1 # OpenEMR REST API Documentation
5 Easy-to-use JSON-based REST API for OpenEMR. All code is done in classes and separate from the view to help with codebase modernization efforts. FHIR is also supported, see FHIR API documentation [here](FHIR_README.md)
9 REST API endpoints are defined in the [primary routes file](_rest_routes.inc.php). The routes file maps an external, addressable
10 endpoint to the OpenEMR controller which handles the request, and also handles the JSON data conversions.
13 "POST /api/patient" => function () {
14 RestConfig::scope_check("user", "patient", "write");
15 RestConfig::authorization_check("patients", "demo");
16 $data = (array) (json_decode(file_get_contents("php://input")));
17 $return = (new PatientRestController())->post($data);
18 RestConfig::apiLog($return, $data);
23 At a high level, the request processing flow consists of the following steps:
26 JSON Request -> Controller Component -> Validation -> Service Component -> Database
29 The logical response flow begins with the database result:
32 Database Result -> Service Component -> Controller Component -> RequestControllerHelper -> JSON Response
35 The [RequestControllerHelper class](./src/RestControllers/RestControllerHelper.php) evaluates the Service Component's
36 result and maps it to a http response code and response payload. Existing APIs should be updated to utilize the
37 `handleProcessingResult` method as it supports the [Validator](./src/Validators/BaseValidator.php) components.
39 The [PatientRestController](./src/RestControllers/PatientRestController.php) may be used as a reference to see how APIs are
40 integrated with `RequestControllerHelper::handleProcessingResult` and the `Validator` components.
42 Finally, APIs which are integrated with the new `handleProcessingResult` method utilize a common response format.
46 "validationErrors": [],
48 "data": < data payload >
52 - `validationErrors` contain "client based" data validation errors
53 - `internalErrors` contain server related errors
54 - `data` is the response payload, represented as an object/`{}` for single results or an array/`[]` for multiple results
58 - [Authorization](API_README.md#authorization)
59 - [Scopes](API_README.md#scopes)
60 - [Registration](API_README.md#registration)
61 - [SMART on FHIR Registration](API_README.md#smart-on-fhir-registration)
62 - [Authorization Code Grant](API_README.md#authorization-code-grant)
63 - [Refresh Token Grant](API_README.md#refresh-token-grant)
64 - [Password Grant](API_README.md#password-grant)
65 - [Logout](API_README.md#logout)
66 - [More Details](API_README.md#more-details)
67 - [Standard API Endpoints](API_README.md#api-endpoints)
68 - [Facility API](API_README.md#post-apifacility)
69 - [Practitioner API](API_README.md#get-apipractitioner)
70 - [Patient API](API_README.md#post-apipatient)
71 - [Immunization API](API_README.md#get-apiimmunization)
72 - [Allergy API](API_README.md#get-apiallergy)
73 - [Procedure API](API_README.md#get-apiprocedure)
74 - [Drug API](API_README.md#get-apidrug)
75 - [Prescription API](API_README.md#get-apiprescription)
76 - [Insurance API](API_README.md#get-apipatientpidinsurance)
77 - [Appointment API](API_README.md#get-apiappointment)
78 - [Document API](API_README.md#get-apipatientpiddocument)
79 - [Message API](API_README.md#post-apipatientpidmessage)
80 - [Portal API Endpoints](API_README.md#portal-Endpoints)
81 - [Patient API](API_README.md#get-portalpatient)
82 - [FHIR API Endpoints](FHIR_README.md#fhir-endpoints)
83 - [FHIR Capability Statement](FHIR_README.md#capability-statement)
84 - [FHIR Patient](FHIR_README.md#patient-resource)
85 - [FHIR Coverage](FHIR_README.md#coverage-resource)
86 - [FHIR Encounter](FHIR_README.md#encounter-resource)
87 - [FHIR Practitioner](FHIR_README.md#practitioner-resource)
88 - [FHIR PractitionerRole](FHIR_README.md#practitionerrole-resource)
89 - [FHIR Immunization](FHIR_README.md#immunization-resource)
90 - [FHIR AllergyIntolerance](FHIR_README.md#allergyintolerance-resource)
91 - [FHIR Organization](FHIR_README.md#organization-resource)
92 - [FHIR Observation](FHIR_README.md#observation-resource)
93 - [FHIR Condition](FHIR_README.md#condition-resource)
94 - [FHIR Procedure](FHIR_README.md#procedure-resource)
95 - [FHIR MedicationRequest](FHIR_README.md#medicationrequest-resource)
96 - [FHIR Medication](FHIR_README.md#medication-resource)
97 - [FHIR Location](FHIR_README.md#location-resource)
98 - [FHIR CareTeam](FHIR_README.md#careTeam-resource)
99 - [FHIR Provenance](FHIR_README.md#Provenance-resources)
100 - [Patient Portal FHIR API Endpoints](FHIR_README.md#patient-portal-fhir-endpoints)
101 - [Patient Portal FHIR Patient](FHIR_README.md#patient-portal-patient-resource)
102 - [Dev notes](API_README.md#dev-notes)
106 Enable the Standard API service (/api/ endpoints) in OpenEMR menu: Administration->Globals->Connectors->"Enable OpenEMR Standard REST API"
108 ### Using API Internally
110 There are several ways to make API calls from an authorized session and maintain security:
112 - See the script at tests/api/InternalApiTest.php for examples of internal API use cases.
114 ### Multisite Support
116 Multisite is supported by including the site in the endpoint. When not using multisite or using the `default` multisite site, then a typical path would look like `apis/default/api/patient`. If you are using multisite and using a site called `alternate`, then the path would look like `apis/alternate/api/patient`.
120 OpenEMR uses OIDC compliant authorization for API. SSL is required and setting baseurl at Administration->Globals->Connectors->'Site Address (required for OAuth2 and FHIR)' is required. The listing of scopes can be found in below Scopes section.
