Patient

Tokens can only be created for users who exist in the users_secure or portal_users table.

Steps:

Go to Patient/Client → Patients

Search and select the patient

Click Portal Activity (or “Create Portal Account”)

Assign:

Username

Password

Ensure portal access is enabled

This creates a record in portal_users and links the patient to a login.

  1. Enable API Access for Patients (if needed)

If you’re using FHIR API or OAuth2 and want to allow patients to generate tokens:

Go to:

Administration → Globals → Connectors

Enable FHIR API

Set Patient API Access: ON

Save the settings

Then, under:
Administration → API Clients

Add a new API Client (used for issuing tokens)

Set scope to include patient/*.read etc.

Set redirect URI if using authorization code flow

  1. Generate Token for Patient User

You can generate a token in 2 ways:

Option A: Manually via Backend (Developer Admin)

Use the MySQL console or a DB tool to insert a token:

INSERT INTO oauth_access_tokens

(access_token, client_id, user_id, expires, scope)

VALUES

(‘PATIENT_TOKEN_SAMPLE’, ‘CLIENT_ID_FROM_API_CLIENT’, ‘patient_user_id’, DATE_ADD(NOW(), INTERVAL 1 HOUR), ‘patient/*.read’);

You need:

client_id: From oauth_clients table

user_id: The patient user ID (linked via portal_users)

Option B: Use Token Endpoint via Postman / Curl

Use OpenEMR’s OAuth2 endpoint:

curl -X POST https://yourdomain.com/oauth2/token \

-H “Content-Type: application/x-www-form-urlencoded” \

-d “grant_type=password&username=PATIENT_USERNAME&password=PATIENT_PASSWORD&client_id=CLIENT_ID&client_secret=CLIENT_SECRET”

The response will include an access_token.

:white_check_mark: Validate Token Access

Once token is obtained, use it with the FHIR API:

GET /apis/fhir/Patient

Authorization: Bearer YOUR_PATIENT_TOKEN

May It works for you.