Most use the athenahealth API to exchange data between athenaNet and their cloud application. This allows for “global” integrations where the Partner serves many athenahealth Clients over a single API Key that is stored in a single location.
In some cases, Partners have API integration needs for applications installed on multiple local devices, client-hosted networks, or remotely-hosted networks (e.g. imaging modalities across 4 separate health systems). The diagram below details an example architecture that utilizes a cloud-based key server to manage athenahealth API credentials and authentication and route communications to the local networks it supports. The key point is that it is not considered safe to store API Credentials in multiple locations, regardless of security or encryption.