124 This is a listing of scopes:
125 - `api:oemr` (user api which are the /api/ endpoints)
126 - `user/allergy.read`
127 - `user/allergy.write`
128 - `user/appointment.read`
129 - `user/appointment.write`
130 - `user/dental_issue.read`
131 - `user/dental_issue.write`
132 - `user/document.read`
133 - `user/document.write`
135 - `user/encounter.read`
136 - `user/encounter.write`
137 - `user/facility.read`
138 - `user/facility.write`
139 - `user/immunization.read`
140 - `user/insurance.read`
141 - `user/insurance.write`
142 - `user/insurance_company.read`
143 - `user/insurance_company.write`
144 - `user/insurance_type.read`
146 - `user/medical_problem.read`
147 - `user/medical_problem.write`
148 - `user/medication.read`
149 - `user/medication.write`
150 - `user/message.write`
151 - `user/patient.read`
152 - `user/patient.write`
153 - `user/practitioner.read`
154 - `user/practitioner.write`
155 - `user/prescription.read`
156 - `user/procedure.read`
157 - `user/soap_note.read`
158 - `user/soap_note.write`
159 - `user/surgery.read`
160 - `user/surgery.write`
163 - `api:fhir` (user fhir which are the /fhir/ endpoints)
164 - `user/AllergyIntolerance.read`
165 - `user/CareTeam.read`
166 - `user/Condition.read`
167 - `user/Coverage.read`
168 - `user/Encounter.read`
169 - `user/Immunization.read`
170 - `user/Location.read`
171 - `user/Medication.read`
172 - `user/MedicationRequest.read`
173 - `user/Observation.read`
174 - `user/Organization.read`
175 - `user/Organization.write`
176 - `user/Patient.read`
177 - `user/Patient.write`
178 - `user/Practitioner.read`
179 - `user/Practitioner.write`
180 - `user/PractitionerRole.read`
181 - `user/Procedure.read`
182 - `api:port` (patient api which are the /portal/ endpoints) (EXPERIMENTAL)
183 - `patient/encounter.read`
184 - `patient/patient.read`
185 - `api:pofh` (patient fhir which are the /portalfhir/ endpoints) (EXPERIMENTAL)
186 - `patient/Encounter.read`
187 - `patient/Patient.read`
191 Here is an example for registering a client. A client needs to be registered before applying for grant to obtain access/refresh tokens. Note: "post_logout_redirect_uris" is optional and only used if client wants a redirect to its own confirmation workflow.
193 Note that all scopes are included in this example for demonstration purposes. For production purposes, should only include the necessary scopes.
196 curl -X POST -k -H 'Content-Type: application/json' -i https://localhost:9300/oauth2/default/registration --data '{
197 "application_type": "private",
199 ["https://client.example.org/callback"],
200 "post_logout_redirect_uris":
201 ["https://client.example.org/logout/callback"],
202 "client_name": "A Private App",
203 "token_endpoint_auth_method": "client_secret_post",
204 "contacts": ["me@example.org", "them@example.org"],
205 "scope": "openid api:oemr api:fhir api:port api:pofh user/allergy.read user/allergy.write user/appointment.read user/appointment.write user/dental_issue.read user/dental_issue.write user/document.read user/document.write user/drug.read user/encounter.read user/encounter.write user/facility.read user/facility.write user/immunization.read user/insurance.read user/insurance.write user/insurance_company.read user/insurance_company.write user/insurance_type.read user/list.read user/medical_problem.read user/medical_problem.write user/medication.read user/medication.write user/message.write user/patient.read user/patient.write user/practitioner.read user/practitioner.write user/prescription.read user/procedure.read user/soap_note.read user/soap_note.write user/surgery.read user/surgery.write user/vital.read user/vital.write user/AllergyIntolerance.read user/CareTeam.read user/Condition.read user/Coverage.read user/Encounter.read user/Immunization.read user/Location.read user/Medication.read user/MedicationRequest.read user/Observation.read user/Organization.read user/Organization.write user/Patient.read user/Patient.write user/Practitioner.read user/Practitioner.write user/PractitionerRole.read user/Procedure.read patient/encounter.read patient/patient.read patient/Encounter.read patient/Patient.read"
212 "client_id": "LnjqojEEjFYe5j2Jp9m9UnmuxOnMg4VodEJj3yE8_OA",
213 "client_secret": "j21ecvLmFi9HPc_Hv0t7Ptmf1pVcZQLtHjIdU7U9tkS9WAjFJwVMav0G8ogTJ62q4BATovC7BQ19Qagc4x9BBg",
214 "registration_access_token": "uiDSXx2GNSvYy5n8eW50aGrJz0HjaGpUdrGf07Agv_Q",
215 "registration_client_uri": "https:\/\/localhost:9300\/oauth2\/default\/client\/6eUVG0-qK2dYiwfYdECKIw",
216 "client_id_issued_at": 1604767861,
217 "client_secret_expires_at": 0,
218 "contacts": ["me@example.org", "them@example.org"],
219 "application_type": "private",
220 "client_name": "A Private App",
221 "redirect_uris": ["https:\/\/client.example.org\/callback"],
222 "token_endpoint_auth_method": "client_secret_post",
223 "scope": "openid api:oemr api:fhir api:port api:pofh user/allergy.read user/allergy.write user/appointment.read user/appointment.write user/dental_issue.read user/dental_issue.write user/document.read user/document.write user/drug.read user/encounter.read user/encounter.write user/facility.read user/facility.write user/immunization.read user/insurance.read user/insurance.write user/insurance_company.read user/insurance_company.write user/insurance_type.read user/list.read user/medical_problem.read user/medical_problem.write user/medication.read user/medication.write user/message.write user/patient.read user/patient.write user/practitioner.read user/practitioner.write user/prescription.read user/procedure.read user/soap_note.read user/soap_note.write user/surgery.read user/surgery.write user/vital.read user/vital.write user/AllergyIntolerance.read user/CareTeam.read user/Condition.read user/Coverage.read user/Encounter.read user/Immunization.read user/Location.read user/Medication.read user/MedicationRequest.read user/Observation.read user/Organization.read user/Organization.write user/Patient.read user/Patient.write user/Practitioner.read user/Practitioner.write user/PractitionerRole.read user/Procedure.read patient/encounter.read patient/patient.read patient/Encounter.read patient/Patient.read"
