Skip to content

Latest commit

Β 

History

History
397 lines (310 loc) Β· 13.8 KB

File metadata and controls

397 lines (310 loc) Β· 13.8 KB

OpenEMR REST API Documentation

πŸ“š Complete documentation has moved to Documentation/api/

This project provides comprehensive REST and FHIR APIs for OpenEMR, supporting:

  • FHIR R4 - Full FHIR Release 4 implementation
  • US Core 8.0 - US healthcare compliance
  • SMART on FHIR v2.2.0 - Advanced app integration
  • OAuth 2.0 / OpenID Connect - Secure authentication
  • Bulk Data Export - Population health analytics

πŸš€ Quick Start

1. Enable the API

Administration β†’ Config β†’ Connectors

  • β˜‘ Enable OpenEMR Standard REST API
  • β˜‘ Enable OpenEMR Standard FHIR REST API

2. Configure SSL

Set your base URL at: Administration β†’ Config β†’ Connectors β†’ Site Address (required for OAuth2 and FHIR)

3. Register Your Application

curl -X POST https://localhost:9300/oauth2/default/registration \
  -H 'Content-Type: application/json' \
  --data '{
    "client_name": "My App",
    "redirect_uris": ["https://myapp.example.com/callback"],
    "scope": "openid api:fhir patient/Patient.rs patient/Observation.rs"
  }'

4. Make Your First Request

curl -X GET 'https://localhost:9300/apis/default/fhir/Patient' \
  -H 'Authorization: Bearer YOUR_ACCESS_TOKEN'

πŸ“– Documentation

Core Documentation

🎯 Common Tasks

Authenticate Your Application

β†’ Authorization Code Grant

Understand Scopes

β†’ Scopes Reference

Access Patient Data

β†’ FHIR Patient Resource

Integrate a SMART App

β†’ SMART Registration

Launch Apps from EHR

β†’ EHR Launch Flow

Export Bulk Data

β†’ Bulk FHIR Exports

Generate Care Documents (CCD)

β†’ DocumentReference $docref

✨ What's New in SMART v2.2.0

Enhanced Security & Permissions

Enhanced Context & Discovery

New FHIR Resources

See complete resource list in FHIR API Documentation

πŸ“š API Endpoints

FHIR API (FHIR R4)

https://localhost:9300/apis/default/fhir

β†’ Full FHIR Documentation

Key Endpoints:

  • GET /fhir/metadata - Capability statement (no auth required)
  • GET /fhir/Patient - Patient search
  • GET /fhir/Observation?patient=123 - Patient observations
  • POST /fhir/DocumentReference/$docref - Generate CCD
  • GET /fhir/$export - Bulk data export

Standard API (OpenEMR REST)

https://localhost:9300/apis/default/api

β†’ Full Standard API Documentation

Key Endpoints:

  • GET /api/patient - List patients
  • GET /api/patient/123 - Get patient details
  • GET /api/patient/123/encounter - Patient encounters
  • POST /api/patient - Create patient

Patient Portal API (Experimental)

https://localhost:9300/apis/default/portal

β†’ Portal API Documentation

πŸ”’ Security & Compliance

Required Security Measures

  • βœ… HTTPS/TLS Required - All API communication must be encrypted
  • βœ… OAuth 2.0 - Industry-standard authorization
  • βœ… Granular Scopes - Principle of least privilege
  • βœ… PKCE for Public Apps - Enhanced security for native/browser apps
  • βœ… Token Validation - Introspection support

Standards Compliance

  • βœ… HIPAA - Protected health information safeguards
  • βœ… ONC Cures Update - Information blocking compliance
  • βœ… FHIR R4 - HL7 FHIR Release 4
  • βœ… US Core 8.0 - US healthcare requirements
  • βœ… SMART v2.2.0 - App launch framework

β†’ Security Best Practices

πŸ§ͺ Testing & Development

Interactive Testing

Test endpoints interactively with Swagger UI:

https://your-openemr-install/swagger/

Online Demos

Try the API on live demo instances:

Configure Swagger OAuth

When testing with Swagger, set your client's redirect URI to:

<OpenEMR base URI>/swagger/oauth2-redirect.html

🌐 Multisite Support

OpenEMR supports multiple sites with site-specific endpoints:

Default site:

https://localhost:9300/apis/default/fhir
https://localhost:9300/apis/default/api

Alternate site:

https://localhost:9300/apis/alternate/fhir
https://localhost:9300/apis/alternate/api

