Last updated on: 2023-05-25 08:49:13.

Authentication

Since QKViews are always associated with an account (accounts are free and can be created at https://account.f5.com/ihealth2), authentication is performed by first logging in to the iHealth GUI, navigating to the settings page, and generating a Client ID and Client Secret by clicking the relevant button.

A pop-up window appears with the new credentials, which should be copied for future reference. A curl command to generate a bearer token is also offered in the pop up and the user can either copy and paste this command into a terminal or can form their own curl POST request in the following format:

curl --request POST --url https://identity.account.f5.com/oauth2/ausp95ykc80HOU7SQ357/v1/token-H "accept:application/json" -H "authorization: Basic {base64Encode(client_id:client_secret)}" -H "cache-control: no-cache" -H "content-type: application/x-www-form-urlencoded" --data "grant_type=client_credentials&scope=ihealth"

Note: You have to Base64 encode the Client ID and Client Secret with a colon separating them and with no spaces. Additionally, you must use an ecrypted connection, so ensure that your code specifies HTTPS as the protocol, and not HTTP.

A successful request will result in a response with a bearer token. This bearer token must accompany all iHealth API requests as part of the authorization header (-H “authorization: Bearer {authToken}). This auth token is valid for 30 minutes, after which you will need to request a new bearer token with the same curl request.

Additional details can be found at K000132249: Authentication changes in F5 iHealth.