227 ##### SMART on FHIR Registration
229 SMART Enabled Apps are supported.
231 SMART client can be registered at <website>/interface/smart/register-app.php. For example https://localhost:9300/interface/smart/register-app.php
233 After registering the SMART client, can then Enable it in OpenEMR at Administration->System->API Clients
235 After it is enabled, the SMART App will then be available to use in the Patient Summary screen (SMART Enabled Apps widget).
237 See this github issue for an example of a Smart App installation: https://github.com/openemr/openemr/issues/4148
239 #### Authorization Code Grant
241 This is the recommended standard mechanism to obtain access/refresh tokens. This is done by using an OAuth2 client with provider url of `oauth2/<site>`; an example full path would be `https://localhost:9300/oauth2/default`.
243 #### Refresh Token Grant
248 curl -X POST -k -H 'Content-Type: application/x-www-form-urlencoded'
249 -i 'https://localhost:9300/oauth2/default/token'
250 --data 'grant_type=refresh_token
251 &client_id=LnjqojEEjFYe5j2Jp9m9UnmuxOnMg4VodEJj3yE8_OA
252 &refresh_token=def5020089a766d16...'
259 "id_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiJrYn...",
260 "token_type": "Bearer",
262 "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiJrYnl1RkRp...",
263 "refresh_token": "def5020017b484b0add020bf3491a8a537fa04eda12..."
269 Recommend not using this mechanism unless you know what you are doing. It is considered far less secure than the standard authorization code method. Because of security implications, it is not turned on by default. It can be turned on at Administration->Globals->Connectors->'Enable OAuth2 Password Grant (Not considered secure)'.
271 Note that all scopes are included in these examples for demonstration purposes. For production purposes, should only include the necessary scopes.
273 Example for `users` role:
275 curl -X POST -k -H 'Content-Type: application/x-www-form-urlencoded'
276 -i 'https://localhost:9300/oauth2/default/token'
277 --data 'grant_type=password
278 &client_id=LnjqojEEjFYe5j2Jp9m9UnmuxOnMg4VodEJj3yE8_OA
279 &scope=openid%20api%3Aoemr%20api%3Afhir%20user%2Fallergy.read%20user%2Fallergy.write%20user%2Fappointment.read%20user%2Fappointment.write%20user%2Fdental_issue.read%20user%2Fdental_issue.write%20user%2Fdocument.read%20user%2Fdocument.write%20user%2Fdrug.read%20user%2Fencounter.read%20user%2Fencounter.write%20user%2Ffacility.read%20user%2Ffacility.write%20user%2Fimmunization.read%20user%2Finsurance.read%20user%2Finsurance.write%20user%2Finsurance_company.read%20user%2Finsurance_company.write%20user%2Finsurance_type.read%20user%2Flist.read%20user%2Fmedical_problem.read%20user%2Fmedical_problem.write%20user%2Fmedication.read%20user%2Fmedication.write%20user%2Fmessage.write%20user%2Fpatient.read%20user%2Fpatient.write%20user%2Fpractitioner.read%20user%2Fpractitioner.write%20user%2Fprescription.read%20user%2Fprocedure.read%20user%2Fsoap_note.read%20user%2Fsoap_note.write%20user%2Fsurgery.read%20user%2Fsurgery.write%20user%2Fvital.read%20user%2Fvital.write%20user%2FAllergyIntolerance.read%20user%2FCareTeam.read%20user%2FCondition.read%20user%2FCoverage.read%20user%2FEncounter.read%20user%2FImmunization.read%20user%2FLocation.read%20user%2FMedication.read%20user%2FMedicationRequest.read%20user%2FObservation.read%20user%2FOrganization.read%20user%2FOrganization.write%20user%2FPatient.read%20user%2FPatient.write%20user%2FPractitioner.read%20user%2FPractitioner.write%20user%2FPractitionerRole.read%20user%2FProcedure.read
285 Example for `patient` role:
287 curl -X POST -k -H 'Content-Type: application/x-www-form-urlencoded'
288 -i 'https://localhost:9300/oauth2/default/token'
289 --data 'grant_type=password
290 &client_id=LnjqojEEjFYe5j2Jp9m9UnmuxOnMg4VodEJj3yE8_OA
291 &scope=openid%20api%3Aport%20api%3Apofh%20patient%2Fencounter.read%20patient%2Fpatient.read%20patient%2FEncounter.read%20patient%2FPatient.read
295 &email=heya@invalid.email.com'
302 "id_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiJrYn...",
303 "token_type": "Bearer",
305 "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiJrYnl1RkRp...",
306 "refresh_token": "def5020017b484b0add020bf3491a8a537fa04eda12..."
312 A grant (both Authorization Code and Password grants) can be logged out (ie. removed) by url of `oauth2/<site>/logout?id_token_hint=<id_token>`; an example full path would be `https://localhost:9300/oauth2/default/logout?id_token_hint=<id_token>`. Optional: `post_logout_redirect_uri` and `state` parameters can also be sent; note that `post_logout_redirect_uris` also needs to be set during registration for it to work.
