What is the API for logging into OpenEMR


We are new to OpenEMR and currently developing mobile apps for our users and need to use the API Services. The problem we are having is that we are unable to find the API to login. We have already enable the connectors in Global settings and tried various tricks using Postman. We tried all the suggested forum topic on API for logging into openemr but could not get much help. Appreciate any help on how to use an api to login into OpenEMR.

@stephenwaite hi,

Seriously, this was no help at all. We already know about the documentation that you have given us. We had gone through these documentation and, my apologies, all we did was go in circles… We were trying to access our site api using Postman and Thunder Client in VS code. We could not find a simple example that shows us this:

(1) Steps to generate an API call to login and get access
(2) After that, steps to use the APIs to access any detail.
(3) Finally, Api to logout.

One simple example that shows us how we could use Postman or VS Code Thunder client that gets us through from getting access, getting the detail and logging out as stated above.

Once we get this and test it to be working, we prepare wiki documentation so that others in similar despair can get relieve. This is what i meant in earlier posts where user friendly documentation is needed to help business solution developers like us.

Appreciate this straight forward help which give a kick-start instead digging into all these links which got us nowhere (and also ending up in dead links, sigh!).



Thank you so much. Yes, this helps. I am testing it.

@benmarte, I used your blog post on using the OpenEMR Api. Great. Great job and really really helped.

I have one question. After activating the API Client, i jumped to the Making API Request on Patient.read scope. I got a page not found error. I did not do the Authenticating with Password Grant flow step. I am using PostMan to test the api. Do I have to perform the Authenticating with Password Grant flow step?

Appreciate your help.

All API calls need to be authenticated either with password grant or with an API secret for your app.

Good luck.


The help from was Bert was great. Thank you.

On checking the API Client Registration under Administration, i would i could edit them but not delete the client registration. Is there a way to remove them all and start from a fresh sheet?

There is no way to currently remove the oauth2_clients. You’ll have to manually delete them from the database if you want to clear them out. If this is a production machine I recommend running everything inside a transaction in case you need to rollback.

Ah ok. Thank you so much for the advise. Could you point me to table or tables involved? I checked out all the tables in the database and could not find one that is related to client registration.

Appreciate it.

hi @murugappan, it’s oauth_clients

@stephenwaite ,

I have cleansed the clients registrations. Thank you so much.