Skip to main content

Overview

This guide explains how to implement automatic token refresh for the Suki Web SDK.

Authentication & Token Exchange

The Suki Platform uses a token exchange mechanism to securely authenticate and authorize your access to the SDK. Refer to Partner Authentication guide for more information. When you initialize the SDK, you must provide a partnerToken (which you receive from the EHR system). The SDK exchanges this partnerToken with the Suki Platform to get an SDP access token. All subsequent API calls use this SDP access token for authorization.

Automatic Token Refresh

The SDK automatically handles SDP token refreshes to ensure you have uninterrupted access to Suki services. It monitors the token’s expiration time and refreshes it in the background before it expires. This process is fully automatic and uses the partnerToken you provided during initialization.

Constraints

Important:
  • For the automatic refresh to succeed, the partnerToken you provided must still be valid at the time of the refresh. If your partnerToken expires, the SDK cannot get a new SDP access token, and API calls will fail.
  • You can update the partnerToken at runtime by calling the setPartnerToken method and no re-authentication is required.

Example

Here’s how to update the token at runtime:
  • JavaScript
  • React
JavaScript
// whenever the access token is refreshed, call `setPartnerToken` with the new token
sdkClient.setPartnerToken("new-partner-token");

Next Steps

Refer to Telehealth guide to learn more about how suki manages telehealth sessions.