316 The forum thread that detailed development of Authorization and where questions and issues are addressed is here: https://community.open-emr.org/t/v6-authorization-and-api-changes-afoot/15450
318 More specific development api topics are discussed and described on the above forum thread (such as introspection).
322 OpenEMR standard endpoints Use `http://localhost:8300/apis/default/api as base URI.`
324 Note that the `default` component can be changed to the name of the site when using OpenEMR's multisite feature.
326 _Example:_ `http://localhost:8300/apis/default/api/patient` returns a resource of all Patients.
328 The Bearer token is required for each OpenEMR API request, and is conveyed using an Authorization header. Note that the Bearer token is the access_token that is obtained in the above [Authorization](API_README.md#authorization) section.
333 curl -X GET 'http://localhost:8300/apis/default/api/patient/1/medical_problem' \
334 -H 'Authorization: Bearer eyJ0b2tlbiI6IjAwNmZ4TWpsNWhsZmNPelZicXBEdEZVUlNPQUY5KzdzR1Jjejc4WGZyeGFjUjY2QlhaaEs4eThkU3cxbTd5VXFBeTVyeEZpck9mVzBQNWc5dUlidERLZ0trUElCME5wRDVtTVk5bE9WaE5DTHF5RnRnT0Q0OHVuaHRvbXZ6OTEyNmZGUmVPUllSYVJORGoyZTkzTDA5OWZSb0ZRVGViTUtWUFd4ZW5cL1piSzhIWFpJZUxsV3VNcUdjQXR5dmlLQXRXNDAiLCJzaXRlX2lkIjoiZGVmYXVsdCIsImFwaSI6Im9lbXIifQ=='
337 #### POST /api/facility
342 curl -X POST 'http://localhost:8300/apis/default/api/facility' -d \
345 "phone": "808-606-3030",
346 "fax": "808-606-3031",
347 "street": "1337 Bit Shifter Ln",
348 "city": "San Lorenzo",
350 "postal_code": "54321",
351 "email": "foo@bar.com",
352 "service_location": "1",
353 "billing_location": "1",
358 #### PUT /api/facility/:fid
363 curl -X PUT 'http://localhost:8300/apis/default/api/facility/1' -d \
366 "phone": "808-606-3030",
367 "fax": "808-606-3031",
368 "street": "1337 Bit Shifter Ln",
369 "city": "San Lorenzo",
371 "postal_code": "54321",
372 "email": "foo@bar.com",
373 "service_location": "1",
374 "billing_location": "1",
379 #### GET /api/facility
384 curl -X GET 'http://localhost:8300/apis/default/api/facility'
387 #### GET /api/facility/:fid
392 curl -X GET 'http://localhost:8300/apis/default/api/facility/1'
395 #### GET /api/practitioner
400 curl -X GET 'http://localhost:8300/apis/default/api/practitioner'
403 #### GET /api/practitioner/:uuid
408 curl -X GET 'http://localhost:8300/apis/default/api/practitioner/90cde167-7b9b-4ed1-bd55-533925cb2605'
411 #### POST /api/practitioner
416 curl -X POST 'http://localhost:8300/apis/default/api/practitioner' -d \
426 "facility": "Your Clinic Name Here",
428 "email": "info@pennfirm.com",
433 "organization": null,
435 "street": "789 Third Avenue",
436 "streetb": "123 Cannaut Street",
440 "phone": "(619) 555-9827",
442 "phonew1": "(619) 555-7822",
443 "phonecell": "(619) 555-7821",
445 "state_license_number": "123456"
453 "validationErrors": [],
454 "internalErrors": [],
457 "uuid": "90d453fb-0248-4c0d-9575-d99d02b169f5"
462 #### PUT /api/practitioner/:uuid
467 curl -X PUT 'http://localhost:8300/apis/default/api/patient/90a8923c-0b1c-4d0a-9981-994b143381a7' -d \
473 "street": "456 Tree Lane",
477 "phone": "123-456-7890"
485 "validationErrors": [],
486 "internalErrors": [],
489 "uuid": "90d453fb-0248-4c0d-9575-d99d02b169f5",
498 "facility": "Your Clinic Name Here",
500 "email": "info@pennfirm.com",
508 "street": "456 Tree Lane",
509 "streetb": "123 Cannaut Street",
513 "phone": "123-456-7890",
515 "phonew1": "(619) 555-7822",
516 "phonecell": "(619) 555-7821",
518 "state_license_number": "123456",
520 "physician_title": null,
521 "physician_code": null
526 #### POST /api/patient
531 curl -X POST 'http://localhost:8300/apis/default/api/patient' -d \
537 "street": "456 Tree Lane",
538 "postal_code": "08642",
541 "country_code": "US",
542 "phone_contact": "123-456-7890",
554 "validationErrors": [],
555 "internalErrors": [],
562 #### PUT /api/patient/:puuid
567 curl -X PUT 'http://localhost:8300/apis/default/api/patient/90a8923c-0b1c-4d0a-9981-994b143381a7' -d \
573 "street": "456 Tree Lane",
574 "postal_code": "08642",
577 "country_code": "US",
578 "phone_contact": "123-456-7890",
590 "validationErrors": [],
591 "internalErrors": [],
601 "street": "456 Tree Lane",
602 "postal_code": "08642",
606 "country_code": "US",
607 "drivers_license": "",
608 "contact_relationship": "",
609 "phone_contact": "123-456-7890",
623 #### GET /api/patient
628 curl -X GET 'http://localhost:8300/apis/default/api/patient'
635 "validationErrors": [],
636 "internalErrors": [],
637 "data": [{ patientRecord }, { patientRecord }, etc]
644 curl -X GET 'http://localhost:8300/apis/default/api/patient&fname=...&lname=...&dob=...'
