Authorization Server (#4013)
[openemr.git] / API_README.md
blobc563ae8fd89c7d796f5ed2deb126bfb45899958d
1 # OpenEMR REST API Documentation
3 ## Overview
5 Easy-to-use JSON-based REST API for OpenEMR. All code is done in classes and separate from the view to help with codebase modernization efforts. FHIR is also supported, see FHIR API documentation [here](FHIR_README.md)
7 ## Implementation
9 REST API endpoints are defined in the [primary routes file](_rest_routes.inc.php). The routes file maps an external, addressable
10 endpoint to the OpenEMR controller which handles the request, and also handles the JSON data conversions.
12 ```php
13 "POST /api/patient" => function () {
14     RestConfig::authorization_check("patients", "demo");
15     $data = (array)(json_decode(file_get_contents("php://input")));
16     return (new PatientRestController())->post($data);
18 ```
20 At a high level, the request processing flow consists of the following steps:
22 ```
23 JSON Request -> Controller Component -> Validation -> Service Component -> Database
24 ```
26 The logical response flow begins with the database result:
28 ```
29 Database Result -> Service Component -> Controller Component -> RequestControllerHelper -> JSON Response
30 ```
32 The [RequestControllerHelper class](./src/RestControllers/RestControllerHelper.php) evaluates the Service Component's
33 result and maps it to a http response code and response payload. Existing APIs should be updated to utilize the
34 `handleProcessingResult` method as it supports the [Validator](./src/Validators/BaseValidator.php) components.
36 The [PatientRestController](./src/RestControllers/PatientRestController.php) may be used as a reference to see how APIs are
37 integrated with `RequestControllerHelper::handleProcessingResult` and the `Validator` components.
39 Finally, APIs which are integrated with the new `handleProcessingResult` method utilize a common response format.
41 ```json
43     "validationErrors": [],
44     "internalErrors": [],
45     "data": < data payload >
47 ```
49 -   `validationErrors` contain "client based" data validation errors
50 -   `internalErrors` contain server related errors
51 -   `data` is the response payload, represented as an object/`{}` for single results or an array/`[]` for multiple results
53 ### Sections
55 -   [Standard API Endpoints](API_README.md#api-endpoints)
56     -   [Facility API](API_README.md#post-apifacility)
57     -   [Practitioner API](API_README.md#get-apipractitioner)
58     -   [Patient API](API_README.md#post-apipatient)
59     -   [Immunization API](API_README.md#get-apiimmunization)
60     -   [Allergy API](API_README.md#get-apiallergy)
61     -   [Procedure API](API_README.md#get-apiprocedure)
62     -   [Drug API](API_README.md#get-apidrug)
63     -   [Prescription API](API_README.md#get-apiprescription)
64     -   [Insurance API](API_README.md#get-apipatientpidinsurance)
65     -   [Appointment API](API_README.md#get-apiappointment)
66     -   [Document API](API_README.md#get-apipatientpiddocument)
67     -   [Message API](API_README.md#post-apipatientpidmessage)
68 -   [Portal API Endpoints](API_README.md#portal-Endpoints)
69     -   [Patient API](API_README.md#get-portalpatient)
70 -   [FHIR API Endpoints](FHIR_README.md#fhir-endpoints)
71     -   [FHIR Capability Statement](FHIR_README.md#capability-statement)
72     -   [FHIR Authorization](FHIR_README.md#authorization)
73     -   [FHIR Patient](FHIR_README.md#patient-resource)
74     -   [FHIR Encounter](FHIR_README.md#encounter-resource)
75     -   [FHIR Practitioner](FHIR_README.md#practitioner-resource)
76     -   [FHIR PractitionerRole](FHIR_README.md#practitionerrole-resource)
77     -   [FHIR Immunization](FHIR_README.md#immunization-resource)
78     -   [FHIR AllergyIntolerance](FHIR_README.md#allergyintolerance-resource)
79     -   [FHIR Organization](FHIR_README.md#organization-resource)
80     -   [FHIR Observation](FHIR_README.md#observation-resource)
81     -   [FHIR QuestionnaireResponse](FHIR_README.md#questionnaireresponse-resource)
82     -   [FHIR Condition](FHIR_README.md#condition-resource)
83     -   [FHIR Procedure](FHIR_README.md#procedure-resource)
84     -   [FHIR MedicationRequest](FHIR_README.md#medicationrequest-resource)
85     -   [FHIR Medication](FHIR_README.md#medication-resource)
86     -   [FHIR Location](FHIR_README.md#location-resource)
87     -   [FHIR CareTeam](FHIR_README.md#careTeam-resource)
88     -   [FHIR Provenance](FHIR_README.md#Provenance-resources)
89 -   [Patient Portal FHIR API Endpoints](FHIR_README.md#patient-portal-fhir-endpoints)
90     -   [Patient Portal FHIR Authorization](FHIR_README.md#patient-portal-authorization)
91     -   [Patient Portal FHIR Patient](FHIR_README.md#patient-portal-patient-resource)
92 -   [Dev notes](API_README.md#dev-notes)
93 -   [Todos](API_README.md#project-management)
95 ### Prerequisite
97 Enable the Standard API service (/api/ endpoints) in OpenEMR menu: Administration->Globals->Connectors->"Enable OpenEMR Standard REST API"
98 Enable the Patient Portal API service (/portal/ endpoints) in OpenEMR menu: Administration->Globals->Connectors->"Enable OpenEMR Patient Portal REST API"
100 ### Using API Internally
102 There are several ways to make API calls from an authorized session and maintain security:
104 -   See the script at tests/api/InternalApiTest.php for examples of internal API use cases.
