# eRx Tokens eRx API tokens are credentials that allow Welkin to authenticate with the DrFirst Rcopia platform on your organization's behalf. This page explains what tokens are used for and how to obtain or rotate them. ## What are eRx tokens? DrFirst uses token-based authentication to secure API calls between Welkin and Rcopia. There are two types: * **Organization token** – Authenticates your Welkin environment to DrFirst. This is entered once in the Admin portal during setup. * **Prescriber session tokens** – Short-lived tokens generated per session for each prescriber login. These are handled automatically by Welkin and do not require manual management. ## Obtaining your organization token Your organization token is provided by DrFirst during the onboarding process. If you did not receive it or need a replacement: 1. Contact your DrFirst account representative or DrFirst support 2. Request an API token for your Rcopia organization 3. Specify whether you need a **sandbox** token (for testing) or **production** token (for live use) DrFirst will send the token securely. Treat it like a password – do not share it in email or chat. ## Entering the token in Welkin 1. Log in to the Welkin Admin portal 2. Navigate to **Integrations → DrFirst eRx** 3. Paste the token into the **API Token** field 4. Click **Save and Test Connection** 5. Confirm the status shows **Connected** ## Rotating tokens Tokens should be rotated if: * A token is suspected to be compromised * A key team member with token access leaves the organization * DrFirst notifies you of a scheduled token rotation To rotate: request a new token from DrFirst, enter it in the Admin portal, confirm the connection is working, then discard the old token. ## Token security best practices * Store tokens in a password manager or secrets vault, not in spreadsheets or email * Limit Admin portal access to staff who need to manage integrations * Enable the Welkin [Security Audit](https://github.com/welkincloud-io/welkin-docs/blob/master/kb/admin/security-audit.md) log to track when integration settings are changed * Rotate tokens at least annually or whenever personnel with access changes ## Sandbox vs. production tokens Keep sandbox and production tokens separate. Using a production token in a test environment (or vice versa) will result in authentication errors or test prescriptions being sent to live pharmacies. Label tokens clearly in your password manager. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.welkinhealth.com/integrations/drfirst-erx/erx-tokens.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.