651 "validationErrors": [],
652 "internalErrors": [],
653 "data": [{ patientRecord }, { patientRecord }, etc]
657 #### GET /api/patient/:puuid
662 curl -X GET 'http://localhost:8300/apis/default/api/patient/90a8923c-0b1c-4d0a-9981-994b143381a7'
669 "validationErrors": [],
670 "internalErrors": [],
680 "street": "456 Tree Lane",
681 "postal_code": "08642",
685 "country_code": "US",
686 "drivers_license": "",
687 "contact_relationship": "",
688 "phone_contact": "123-456-7890",
702 #### GET /api/immunization
707 curl -X GET 'http://localhost:8300/apis/default/api/immunization'
710 #### GET /api/immunization/:uuid
715 curl -X GET 'http://localhost:8300/apis/default/api/immunization/90cde167-7b9b-4ed1-bd55-533925cb2605'
718 #### POST /api/patient/:pid/encounter
723 curl -X POST 'http://localhost:8300/apis/default/api/patient/90a8923c-0b1c-4d0a-9981-994b143381a7/encounter' -d \
727 "reason": "Pregnancy Test",
728 "facility": "Owerri General Hospital",
731 "billing_facility": "3",
732 "sensitivity": "normal",
733 "referral_source": "",
745 "validationErrors": [],
746 "internalErrors": [],
749 "uuid": "90c196f2-51cc-4655-8858-3a80aebff3ef"
754 #### PUT /api/patient/:pid/encounter/:eid
759 curl -X POST 'http://localhost:8300/apis/default/api/patient/90a8923c-0b1c-4d0a-9981-994b143381a7/encounter/90c196f2-51cc-4655-8858-3a80aebff3ef' -d \
762 "onset_date": "2019-04-20 00:00:00",
763 "reason": "Pregnancy Test",
766 "billing_facility": "3",
767 "sensitivity": "normal",
768 "referral_source": "",
777 "validationErrors": [],
778 "internalErrors": [],
781 "uuid": "90c196f2-51cc-4655-8858-3a80aebff3ef",
782 "date": "2019-09-14 00:00:00",
783 "reason": "Pregnancy Test",
784 "facility": "Owerri General Hospital",
787 "onset_date": "2019-04-20 00:00:00",
788 "sensitivity": "normal",
789 "billing_note": null,
791 "last_level_billed": "0",
792 "last_level_closed": "0",
793 "last_stmt_date": null,
796 "supervisor_id": "0",
798 "referral_source": "",
799 "billing_facility": "3",
803 "class_title": "ambulatory",
804 "pc_catname": "Office Visit",
805 "billing_facility_name": "Owerri General Hospital"
810 #### GET /api/patient/:pid/encounter
815 curl -X GET 'http://localhost:8300/apis/default/api/patient/90a8923c-0b1c-4d0a-9981-994b143381a7/encounter'
822 "validationErrors": [],
823 "internalErrors": [],
824 "data": [{ encounterRecord }, { encounterRecord }, etc]
828 #### GET /api/patient/:pid/encounter/:eid
833 curl -X GET 'http://localhost:8300/apis/default/api/patient/90a8923c-0b1c-4d0a-9981-994b143381a7/encounter/90c196f2-51cc-4655-8858-3a80aebff3ef'
840 "validationErrors": [],
841 "internalErrors": [],
844 "uuid": "90c196f2-51cc-4655-8858-3a80aebff3ef",
845 "date": "2019-09-14 00:00:00",
846 "reason": "Pregnancy Test",
847 "facility": "Owerri General Hospital",
850 "onset_date": "2019-04-20 00:00:00",
851 "sensitivity": "normal",
852 "billing_note": null,
854 "last_level_billed": "0",
855 "last_level_closed": "0",
856 "last_stmt_date": null,
859 "supervisor_id": "0",
861 "referral_source": "",
862 "billing_facility": "3",
866 "class_title": "ambulatory",
867 "pc_catname": "Office Visit",
868 "billing_facility_name": "Owerri General Hospital"
873 #### POST /api/patient/:pid/encounter/:eid/vital
878 curl -X POST 'http://localhost:8300/apis/default/api/patient/1/encounter/1/vital' -d \
885 "temp_method": "Oral",
891 "oxygen_saturation": "80"
895 #### PUT /api/patient/:pid/encounter/:eid/vital/:vid
900 curl -X PUT 'http://localhost:8300/apis/default/api/patient/1/encounter/1/vital/1' -d \
907 "temp_method": "Oral",
913 "oxygen_saturation": "80"
917 #### GET /api/patient/:pid/encounter/:eid/vital
922 curl -X GET 'http://localhost:8300/apis/default/api/patient/1/encounter/1/vital'
925 #### GET /api/patient/:pid/encounter/:eid/vital/:vid
930 curl -X GET 'http://localhost:8300/apis/default/api/patient/1/encounter/1/vital/1'
933 #### POST /api/patient/:pid/encounter/:eid/soap_note
938 curl -X POST 'http://localhost:8300/apis/default/api/patient/1/encounter/1/soap_note' -d \
947 #### PUT /api/patient/:pid/encounter/:eid/soap_note/:sid
952 curl -X PUT 'http://localhost:8300/apis/default/api/patient/1/encounter/1/soap_note/1' -d \
961 #### GET /api/patient/:pid/encounter/:eid/soap_note
966 curl -X GET 'http://localhost:8300/apis/default/api/patient/1/encounter/1/soap_note'
969 #### GET /api/patient/:pid/encounter/:eid/soap_note/:sid
974 curl -X GET 'http://localhost:8300/apis/default/api/patient/1/encounter/1/soap_note/1'
977 #### GET /api/medical_problem
