The Google Cloud Healthcare team is pleased to announce the open source release of our new Apigee-based proxies for generating OAuth 2 access tokens for the Cloud Healthcare FHIR API. The Github repository can be found here.

Key use case: In many cases applications using the Cloud Healthcare API need the ability to generate OAuth 2 access tokens programmatically, particularly in long-running services or for situations where data is being accessed by externally-facing applications where exposing sensitive credentials - such as IAM service account keys - is not appropriate. This project contains an Apigee-based solution for enabling creation of these access tokens using the OAuth 2.0 client credentials grant.

This solution is comprised of two pieces:

• An Apigee API proxy called "oauth-b2b", which implements the OAuth 2 client credentials grant protocol. This API proxy returns a bearer token which can be used to make requests for data.
• An Apigee proxy called "fhir-endpoints", which validates a token generated using "oauth-b2b" and formats a data request to a Cloud Healthcare FHIR API endpoint.

Combined with application-specific configuration information governing which APIs and data stores can be accessed, and Apigee's own extensive functionality for developer management, traffic mediation and threat detection, a highly secure and fully managed solution for controlling access to healthcare data can be created.

The Cloud Healthcare API is currently in alpha and available through our Trusted Tester Program. Pricing will be announced during beta, following alpha and prior to general availability. In the meantime, the Cloud Healthcare API is free to use; however, fees may be incurred while using other Google Cloud services such as BigQuery and Cloud ML Engine. For more information, or to request access to the API, please see the Cloud Healthcare API documentation page.