You need to connect a third-party application to your practice management data, but you are stuck on how to securely link the two systems. Open dental API authentication is the process that verifies your software's identity, ensuring that only authorized applications can access your patient and clinical information.
This guide explains how to set up the necessary credentials so your integration can communicate securely with your Open Dental database.
Prerequisites
Before you can begin, you must ensure your practice meets the technical requirements for API access:
- Developer Portal Access: If you are the developer, you must have an account in the Open Dental Developer Portal. If you are a practice owner, your software vendor should provide you with the necessary keys.
- eConnector: For remote API access, your office must have the eConnector service installed and running on your server. This service acts as the bridge between the Open Dental cloud and your local database.
- API Access Tier: Ensure your practice has the appropriate API permissions enabled. Contact Open Dental support if you are unsure about your current subscription tier or API capabilities.
- Version Compatibility: Ensure your Open Dental software is updated to a current version (25.2 or 25.3) to ensure full compatibility with the latest API methods.
Implementation
The Open Dental API uses Basic Authentication. You will need two keys: a Developer Key (provided by the developer portal) and a Customer Key (generated in the portal and added to your Open Dental software).
1. Configure the Customer Key
In your Open Dental software, go to Setup > Advanced Setup > API. Click Add Key in the lower left. Paste the Customer Key provided by your developer or vendor and ensure the Enabled checkbox is checked.
2. Making the Request
When your application makes a request to https://api.opendental.com/api/v1/, you must include an Authorization header. The format is ODFHIR {DeveloperKey}/{CustomerKey}.
Here is a simple example using JavaScript (Node.js) with the fetch API:
const developerKey = 'YOUR_DEVELOPER_KEY';
const customerKey = 'YOUR_CUSTOMER_KEY';
const authString = Buffer.from(`${developerKey}/${customerKey}`).toString('base64');
fetch('https://api.opendental.com/api/v1/patients', {
method: 'GET',
headers: {
'Authorization': `ODFHIR ${developerKey}/${customerKey}`,
'Content-Type': 'application/json'
}
})
.then(response => response.json())
.then(data => console.log(data))
.catch(error => console.error('Error:', error));
Common Errors
If your connection fails, check these common error codes:
- 401 Unauthorized: This almost always means your keys are incorrect or have not been enabled in the Setup > Advanced Setup > API window. Double-check that the Customer Key is active.
- 400 Bad Request: This often indicates that the eConnector is not running, or there is a mismatch between the requested data format and the API requirements.
- 504 Gateway Time-out: The request took longer than 60 seconds to process. This can happen if you are querying a massive amount of data at once.
Limitations
It is important to understand the boundaries of the API:
- Rate Limits: To maintain system stability, requests are throttled. If you possess specific API permissions, this limit is typically one request per second.
- Data Restrictions: The API is designed for specific resources (like Patients, Appointments, or Procedures). You cannot run arbitrary SQL commands to modify the database directly; you must use the provided API endpoints.
- Security: Always ensure you have a Business Associate Agreement (BAA) in place with any third-party developer accessing your data, as they will be handling Protected Health Information (PHI).
Don't want to build your own dashboard? DentalCanvas already connects to your Open Dental data and shows you everything in a visual interface.
This article is provided by opendentalsupport.com, an independent community resource. We are not affiliated with Open Dental Software, Inc.