982 curl -X GET 'http://localhost:8300/apis/default/api/medical_problem'
985 #### GET /api/medical_problem/:muuid
990 curl -X GET 'http://localhost:8300/apis/default/api/medical_problem/9109890a-6756-44c1-a82d-bdfac91c7424'
993 #### GET /api/patient/:puuid/medical_problem
998 curl -X GET 'http://localhost:8300/apis/default/api/patient/9101a093-da04-457f-a6a1-46ce93f0d629/medical_problem'
1001 #### GET /api/patient/:puuid/medical_problem/:muuid
1006 curl -X GET 'http://localhost:8300/apis/default/api/patient/9101a093-da04-457f-a6a1-46ce93f0d629/medical_problem/91208832-47ab-4f65-ba44-08f57d4c028e'
1009 #### POST /api/patient/:puuid/medical_problem
1014 curl -X POST 'http://localhost:8300/apis/default/api/patient/9101a093-da04-457f-a6a1-46ce93f0d629/medical_problem' -d \
1016 "title": "Dermatochalasis",
1017 "begdate": "2010-04-13",
1019 "diagnosis": "ICD10:H02.839"
1023 #### PUT /api/patient/:puuid/medical_problem/:muuid
1028 curl -X PUT 'http://localhost:8300/apis/default/api/patient/9101a093-da04-457f-a6a1-46ce93f0d629/medical_problem/91208832-47ab-4f65-ba44-08f57d4c028e' -d \
1030 "title": "Dermatochalasis",
1031 "begdate": "2010-04-13",
1032 "enddate": "2018-03-12",
1033 "diagnosis": "ICD10:H02.839"
1037 #### DELETE /api/patient/:puuid/medical_problem/:muuid
1042 curl -X DELETE 'http://localhost:8300/apis/default/api/patient/9101a093-da04-457f-a6a1-46ce93f0d629/medical_problem/91208832-47ab-4f65-ba44-08f57d4c028e'
1045 #### GET /api/allergy
1050 curl -X GET 'http://localhost:8300/apis/default/api/allergy'
1053 #### GET /api/allergy/:auuid
1058 curl -X GET 'http://localhost:8300/apis/default/api/allergy/90c196f2-51cc-4655-8858-3a80aebff3ef'
1061 #### GET /api/patient/:puuid/allergy
1066 curl -X GET 'http://localhost:8300/apis/default/api/patient/90c196f2-51cc-4655-8858-3a80aebff3ef/allergy'
1069 #### GET /api/patient/:puuid/allergy/:auuid
1074 curl -X GET 'http://localhost:8300/apis/default/api/patient/90c196f2-51cc-4655-8858-3a80aebff3ef/allergy/90c196f2-51cc-4655-8858-3a80aebff3ef'
1077 #### POST /api/patient/:puuid/allergy
1082 curl -X POST 'http://localhost:8300/apis/default/api/patient/90c196f2-51cc-4655-8858-3a80aebff3ef/allergy' -d \
1085 "begdate": "2010-10-13",
1090 #### PUT /api/patient/:puuid/allergy/:auuid
1095 curl -X PUT 'http://localhost:8300/apis/default/api/patient/90c196f2-51cc-4655-8858-3a80aebff3ef/allergy/90c196f2-51cc-4655-8858-3a80aebff3ef' -d \
1098 "begdate": "2012-10-13",
1103 #### DELETE /api/patient/:puuid/allergy/:auuid
1108 curl -X DELETE 'http://localhost:8300/apis/default/api/patient/90c196f2-51cc-4655-8858-3a80aebff3ef/allergy/90c196f2-51cc-4655-8858-3a80aebff3ef'
1111 #### GET /api/procedure
1116 curl -X GET 'http://localhost:8300/apis/default/api/procedure'
1119 #### GET /api/procedure/:uuid
1124 curl -X GET 'http://localhost:8300/apis/default/api/procedure/90c196f2-51cc-4655-8858-3a80aebff3ef'
1132 curl -X GET 'http://localhost:8300/apis/default/api/drug'
1135 #### GET /api/drug/:uuid
1140 curl -X GET 'http://localhost:8300/apis/default/api/drug/90c196f2-51cc-4655-8858-3a80aebff3ef'
1143 #### GET /api/prescription
1148 curl -X GET 'http://localhost:8300/apis/default/api/prescription'
1151 #### GET /api/prescription/:uuid
1156 curl -X GET 'http://localhost:8300/apis/default/api/prescription/9128a1ec-95be-4649-8a66-d3686b7ab0ca'
1159 #### POST /api/patient/:pid/medication
1164 curl -X POST 'http://localhost:8300/apis/default/api/patient/1/medication' -d \
1167 "begdate": "2013-10-13",
1172 #### PUT /api/patient/:pid/medication/:mid
1177 curl -X PUT 'http://localhost:8300/apis/default/api/patient/1/medication/1' -d \
1180 "begdate": "2013-04-13",
1185 #### GET /api/patient/:pid/medication
1190 curl -X GET 'http://localhost:8300/apis/default/api/patient/1/medication'
1193 #### GET /api/patient/:pid/medication/:mid
1198 curl -X GET 'http://localhost:8300/apis/default/api/patient/1/medication/1'
1201 #### DELETE /api/patient/:pid/medication/:mid
1206 curl -X DELETE 'http://localhost:8300/apis/default/api/patient/1/medication/1'
1209 #### POST /api/patient/:pid/surgery
1214 curl -X POST 'http://localhost:8300/apis/default/api/patient/1/surgery' -d \
1216 "title": "Blepharoplasty",
1217 "begdate": "2013-10-13",
1219 "diagnosis": "CPT4:15823-50"
1223 #### PUT /api/patient/:pid/surgery/:sid
1228 curl -X PUT 'http://localhost:8300/apis/default/api/patient/1/surgery/1' -d \
1230 "title": "Blepharoplasty",
1231 "begdate": "2013-10-14",
1233 "diagnosis": "CPT4:15823-50"
1237 #### GET /api/patient/:pid/surgery
