Skip to main content

Redirection Journey

Redirection lets you hand off your users to OneAssure's hosted health journey. Generate a session token using your API credentials, append it to the redirection URL, and send the user to that URL to continue the journey.

Flow

  1. Generate a token — Use your client_id, client_secret, and the user_id of the end user on your platform to generate a session token. See the Authentication API for the full request and response.

  2. Build the redirection URL — Append the generated token to the session-token query parameter:

    https://orca.oneassure.in/health?session-token={access_token}

  3. Redirect the user — Send the user to the URL above. They will continue the health journey on the OneAssure platform.

Step 1 — Generate a Token

Refer to the Authentication API for the complete request and response specification.

Example Request

POST /v1/auth/token
Content-Type: application/json
{
  "client_id": "YOUR_CLIENT_ID",
  "client_secret": "YOUR_CLIENT_SECRET",
  "user_id": "YOUR_USER_ID",
  "scopes": ["business"]
}

Example Response

{
  "payload": {
    "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
    "expires_in": 3600,
    "token_type": "Bearer"
  }
}

Use the access_token value as the session token in the next step.

Step 2 — Redirect the User

Construct the redirection URL by setting the session-token query parameter to the token from Step 1:

https://orca.oneassure.in/health?session-token={access_token}

Example

https://orca.oneassure.in/health?session-token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...

Send the user to this URL (full-page redirect, new tab, iframe or in-app webview) to continue the health insurance journey on OneAssure.

Notes

  • Tokens are valid for 1 hour from the time of creation. Generate a fresh token for each redirection so the user has the full session window.
  • Do not expose your client_id or client_secret to the browser. Generate the token from your backend and only pass the resulting session-token to the client.
  • Pass the user_id when generating the token so the journey is associated with the correct end user on your platform.

Need Help?

Contact our developer support team for assistance with your integration.