Skip to main content

Authentication & Token Exchange

The Suki Platform uses a token exchange mechanism to securely authenticate and authorize access to the SDK. Learn more about authentication. During initialization, the SDK receives a partnerToken from the EHR system. This token is exchanged with the Suki Platform to obtain an SDP access token, which is then used for all subsequent API calls.

Automatic Token Refresh

The SDK automatically handles SDP token refreshes to ensure uninterrupted access to the Suki services. When the SDP access token is about to expire, the SDK will automatically refresh it using the partnerToken provided during initialization. The SDK monitors the expiration time of the current SDP token and refreshes it in the background using the original partnerToken. This process is fully automatic and requires no manual intervention.

Constraints

For automatic token refresh to succeed, the original partnerToken must still be valid at the time of refresh. If it is expired or invalid, the SDK will not be able to obtain a new SDP token, and SDK operations may fail as a result. To prevent this, you can update the partnerToken at runtime using the setPartnerToken method—no reinitialization required.

Example

Here’s how to update the token at runtime:
  • JavaScript
  • React
// whenever the access token is refreshed, call `setPartnerToken` with the new token
sdkClient.setPartnerToken("new-partner-token");
I