1242 curl -X GET 'http://localhost:8300/apis/default/api/patient/1/surgery'
1245 #### GET /api/patient/:pid/surgery/:sid
1250 curl -X GET 'http://localhost:8300/apis/default/api/patient/1/surgery/1'
1253 #### DELETE /api/patient/:pid/surgery/:sid
1258 curl -X DELETE 'http://localhost:8300/apis/default/api/patient/1/surgery/1'
1261 #### POST /api/patient/:pid/dental_issue
1266 curl -X POST 'http://localhost:8300/apis/default/api/patient/1/dental_issue' -d \
1268 "title": "Halitosis",
1269 "begdate": "2015-03-17",
1274 #### PUT /api/patient/:pid/dental_issue/:did
1279 curl -X PUT 'http://localhost:8300/apis/default/api/patient/1/dental_issue/1' -d \
1281 "title": "Halitosis",
1282 "begdate": "2015-03-17",
1283 "enddate": "2018-03-20"
1287 #### GET /api/patient/:pid/dental_issue
1292 curl -X GET 'http://localhost:8300/apis/default/api/patient/1/dental_issue'
1295 #### GET /api/patient/:pid/dental_issue/:did
1300 curl -X GET 'http://localhost:8300/apis/default/api/patient/1/dental_issue/1'
1303 #### DELETE /api/patient/:pid/dental_issue/:did
1308 curl -X DELETE 'http://localhost:8300/apis/default/api/patient/1/dental_issue/1'
1311 #### GET /api/patient/:pid/insurance
1316 curl -X GET 'http://localhost:8300/apis/default/api/patient/1/insurance'
1319 #### GET /api/patient/:pid/insurance/:type
1324 curl -X GET 'http://localhost:8300/apis/default/api/patient/1/insurance/secondary'
1327 #### POST /api/patient/:pid/insurance/:type
1332 curl -X POST 'http://localhost:8300/apis/default/api/patient/10/insurance/primary' -d \
1336 "plan_name": "Some Plan",
1337 "policy_number": "12345",
1338 "group_number": "252412",
1339 "subscriber_lname": "Tester",
1340 "subscriber_mname": "Xi",
1341 "subscriber_fname": "Foo",
1342 "subscriber_relationship": "other",
1343 "subscriber_ss": "234231234",
1344 "subscriber_DOB": "2018-10-03",
1345 "subscriber_street": "183 Cool St",
1346 "subscriber_postal_code": "23418",
1347 "subscriber_city": "Cooltown",
1348 "subscriber_state": "AZ",
1349 "subscriber_country": "USA",
1350 "subscriber_phone": "234-598-2123",
1351 "subscriber_employer": "Some Employer",
1352 "subscriber_employer_street": "123 Heather Lane",
1353 "subscriber_employer_postal_code": "23415",
1354 "subscriber_employer_state": "AZ",
1355 "subscriber_employer_country": "USA",
1356 "subscriber_employer_city": "Cooltown",
1358 "date": "2018-10-15",
1359 "subscriber_sex": "Female",
1360 "accept_assignment": "TRUE",
1367 - `provider` is the insurance company id
1368 - `state` can be found by querying `resource=/api/list/state`
1369 - `country` can be found by querying `resource=/api/list/country`
1371 #### PUT /api/patient/:pid/insurance/:type
1376 curl -X PUT 'http://localhost:8300/apis/default/api/patient/10/insurance/primary' -d \
1380 "plan_name": "Some Plan",
1381 "policy_number": "12345",
1382 "group_number": "252412",
1383 "subscriber_lname": "Tester",
1384 "subscriber_mname": "Xi",
1385 "subscriber_fname": "Foo",
1386 "subscriber_relationship": "other",
1387 "subscriber_ss": "234231234",
1388 "subscriber_DOB": "2018-10-03",
1389 "subscriber_street": "183 Cool St",
1390 "subscriber_postal_code": "23418",
1391 "subscriber_city": "Cooltown",
1392 "subscriber_state": "AZ",
1393 "subscriber_country": "USA",
1394 "subscriber_phone": "234-598-2123",
1395 "subscriber_employer": "Some Employer",
1396 "subscriber_employer_street": "123 Heather Lane",
1397 "subscriber_employer_postal_code": "23415",
1398 "subscriber_employer_state": "AZ",
1399 "subscriber_employer_country": "USA",
1400 "subscriber_employer_city": "Cooltown",
1402 "date": "2018-10-15",
1403 "subscriber_sex": "Female",
1404 "accept_assignment": "TRUE",
1411 - `provider` is the insurance company id
1412 - `state` can be found by querying `resource=/api/list/state`
1413 - `country` can be found by querying `resource=/api/list/country`
1415 #### GET /api/list/:list_name
1420 curl -X GET 'http://localhost:8300/apis/default/api/list/medical_problem_issue_list'
1423 #### GET /api/version
1428 curl -X GET 'http://localhost:8300/apis/default/api/version'
1431 #### GET /api/product
1436 curl -X GET 'http://localhost:8300/apis/default/api/product'
1439 #### GET /api/insurance_company
1444 curl -X GET 'http://localhost:8300/apis/default/api/insurance_company'
1447 #### GET /api/insurance_type
1452 curl -X GET 'http://localhost:8300/apis/default/api/insurance_type'
1455 #### POST /api/insurance_company
1460 curl -X POST 'http://localhost:8300/apis/default/api/insurance_company' -d \
