This wiki has undergone a migration to Confluence found Here

Difference between revisions of "201709 Consumer Centered Data Exchange Implementation Notes for test.fhir.org"

From HL7Wiki
Jump to navigation Jump to search
Line 1: Line 1:
= Acquiring the JWT =
+
= Using test.fhir.org as the target EHR =
  
you get the JWT (to use test.fhir.org as the target) by:
+
e.g information flows from another server to test.fhir.org
 +
 
 +
Sequence of steps:
 +
# get the test.fhir.org JWT
 +
# authorize the JWT on the other server
 +
# Ask test.fhir.org to start copying data
 +
# find out how copying data is going
 +
# stop copying data
 +
 
 +
== Acquiring test.fhir.org's JWT ==
 +
 
 +
you get the JWT by:
  
 
   GET http://test.fhir.org/r3/$jwt?source=[uri]
 
   GET http://test.fhir.org/r3/$jwt?source=[uri]
Line 13: Line 24:
 
(note that some browsers don't like this content type in the return body)
 
(note that some browsers don't like this content type in the return body)
  
= Consent =
+
= Using test.fhir.org as the source EHR =
  
Use this consent resource as the base for authorization (post it to the server):
+
Sequence of steps:
 +
# set up consent on test.fhir.org JWT
 +
 
 +
== Consent ==
 +
 
 +
Use this consent resource as the base for authorization (post it to the server, record the id that the server assigns):
  
 
  <Consent xmlns="http://hl7.org/fhir">  
 
  <Consent xmlns="http://hl7.org/fhir">  
Line 39: Line 55:
 
  </Consent>
 
  </Consent>
  
= Authorization =
+
Notes:
 +
* you can change the patient but it must be a patient that exists on the server. If you logged via smart on fhir, and you chose a particular patient during the login, the consent must refer to that patient.
 +
* you can use json instead if you want
 +
 
 +
== Authorization ==
  
 
This is what you post to the server as a body to the $authorize routine (this time in json):
 
This is what you post to the server as a body to the $authorize routine (this time in json):
 +
 +
POST http://test.fhir.org/r3/Consent[id]/$authorize
  
 
  {
 
  {
Line 54: Line 76:
 
   }, {
 
   }, {
 
     "name" : "jwt",
 
     "name" : "jwt",
     "valueString" : "{your packed JWT}"
+
     "valueString" : "{packed JWT from the target server}"
 
   }   
 
   }   
 
   ]
 
   ]
 
  }
 
  }

Revision as of 06:18, 3 August 2017

Using test.fhir.org as the target EHR

e.g information flows from another server to test.fhir.org

Sequence of steps:

  1. get the test.fhir.org JWT
  2. authorize the JWT on the other server
  3. Ask test.fhir.org to start copying data
  4. find out how copying data is going
  5. stop copying data

Acquiring test.fhir.org's JWT

you get the JWT by:

 GET http://test.fhir.org/r3/$jwt?source=[uri]

Where [uri] is the address of the source system. Source is a mandatory parameter, though it does not make any difference to test.fhir.org

this returns a 200 OK with a body content type of application/jwt:

 eyJhbGciIDogIlJTMjU2Iiwia2lkIiA6ICIvYXV0aF9rZXkiLCJ0eXAiIDogIkpXVCJ9.eyJleHAiIDogMTUwMTg2MzE3MCwiaWF0IiA6ICIxNTAxNzc2NzcwIiwiaXNzIiA6ICJsb2NhbC5maGlyLm9yZyIsInN1YiIgOiAibG9jYWwuZmhpci5vcmcifQ.RWhQyMf1Cr90kn1RtjV-BGAbi1lWobE0RQWTwYl_mBMcB8v4hpUzcjlay3miPRBrzxGYxhr0RPecv8zkk5KiGk_8VrVxqk21YGKjKoqXdi9fGkLuc4vw_sj_Nt6vDS3zdEyIYLMVELvu74Vemt2p16brQ-xKpJ-1PdUF8EVYI3n5r_b6xH6HcP9xgmSun38yDC-KbkfBYatdwZsVrnd2-VrOHBM-E8P44fu9-GQNyirvdD6rdpQQGtfcDyf4G940AJfW9WHUWLlWTyQ0uhYn1DD46Pc5wMqzHcja43u5O7r7g5oWxZ9Iiidq9tUV8UaGp_h2ejzdUds9uVA7Hd3VyVSBVUmIN-3oVH31-6o_MCKqeKOwB-Y9qFsN_8MTf77HS1xHXLeC4VPyKdk0rmb-v49b6_3DwI7SXLwYJu19kkqVWywHam-6_qaowB-8emdk-iE1QX9DXjna81CLGyFdsOPZ7kQEWlZrgsz7RmvLxrrJ0b8os8aqCW-3i7UDqUFIKXnvKwFPfsf7RMp_ruvxyyfIIcaI0T9RjZicME2-JBC3EoRTzAXkG9htX1KDe9vH3fcSTcjiCQ75gcGkKZWWDaN-6SV4itzoiFm0Re99E4mWmkQVj289y6jRAOercvioygyvUbgQ4rpLbZv1i2A5orx0Ze-6opc9Z1hGAQLcLn0

(note that some browsers don't like this content type in the return body)

Using test.fhir.org as the source EHR

Sequence of steps:

  1. set up consent on test.fhir.org JWT

Consent

Use this consent resource as the base for authorization (post it to the server, record the id that the server assigns):

<Consent xmlns="http://hl7.org/fhir"> 
  <id value="1"/>
 <status value="active"/>
 <patient>
   <reference value="Patient/example"/>
 </patient>
 <policyRule value="http://hl7.org/fhir/ConsentDefinition/simple-oauth"/>  
 <except>  
   <type value="permit"/>
   <action>
     <coding>
       <system value="http://hl7.org/fhir/consentaction"/>
       
     </coding>
   </action>
   <class>
     <system value="http://smarthealthit.org/fhir/scopes"/>
      
   </class>
 </except> 
</Consent>

Notes:

  • you can change the patient but it must be a patient that exists on the server. If you logged via smart on fhir, and you chose a particular patient during the login, the consent must refer to that patient.
  • you can use json instead if you want

Authorization

This is what you post to the server as a body to the $authorize routine (this time in json):

POST http://test.fhir.org/r3/Consent[id]/$authorize
{
 "resourceType" : "Parameters",
 "parameter" : [{
    "name" : "duration",
    "valueDuration" : {
      "value" : "3",
      "system" : "http://unitsofmeasure.org",
      "code" : "mo"
    }
  }, {
    "name" : "jwt",
    "valueString" : "{packed JWT from the target server}"
  }  
 ]
}