Skip to content

NextGen Enterprise APIs

The Enterprise API includes 500+ RESTful routes

Authentication

The Enterprise API provides 2 authentication methods:

  1. GSA (Global Service Account) Authentication: Appropriate for automation and other integration types that require anytime access to client systems. This gives access to almost all GET routes.

  2. EAL (External Application Launcher) Authentication: Gives more access than GSA but is limited to being accessed via a launched application UI.We only need access to reading data so we'll use GSA. This auth method is set up in the Postman sandbox. However, the process for authenticating with and making Enterprise API calls to actual NextGen client installations is different from the automated process built into the Sandbox.

GSA Authentication in Production

To access routes in production we need to provide our client_id and client_secret plus a site_id that is specific to a NextGen Enterprise (NGE) environment, which determines which unique NextGen installation we are authenticating into. An NGE environment may contain one ore more enterprises.

A list of available site_ids are found inside the Developer Portal.

The site_id is the differentiator between accessing test or prod data. A TEST id will be shown once a client approves the app for beta and the PROD will be revealed once the client approves tha app for production access.

Once the token is obtained the app is also required to specify the desired enterprise_id and practice_id. The desired Enterprise/Practice are defined via a X-NG-SessionId request header. See How-to Authenticate into a specific NextGen practice.