β†’ Multisite Documentation

πŸ“‹ Scope Examples

Patient-Facing App (Vital Signs Tracker)

openid
offline_access
patient/Patient.rs
patient/Observation.rs?category=http://terminology.hl7.org/CodeSystem/observation-category|vital-signs

Provider App (Clinical Documentation)

openid
fhirUser
launch
launch/patient
launch/encounter
user/Patient.rs
user/Encounter.cruds
user/Observation.crs
user/DocumentReference.crs

Backend Service (Analytics)

system/Patient.$export
system/*.$bulkdata-status
system/Binary.read

β†’ Complete Scope Reference

πŸ†˜ Support & Resources

Documentation

Community

Standards & Specifications

πŸ”„ Migration from Previous Versions

V1 to V2 Scope Migration

V1 Scopes (Deprecated but supported):

patient/Patient.read
patient/Observation.read

V2 Scopes (Recommended):

patient/Patient.rs
patient/Observation.rs

Mapping:

  • .read β†’ .rs (read + search)
  • .write β†’ .cud (create + update + delete)

β†’ V1 Compatibility Guide

πŸ“ Example Code

JavaScript/Node.js

// Fetch patient data
const response = await fetch('https://localhost:9300/apis/default/fhir/Patient/123', {
  headers: {
    'Authorization': `Bearer ${accessToken}`,
    'Accept': 'application/fhir+json'
  }
});

const patient = await response.json();
console.log(`Patient: ${patient.name[0].given[0]} ${patient.name[0].family}`);

Python

import requests

# Fetch observations
response = requests.get(
    'https://localhost:9300/apis/default/fhir/Observation',
    headers={
        'Authorization': f'Bearer {access_token}',
        'Accept': 'application/fhir+json'
    },
    params={'patient': '123', 'category': 'vital-signs'}
)

observations = response.json()

cURL

# Get patient medications
curl -X GET 'https://localhost:9300/apis/default/fhir/MedicationRequest?patient=123' \
  -H 'Authorization: Bearer YOUR_TOKEN' \
  -H 'Accept: application/fhir+json'

β†’ More Examples

πŸ—οΈ For Developers

Internal API Usage

Extending the API

Architecture

Request β†’ Authentication β†’ Authorization β†’ Controller β†’ Service β†’ Database
                                              ↓
Response ← JSON Formatting ← Validation ← Processing

β†’ Developer Guide

πŸ“Š API Coverage

FHIR Resources (30+)

βœ… Patient, Practitioner, Organization, Location βœ… Observation, Condition, Procedure, AllergyIntolerance βœ… MedicationRequest, MedicationDispense, Immunization βœ… Encounter, Appointment, CarePlan, CareTeam βœ… DiagnosticReport, ServiceRequest, Specimen βœ… DocumentReference, Binary, Provenance βœ… Goal, Device, Coverage, RelatedPerson

β†’ Complete Resource List

Operations

βœ… Read, Search, Create, Update, Delete (per resource) βœ… Bulk Export ($export) βœ… CCD Generation ($docref) βœ… Token Introspection βœ… Capability Statement

πŸŽ“ Tutorials

Getting Started

  1. Register Your First App
  2. Obtain an Access Token
  3. Make Your First API Call
  4. Handle Token Refresh

Advanced Topics

  1. Implement EHR Launch
  2. Use Granular Scopes
  3. Export Bulk Data
  4. Generate Clinical Documents

πŸ“œ License

OpenEMR is licensed under GPL v3.

API integrations must comply with:

  • HIPAA requirements
  • State/federal healthcare regulations
  • OpenEMR license terms

πŸ”— Quick Links

Topic Documentation
Authentication AUTHENTICATION.md
Scopes & Permissions AUTHORIZATION.md
FHIR Endpoints FHIR_API.md
SMART Apps SMART_ON_FHIR.md
Standard API STANDARD_API.md
Development DEVELOPER_GUIDE.md

Documentation Attribution

Authorship

This documentation represents the collective knowledge and contributions of the OpenEMR open-source community. The content is based on:

  • Original documentation by OpenEMR developers and contributors
  • Technical specifications from the OpenEMR codebase
  • Community feedback and real-world implementation experience

AI Assistance

The organization, structure, and presentation of this documentation was enhanced using Claude AI (Anthropic) to:

  • Reorganize content into a more accessible modular structure
  • Add comprehensive examples and use cases
  • Improve navigation and cross-referencing
  • Enhance clarity and consistency across documents

All technical accuracy is maintained from the original community-authored documentation.

Contributing

OpenEMR is an open-source project. To contribute to this documentation:

Last Updated: November 2025 License: GPL v3