Pass Inferno tests with Smartbox
This article will guide you through passing ONC Certification (g)(10) Standardized API on Inferno framework.
The article has be reviewed for next Inferno framework v0.3.12 and test suite
ONC Certification (g)(10) Standardized API v3.2.0
US Core 3.1.1 / USCDI v1, SMART App Launch 1.0.0, Bulk Data 1.0.1
Prerequisites
Once you have your Smartbox instance up and running you need to register a FHIR server by creating Tenant resource and upload necessary resources for Inferno.
Patient record with all USCDIv1 data elements in us-core format,
User resource, associated with the patient record
Client resource for smart launch flows
Client resource for bulk api
Create Tenant
Patient record
Demo patient record with all USCDI elements for Inferno test is available on Google Storage and maintained by Health Samurai team. You can upload with /$load
endpoint:
It contains at least two patients test-pt-1
and test-pt-2
. Second patient will be required for Multi-Patient API test.
Let's created then User resource for test-pt-1
:
Now you can login to My Clinic patient portal with example@mail.com / password
.
Client resources
In the requests below the simples way of adding Clients is shown. In some cases it's important to create Client resources without predefined secret
and id
(see that article for more details).
inferno-confidential-patient-smart-app
inferno-my-clinic-bulk-client
inferno-public-patient-smart-app
Create Inferno test session
Create Inferno test session by following the link https://inferno.healthit.gov/onc-certification-g10-test-kit.
To pass the
EHR Practitioner App
inferno sequence see the guide How-to perform EHR launchSee How-to revoke granted access to pass the
Token Revocation
Inferno test
Run all Inferno tests
Press the Run all tests
button then provide require parameters for the tests:
FHIR Endpoint:
[aidbox-url]/tenant/my-clinic/patient/smart-api
Standalone Client ID:
inferno-confidential-patient-smart-app
Standalone Client Secret:
inferno-confidential-patient-smart-app-secret
EHR Launch Client ID:
inferno-confidential-patient-smart-app
EHR Launch Client Secret:
inferno-confidential-patient-smart-app-secret
Bulk Data FHIR URL:
[aidbox-url]/tenant/my-clinic/bulk-api
Backend Services Token Endpoint:
[aidbox-url]/auth/token
Bulk Data Client ID:
inferno-my-clinic-bulk-client
Encryption method
RS384
Group ID:
test-group-1
Patient IDs in exported Group:
test-pt-1,test-pt-2
Public Launch Client ID:
inferno-public-patient-smart-app
EHR Launch Client ID:
inferno-confidential-patient-smart-app
EHR Launch Client Secret:
inferno-confidential-patient-smart-app-secret
Once you run all tests, follow Inferno instructions.
Run Inferno tests one by one
1 Standalone Patient App - Full Access
Click the
Standalone Patient App
link in the left sidebarClick the
Run tests
buttonProvide require parameters for tests
FHIR Endpoint:
[aidbox-url]/tenant/my-clinic/patient/smart-api
Standalone Client ID:
inferno-confidential-patient-smart-app
Standalone Client Secret:
inferno-confidential-patient-smart-app-secret
Click the
Submit
button
Once you run tests, follow the Inferno instructions.
2 Standalone Patient App - Limited Access
This test depends on the Standalone Patient App
test. Pass the first sequence then continue that one
Click the
2 Limited Access App
link in the left sidebarClick the
Run tests
buttonClick the
Submit
button
Once you run tests, follow the Inferno instructions.
By default the test expects to not get accees to all the resources but Patient
, Condition
, Observation
.
To pass the test you should:
Uncheck all the resources but those ones on the Consent screen
Keep following checkboxes checked
Launch Patient
,Open ID
,FHIR User
andOffline Access
3 EHR Practitioner App
Click the
EHR Practitioner App
link in the left sidebarClick the
Run tests
buttonProvide require parameters for tests
FHIR Endpoint:
[aidbox-url]/tenant/my-clinic/patient/smart-api
EHR Launch Client ID:
inferno-confidential-patient-smart-app
EHR Launch Client Secret:
inferno-confidential-patient-smart-app-secret
Click the
Submit
buttonOpen the patient portal UI
[aidbox-url]/tenant/my-clinic/patient/portal
Login to the portal using credentials we created before
example@mail.com / password
Find the
inferno-confidential-patient-smart-app
applicationClick the
Launch
button
Once you perform EHR launch, follow the Inferno instructions.
