Making API Requests

All API requests must be made over HTTPS and must include a valid Accept header. Currently the only supported Accept header is application/json.

While your access token is valid, the token can be used to make authorized API requests by including it in the Authorization header as a Bearer token. See Authentication & Authorization for more details on how to obtain a bearer token.

GET /v1/patients/{patient_id}/rx HTTP/1.1
Authorization: Bearer wa-S061u5MPicct0wIASHYJzTHhRG922RYEt9MXoimk
Accept: application/json
Cache-Control: no-cache

Receiving Responses

Response Formats

Partners API responds to your requests with JSON. Currently, this is the only supported format.

HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: 81350852-051d-4b90-8a21-a8b2636e8107
X-Honeybee-Signature: Y0wIASHYJzTHhRG922RYEt9MX

    "medication_request": {

Request IDs

Each request received by our system will have an associated Request ID. This ID will be present in the X-Request-Id header returned in the response. We will use this Request ID to help troubleshoot support requests.

Status Codes

Status CodeMeaningDescription
200OKThe request was successful and the response body contains the representation requested.
201CreatedThe request was successful, we created a new resource and the response body contains the representation. This should only appear for POST requests.
204UpdatedThe request was successful, we updated the resource and the response body is empty.
304Not ModifiedThe request was successful, we checked the provided If-None-Match header and there was not change from the last response.
400Bad RequestThe request was unacceptable, often due syntax errors in request.
401UnauthorizedThe supplied credentials, if any, are not sufficient to access the resource.
404Not FoundThe request resource wasn't found.
422Unprocessable EntityThe request was received but cannot be processed, often due to missing a required parameter.
429Too Many RequestsYour application is sending too many requests too quickly, and you are reaching the rate limit of the Partner API.
500Server ErrorWe couldn't return the representation due to an internal server error - this one is Honeybee Health's fault!
503Service UnavailableWe are temporarily unable to return the representation. Please wait for a bit and try again.


In each response we include an ETag header which can be used to check if your cache is fresh. The ETag value we generate is weak, meaning only the response object is validated.

You can cache the response object along with the Etag value. When checking for cache freshness you can provide the last ETag value in an If-None-Match header and we will return a 304 Not Modified response if there's no change or return a 200 OK along with the updated response object if there is a change.