Process Overview


Veradigm innovators have been working side by side with HL7® since 2015 to advance adoption of the FHIR® standard.


The Veradigm FHIR API R4 release is our third FHIR API. We released our first in 2017 to support the MU3 requirement for a patient-facing API based on an open standard, and then soon after we released an R3 (STU3) version for UK clients. Our developers participate in the Argonaut Project and the Da Vinci Project, as well as HL7 FHIR Accelerator Program projects like FHIR at Scale Taskforce (FAST). We also participate in HL7 working groups and HL7 FHIR Connectathons to help advance the maturity and adoption of FHIR domestically and internationally.


Join us on this exciting journey. Review our terms of use and documentation to begin developing your FHIR integration.


When you register your developer account, accept the User Agreement and provide a valid email address. You’ll receive credentials that you can use to register your applications. If you have questions, reach out to VeradigmConnect@veradigm.com.


Note: The FHIR documentation on this portal applies to the Veradigm FHIR API. For information on Paragon Open API, go here.


Veradigm Developer Portal Sign-up

Sign up as an Veradigm Developer Program Member at https://developer.veradigm.com/. Veradigm FHIR-enabled APIs are included with each level of partnership. Check out our membership benefits table to learn more about our different levels here.

  1. Click Sign Up.
  2. Complete the required information.
  3. Review the user agreement.
  4. Confirm you are not a robot.
  5. Click I Accept.

Register FHIR Application

Register your FHIR application to connect to clients and begin testing.

  1. On the Veradigm Developer Program portal, go to the My Dashboard page.
  2. On the My FHIR Applications tile, click + to a new application. Note: If there is already a version of the application for DSTU2, you do not need to create a new application.
  3. On the FHIR App page, complete the following information:
    • App Name: Indicates the application name. Please make sure to enter an App Name that clearly identifies your company and product. This label will appear in our client's license management portal to determine whether they choose to license your application.
    • App Type (optional): Indicates the primary audience for the application. Select Patient, Provider, or System. The App type impacts how the client views your application within their license management portal. It is important to identify the app type accurately.
      • Patient: The app's intended audience is patients.
      • Provider: The app's intended audience is physicians and healthcare providers.
      • System: The app's intended audience is an external system, not a physician or provider. For example, an insurance company.
    • App Description: Indicates a detailed description of how and why the application is used.
    • Additional info link: Indicates a link to more information on the application. For example, the partner's marketing website.
    • Jwks URL: Indicates the URL for backend authentication access tokens. The JSON Web Key Set (JWKS) is a set of keys containing the public keys that should be used to verify any JSON Web Token (JWT) that is issued by an authorization server. This is required for bulk data requests. If the application will not be making bulk data requests, you can leave this blank.
    • Redirect URLs: Indicates up to five redirect URLs. Include redirect_uri urn:ietf:wg:oauth:2.0:oob for desktop applications; if you are developing a web client, use a URL pointing back to your website.
    • Client Type: Indicate if this is a Confidential Client (trusted) or a Public Client (not trusted).
    • App Type: Indicate if this is a Native App (desktop) or a Web App (mobile).
  4. There is no need to indicate if this is a test or production application under Licensing Information. Once clients have licensed the application, the portal displays a list of organizations that have authorized the R4 application to connect to their environments.
  5. Click Save. The portal generates and displays the following information, collectively referred to as OAuth/FHIR Credentials:
    • Client ID
    • Secret
    • Secret Expiration Date
  6. Click OK.

Licensing Information

On the FHIR App page, the Licensing Information section was expanded to include both FHIR R2 (DSTU2) and R4 applications. Applications that use the Veradigm FHIR R4 API must be explicitly licensed for individual client sites. The list of previously configured client sites for the selected application displays.


Note: An application can be licensed for both R2 and R4. You do not need to configure a new application in the Veradigm Developer Portal if the application was already licensed for R2. However, you will need to configure the specific client sites using the R4 version of the application.

Testing

You can use most API test utilities to test your FHIR application. The Veradigm FHIR API team uses Postman, and the steps below provide a summary of that process.

  1. Launch Postman.
  2. Create a new collection. Click New, and then click Collection. Enter the required information, and then click Save.
  3. Create a new request. Click New, and then click Request. Enter the required information, and then click Save to. Postman displays an "empty" request.
  4. Select the Authorization tab, and then in Type, select OAuth 2.0.
  5. Click Get New Access Token.
  6. On the Get New Access Token panel, enter detailed information about your application, as well as the selected sandbox's authorization URL and token URL.
  7. Click Request Token.
  8. Enter the provider credentials for the selected sandbox, and then click Login.
  9. Review the application access permissions, and then click Yes, Allow.
  10. Postman displays the token. Click Use Token.
  11. In Enter request URL, copy and paste the base FHIR URL (such as https://scmlatestdev.open.allscripts.com/FHIR for the selected sandbox.)
  12. Click Send.

If you encounter the error The client application is not known or is not authorized during testing, try one of the following:

  • Confirm the FHIR application credentials have not expired.
  • Verify the FHIR application is set as Production.
  • Establish that there is no redirect URI mismatch between the Veradigm Developer portal and the application's configuration.