1462 "name": "Cool Insurance Company",
1465 "ins_type_code": "2",
1466 "x12_receiver_id": null,
1467 "x12_default_partner_id": null,
1469 "line1": "123 Cool Lane",
1470 "line2": "Suite 123",
1478 Notes: `ins_type_code` can be found by inspecting the above route (/api/insurance_type).
1480 #### PUT /api/insurance_company/:iid
1485 curl -X PUT 'http://localhost:8300/apis/default/api/insurance_company/1' -d \
1487 "name": "Super Insurance Company",
1490 "ins_type_code": "2",
1491 "x12_receiver_id": null,
1492 "x12_default_partner_id": null,
1494 "line1": "123 Cool Lane",
1495 "line2": "Suite 123",
1503 Notes: `ins_type_code` can be found by inspecting the above route (/api/insurance_type).
1505 #### GET /api/appointment
1510 curl -X GET 'http://localhost:8300/apis/default/api/appointment'
1513 #### GET /api/appointment/:eid
1518 curl -X GET 'http://localhost:8300/apis/default/api/appointment/1'
1521 #### GET /api/patient/:pid/appointment
1526 curl -X GET 'http://localhost:8300/apis/default/api/patient/1/appointment'
1529 #### GET /api/patient/:pid/appointment/:eid
1534 curl -X GET 'http://localhost:8300/apis/default/api/patient/1/appointment/1'
1537 #### POST /api/patient/:pid/appointment
1542 curl -X POST 'http://localhost:8300/apis/default/api/patient/1/appointment' -d \
1546 "pc_title": "Office Visit",
1547 "pc_duration": "900",
1548 "pc_hometext": "Test",
1549 "pc_apptstatus": "-",
1550 "pc_eventDate": "2018-10-19",
1551 "pc_startTime": "09:00",
1553 "pc_billing_location": "10"
1557 #### DELETE /api/patient/:pid/appointment/:eid
1562 curl -X DELETE 'http://localhost:8300/apis/default/api/patient/1/appointment/1' -d \
1565 #### GET /api/patient/:pid/document
1570 curl -X GET 'http://localhost:8300/apis/default/api/patient/1/document&path=/eye_module/imaging-eye/drawings-eye'
1573 Note: The `path` query string represents the OpenEMR documents paths with two exceptions:
1575 - Spaces are represented with `_`
1576 - All characters are lowercase
1578 #### POST /api/patient/:pid/document
1583 curl -X POST 'http://localhost:8300/apis/default/api/patient/1/document&path=/eye_module/imaging-eye/drawings-eye' \
1584 -F document=@/home/someone/Desktop/drawing.jpg
1587 Note: The `path` query string represents the OpenEMR documents paths with two exceptions:
1589 - Spaces are represented with `_`
1590 - All characters are lowercase
1592 #### GET /api/patient/:pid/document/:did
1597 curl -X GET 'http://localhost:8300/apis/default/api/patient/1/document/1'
1600 #### POST /api/patient/:pid/message
1605 curl -X POST 'http://localhost:8300/apis/default/api/patient/1/message' -d \
1608 "groupname": "Default",
1612 "message_status": "New"
1618 - For `title`, use `resource=/api/list/note_type`
1619 - For `message_type`, use `resource=/api/list/message_status`
1621 #### PUT /api/patient/:pid/message/:mid
1626 curl -X PUT 'http://localhost:8300/apis/default/api/patient/1/message/1' -d \
1629 "groupname": "Default",
1633 "message_status": "New"
1639 - For `title`, use `resource=/api/list/note_type`
1640 - For `message_type`, use `resource=/api/list/message_status`
1642 #### DELETE /api/patient/:pid/message/:mid
1647 curl -X DELETE 'http://localhost:8300/apis/default/api/patient/1/message/1'
1650 ### /portal/ Endpoints
1652 This is under development and is considered EXPERIMENTAL.
1654 Enable the Patient Portal API service (/portal/ endpoints) in OpenEMR menu: Administration->Globals->Connectors->"Enable OpenEMR Patient Portal REST API (EXPERIMENTAL)"
1656 OpenEMR patient portal endpoints Use `http://localhost:8300/apis/default/portal as base URI.`
1658 Note that the `default` component can be changed to the name of the site when using OpenEMR's multisite feature.
1660 _Example:_ `http://localhost:8300/apis/default/portal/patient` returns a resource of the patient.
1662 The Bearer token is required for each OpenEMR API request, and is conveyed using an Authorization header. Note that the Bearer token is the access_token that is obtained in the above [Authorization](API_README.md#authorization) section.
1667 curl -X GET 'http://localhost:8300/apis/default/portal/patient' \
1668 -H 'Authorization: Bearer eyJ0b2tlbiI6IjAwNmZ4TWpsNWhsZmNPelZicXBEdEZVUlNPQUY5KzdzR1Jjejc4WGZyeGFjUjY2QlhaaEs4eThkU3cxbTd5VXFBeTVyeEZpck9mVzBQNWc5dUlidERLZ0trUElCME5wRDVtTVk5bE9WaE5DTHF5RnRnT0Q0OHVuaHRvbXZ6OTEyNmZGUmVPUllSYVJORGoyZTkzTDA5OWZSb0ZRVGViTUtWUFd4ZW5cL1piSzhIWFpJZUxsV3VNcUdjQXR5dmlLQXRXNDAiLCJzaXRlX2lkIjoiZGVmYXVsdCIsImFwaSI6Im9lbXIifQ=='
1671 #### GET /portal/patient
1676 curl -X GET 'http://localhost:8300/apis/default/portal/patient'
1683 "validationErrors": [],
1684 "internalErrors": [],
1694 "street": "456 Tree Lane",
1695 "postal_code": "08642",
1699 "country_code": "US",
1700 "drivers_license": "",
1701 "contact_relationship": "",
1702 "phone_contact": "123-456-7890",
1707 "DOB": "1992-02-03",
1718 - For business logic, make or use the services [here](src/Services)
1719 - For controller logic, make or use the classes [here](src/RestControllers)
1720 - For routing declarations, use the class [here](_rest_routes.inc.php).