Heidi Health · Capability

Heidi Health — Authentication

Heidi Health Authentication API. Exchange a tenant Heidi API key for a per-user bearer JWT bound to an EHR user identity. Lead operation: Get JWT.

Heidi Health — Authentication is a Naftiko capability published by Heidi Health, one of 10 capabilities the APIs.io network indexes for this provider. It bundles 1 operation across the GET method rooted at /v1/jwt.

The capability includes 1 state-changing operation. Lead operation: Exchange a Heidi API key for a per-user JWT. Can be deployed as a REST endpoint, MCP tool, or Agent Skill via Naftiko.

Tagged areas include Heidi Health, Authentication, and JWT.

Run with Naftiko Heidi HealthAuthenticationJWT

What You Can Do

GET
Getjwt — Exchange API key for JWT.
/v1/jwt

MCP Tools

heidi-get-jwt

Exchange a Heidi API key for a per-user JWT.

Capability Spec

authentication.yaml Raw ↑ 
naftiko: 1.0.0-alpha2
info:
  label: Heidi Health — Authentication
  description: 'Heidi Health Authentication API. Exchange a tenant Heidi API key for a per-user bearer JWT bound to an EHR user identity. Lead operation: Get JWT.'
  tags:
    - Heidi Health
    - Authentication
    - JWT
  created: '2026-05-24'
  modified: '2026-05-24'
binds:
  - namespace: env
    keys:
      HEIDI_API_KEY: HEIDI_API_KEY
capability:
  consumes:
    - type: http
      namespace: heidi-auth
      baseUri: https://registrar.api.heidihealth.com/api/v2/ml-scribe/open-api
      description: Heidi Health authentication surface. Token exchange.
      resources:
        - name: jwt
          path: /jwt
          operations:
            - name: getJwt
              method: GET
              description: Exchange a Heidi API key for a per-user bearer JWT.
              outputRawFormat: json
              outputParameters:
                - name: token
                  type: string
                  value: $.token
                - name: expiration_time
                  type: string
                  value: $.expiration_time
              inputParameters:
                - name: email
                  in: query
                  type: string
                  required: true
                - name: third_party_internal_id
                  in: query
                  type: string
                  required: true
      authentication:
        type: apikey
        key: Heidi-Api-Key
        value: '{{env.HEIDI_API_KEY}}'
        placement: header
  exposes:
    - type: rest
      namespace: heidi-auth-rest
      port: 8080
      description: REST adapter for Heidi Authentication.
      resources:
        - path: /v1/jwt
          name: jwt
          description: REST surface for Heidi JWT exchange.
          operations:
            - method: GET
              name: getJwt
              description: Exchange API key for JWT.
              call: heidi-auth.getJwt
              with:
                email: rest.query.email
                third_party_internal_id: rest.query.third_party_internal_id
              outputParameters:
                - type: object
                  mapping: $.
    - type: mcp
      namespace: heidi-auth-mcp
      port: 9090
      transport: http
      description: MCP adapter for Heidi Authentication.
      tools:
        - name: heidi-get-jwt
          description: Exchange a Heidi API key for a per-user JWT.
          hints:
            readOnly: false
            destructive: false
            idempotent: false
          call: heidi-auth.getJwt
          with:
            email: tools.email
            third_party_internal_id: tools.third_party_internal_id
          outputParameters:
            - type: object
              mapping: $.