Introduction
The Sohar Health API follows REST principles. Our API endpoints return JSON-encoded responses, using standard HTTP responses codes, authentication and verbs. All requests must be made over HTTPS.
Requests can be made in our production or sandbox environment. The sandbox environment exists to support your integration and testing of the Sohar Health API, and doesn’t affect live data. The environment is determined by the API key used to authenticate the request.
It’s important to note that while any changes to existing API endpoints and webhook fields that could impact your integration will be communicated in advance, new fields may also be introduced. To ensure seamless integration, it is recommended that your system be designed with flexibility in mind, accommodating potential additions without requiring modification.
Authentication
API keys are used to authenticate requests to the Sohar Health API. You can access your production and sandbox API keys in the Sohar Health dashboard.
It is your responsibility to keep your API keys secure, as they grant access to sensitive production data. API keys should not be stored publicly or in repositories.
Response Codes
We use standard HTTP response codes to indicate the status of an API request. Our response codes include the following:
| Code | Description |
|---|---|
| 200 | The request succeeded. |
| 201 | The request succeeded, and a new resource was created as a result. |
| 207 | Conveys information about multiple resources, for situations where multiple status codes might be appropriate. |
| 400 | The server cannot or will not process the request due to something that is perceived to be a client error. |
| 403 | The client does not have access rights to the content. |
| 404 | The server cannot find the requested resource. |
| 500 | The server has encountered a situation it does not know how to handle. |