eMedsys EHR FHIR API Documentation

FHIR API Table of Contents

Overview

The eMedsys EHR FHIR API is a Rest API conforming to the R4 specification and the US Core 3.1 Implementation Guide (IG).

Terms of Use

Click here to see eMedsys EHR FHIR API Terms of Use.

Prerequisite

In order for a practice to begin using the eMedsys EHR FHIR API the practice must enable the option flag ‘Enable eMedsys EHR FHIR’ in Admin > Global Settings.

Authentication

eMedsys EHR uses OAuth to authenticate the end client according to the HL7 SMART-On-FHIR Implementation Guide.

FHIR API Documentation

The eMedsys EHR FHIR is documented using Swagger. The various functions, success messages and error messages are set forth in the swagger documentation.

Sample Error Responses

Error: 400

Invalid Request — wrong data sent to the API

Error: 403

Unauthorized Access — invalid authorization header

Error: 500

Underlying service fault


Capability Statement

GET fhir/metadata ( https://fhir.trimed.cloud/metadata )

This will return the Capability Statement. This will be returned in a JSON response.

Service based URL

The main service base endpoint for eMedsys EHR FHIR API is: ( https://fhir.trimed.cloud )

Well Defined Configuration

GET fhir/metadata ( https://fhir.trimed.cloud/.well-known/smart-configuration )

This well defined configuration page for the eMedsys EHR FHIR can be found at the page listed above. This will be returned in a JSON response.

3rd Party SMART Apps

eMedsys EHR supports the ability for 3rd party apps who implement the SMART on FHIR App Launch Implementation Guide 1.1.0 context.

3rd party Apps using the confidential app profile must be authorized by the Practice. Access Tokens issued to 3rd party apps are only valid for one hour and must be renewed with a refresh token which is valid for three months. Refresh tokens are only issued if the offline_access scope is authorized by the eMedsys EHR user authenticating with eMedsys EHR through their 3rd party app.

For a patient to have access to their patient data via a 3rd party app they must have api credentials generated by their practice from the patient chart (by an EHR user).

Native Applications

Interoperability requirements with eMedsys EHR for Native Applications

Revoking Clients, Users, Access Tokens, Refresh Tokens

Revoking Clients/Tokens

The practice can revoke all access privileges and open tokens within the patient chart in the eMedsys EHR.