Identifying yourself

All requests require:

  • Authentication API key using the authorization header as a bearer token;
  • An Application identifier unique to each integrated software partner, as set in x-appid header; and
  • An Application version nominated by each integrated software partner, as set in x-appVer header.

Identify your application by passing through your application ID as the x-appid header, and application version as the x-appver header for all API requests.

Your application ID must be registered with Tyro Health. Contact healthpartnerships@tyro.com to apply for your application ID.

You can choose any value for x-appver and it can change between your software releases. This value is used to assist with help requests and debugging.

Authentication

Using an API key, authenticate your requests by including it in the HTTP authorization header as a bearer token.

The API key set in the authorization header is unique to each activated business in Tyro Health. The business can encompass one or more practice locations and one or more named providers. A business can obtain their API key via the Tyro Health Online provider portal -> Business settings -> API Keys -> Generate API Key. Note that the API key must be generated by a user with Business Admin level authority as indicated in the Tyro Health Online provider portal.

This API key carries many privileges and should remain secret and should never be exposed to end users or on client-side code. An API key grants access to perform privileged operations on your resources. Never send in clear text and restrict access to this key.

2025 Copyright © Tyro Health and Tyro Payments 2025. All right reserved.