Aidbox configuration
API
Profiling and validation
Terminology
FHIR Implementation Guides
App development guides
Security & Access Control
Multibox
Integrations
Tools
Patient Access API
In this tutorial you will learn how to enable Patient Access API (Smart on FHIR) in your Aidbox
Patient Access API enables Smart App to get Patient's healthcare data after Patient provided corresponding consent. Patient Access API is delivered as aidbox-project which can configured within any Aidbox instance.
In order to enable Patient Access API in your Aidbox instance you have to:
- 1.
- 2.Set up patient-access-smart-api sample project. You need to add next env variables and restart your Devbox1AIDBOX_ZEN_ENTRYPOINT=aidbox.patient-access-smart-api.sample2AIDBOX_ZEN_PATHS=url:edn:https://raw.githubusercontent.com/Aidbox/aidbox-project-samples/main/aidbox-project-samples/smart-on-fhir/aidbox/patient-access-smart-api.edn,url:edn:https://raw.githubusercontent.com/Aidbox/aidbox-project-samples/main/aidbox-project-samples/smart-on-fhir/aidbox/patient-access-smart-api/sample.edn,url:zip:https://github.com/zen-lang/fhir/releases/download/0.2.14/hl7-fhir-r4-core.zip,url:zip:https://github.com/zen-lang/fhir/releases/download/0.2.14/hl7-fhir-us-core.zipCopied!aidbox-project is a configuration of Aidbox. It uses zen-lang. You can learn our single-patient-api project and a sample entrypoint. If you are not satisfied with current smart-api distribution you can copy the config and build you own one.
- 3.Create allowing access policy for "/smart" api.1id: patient-access-smart-api2resourceType: AccessPolicy3engine: matcho4matcho:5uri: '#/smart'Copied!
Now you have your Smart on FHIR server.
Patient Access API expects that you have User in your system bound with Patient resources. You can do this by specifying
fhirUser for a User.1
resourceType: User
2
email: [email protected]
3
password: password
4
fhirUser:
5
id: <patient-id>
6
resourceType: Patient
Copied!
Inferno testing
Here you can find steps to pass inferno tests.
- 1.At first, you have to create Client for inferno1# Run this request in REST Console23PUT /Client/inferno-client45id: inferno-client6resourceType: Client7secret: inferno-secret8auth:9authorization_code:10redirect_uri: https://inferno.healthit.gov/inferno/oauth2/static/redirect11refresh_token: true12secret_required: true13access_token_expiration: 3600014grant_types:15- authorization_code16- basicCopied!
- 2.Upload synthetic data1# Run this request in REST Console23POST /fhir/$load45source: https://storage.googleapis.com/aidbox-public/inferno/inferno-community-fixtures.ndjson.gzCopied!
- 3.You should have a user bound with Patient.
- 4.1ngrok http 8888Copied!You will see something like this:
Then copy forwading https connection and update base url env. In my case it'sAIDBOX_BASE_URL=https://4eb9-178-66-82-76.ngrok.io
Now you are ready to run Inferno test.
Pay attention that FHIR base url for Smart on FHIR is [hostname]/smart
After running Standalone Patient App test you should open [host]/auth/grants and revoke the provided access for Inferno client
Inferno starting page
Standalone Patient App test
Limited App test
Other Inferno tests are related to Provider Access API. So, it's out of scope of Patient Access API which we are considering in current tutorial.
Last modified 6mo ago
Copy link
Contents
Inferno testing