4 Single Patient API
This test depends on the Standalone Patient App
test. Pass the first sequence then continue that one
Click the
4 Single Patient API
link in the left sidebarClick the
Run tests
buttonClick the
Submit
button
Once you run tests, follow the Inferno instructions.
7 Multi-Patient Authorization and API
Click the
7 Multi-Patient API
link in the left sidebarClick the
Run tests
buttonProvide require parameters for tests
Bulk Data FHIR URL:
[aidbox-url]/tenant/my-clinic/bulk-api
Backend Services Token Endpoint:
[aidbox-url]/auth/token
Bulk Data Client ID:
inferno-my-clinic-bulk-client
Encryption method
RS384
Group ID:
test-group-1
Patient IDs in exported Group:
test-pt-1,test-pt-2
Click the
Submit
button
9.1 Public Client Standalone Launch with OpenID Connect
Click the
9.1 SMART Public Client Launch
link in the left sidebarClick the
Run tests
buttonProvide require parameters for tests
Bulk Data FHIR URL:
[aidbox-url]/tenant/my-clinic/patient/smart-api
Public Launch Client ID:
inferno-public-patient-smart-app
OAuth 2.0 Authorize Endpoint:
[aidbox-url]/tenant/my-clinic/patient/auth/authorize
OAuth 2.0 Token Endpoint:
[aidbox-url]/auth/token
Click the
Submit
button
9.3 Token Revocation
This test depends on the Standalone Patient App
test. Pass the first sequence then continue that one
Before you launch the test you should:
Open the patient portal UI
[aidbox-url]/tenant/my-clinic/patient/portal
Login to the portal using credentials we created before
example@mail.com / password
Find the
inferno-confidential-patient-smart-app
Click the
Revoke access
button
Click the
9.3 Token Revocation
link in the left sidebarClick the
Run tests
buttonProvide require parameters for tests
Prior to executing test, Health IT developer demonstrated revoking tokens provided during patient standalone launch.:
Yes
Keep other parameters unchanged
Wait up to 30 seconds
Click the
Submit
button
9.4 SMART App Launch Error: Invalid AUD Parameter
Click the
9.4 SMART Invalid AUD Launch
link in the left sidebarClick the
Run tests
buttonProvide require parameters for tests
FHIR Endpoint:
[aidbox-url]/tenant/my-clinic/patient/smart-api
Standalone Client ID:
inferno-confidential-patient-smart-app
Standalone Client Secret:
inferno-confidential-patient-smart-app-secret
OAuth 2.0 Authorize Endpoint:
[aidbox-url]/tenant/my-clinic/patient/auth/authorize
Click the
Submit
buttonClick the
Perform Invalid Launch
link
9.5 SMART App Launch Error: Invalid Access Token Request
Click the
9.5 SMART Invalid Token Request
link in the left sidebarClick the
Run tests
buttonProvide require parameters for tests
FHIR Endpoint:
[aidbox-url]/tenant/my-clinic/patient/smart-api
Standalone Client ID:
inferno-confidential-patient-smart-app
Standalone Client Secret:
inferno-confidential-patient-smart-app-secret
OAuth 2.0 Authorize Endpoint:
[aidbox-url]/tenant/my-clinic/patient/auth/authorize
OAuth 2.0 Token Endpoint:
[aidbox-url]/auth/token
Click the
Submit
buttonClick the
Follow this link to authorize with the SMART server
linkPress the
Allow
button on the consent screen
9.8 EHR Launch with Patient Scopes
Click the
9.8 EHR Launch with Patient Scopes
link in the left sidebarClick the
Run tests
buttonProvide require parameters for tests
EHR launch FHIR Endpoint:
[aidbox-url]/tenant/my-clinic/patient/smart-api
EHR Launch Client ID:
inferno-confidential-patient-smart-app
EHR Launch Client Secret:
inferno-confidential-patient-smart-app-secret
OAuth 2.0 Authorize Endpoint:
[aidbox-url]/tenant/my-clinic/patient/auth/authorize
OAuth 2.0 Token Endpoint:
[aidbox-url]/auth/token
Click the
Submit
buttonOpen the patient portal UI
[aidbox-url]/tenant/my-clinic/patient/portal
Login to the portal using credentials we created before
example@mail.com / password
Find the
inferno-confidential-patient-smart-app
applicationClick the
Launch
buttonClick the
Follow this link to authorize with the SMART server
linkPress the
Allow
button on the consent screen
9.10 Visual Inspection and Attestation
To pass the visual inspection see the Pass Inferno Visual Inspection and Attestation guide.
Last updated