106 ### /api/ Endpoints
108 OpenEMR standard endpoints Use `http://localhost:8300/apis/api as base URI.`
110 _Example:_ `http://localhost:8300/apis/api/patient` returns a resource of all Patients.
112 #### POST /api/auth
114 The OpenEMR API utilizes the OAuth2 password credential flow for authentication. To obtain an API token, submit your login credentials and requested scope. The scope must match a site that has been setup in OpenEMR, in the /sites/ directory. If additional sites have not been created, set the scope
115 to 'default'.
117 Request:
119 ```sh
120 curl -X POST -H 'Content-Type: application/json' 'http://localhost:8300/apis/api/auth' \
121 -d '{
122     "grant_type":"password",
123     "username": "ServiceUser",
124     "password": "password",
125     "scope":"site id"
129 Response:
131 ```json
133     "token_type": "Bearer",
134     "access_token": "eyJ0b2tlbiI6IjAwNmZ4TWpsNWhsZmNPelZicXBEdEZVUlNPQUY5KzdzR1Jjejc4WGZyeGFjUjY2QlhaaEs4eThkU3cxbTd5VXFBeTVyeEZpck9mVzBQNWc5dUlidERLZ0trUElCME5wRDVtTVk5bE9WaE5DTHF5RnRnT0Q0OHVuaHRvbXZ6OTEyNmZGUmVPUllSYVJORGoyZTkzTDA5OWZSb0ZRVGViTUtWUFd4ZW5cL1piSzhIWFpJZUxsV3VNcUdjQXR5dmlLQXRXNDAiLCJzaXRlX2lkIjoiZGVmYXVsdCIsImFwaSI6Im9lbXIifQ==",
135     "expires_in": "3600",
136     "user_data": {
137         "user_id": "1"
138     }
142 The Bearer token is required for each OpenEMR API request, and is conveyed using an Authorization header.
144 Request:
146 ```sh
147 curl -X GET 'http://localhost:8300/apis/api/patient/1/medical_problem' \
148   -H 'Authorization: Bearer eyJ0b2tlbiI6IjAwNmZ4TWpsNWhsZmNPelZicXBEdEZVUlNPQUY5KzdzR1Jjejc4WGZyeGFjUjY2QlhaaEs4eThkU3cxbTd5VXFBeTVyeEZpck9mVzBQNWc5dUlidERLZ0trUElCME5wRDVtTVk5bE9WaE5DTHF5RnRnT0Q0OHVuaHRvbXZ6OTEyNmZGUmVPUllSYVJORGoyZTkzTDA5OWZSb0ZRVGViTUtWUFd4ZW5cL1piSzhIWFpJZUxsV3VNcUdjQXR5dmlLQXRXNDAiLCJzaXRlX2lkIjoiZGVmYXVsdCIsImFwaSI6Im9lbXIifQ=='
151 #### POST /api/facility
153 Request:
155 ```sh
156 curl -X POST 'http://localhost:8300/apis/api/facility' -d \
158     "name": "Aquaria",
159     "phone": "808-606-3030",
160     "fax": "808-606-3031",
161     "street": "1337 Bit Shifter Ln",
162     "city": "San Lorenzo",
163     "state": "ZZ",
164     "postal_code": "54321",
165     "email": "foo@bar.com",
166     "service_location": "1",
167     "billing_location": "1",
168     "color": "#FF69B4"
172 #### PUT /api/facility/:fid
174 Request:
176 ```sh
177 curl -X PUT 'http://localhost:8300/apis/api/facility/1' -d \
179     "name": "Aquaria",
180     "phone": "808-606-3030",
181     "fax": "808-606-3031",
182     "street": "1337 Bit Shifter Ln",
183     "city": "San Lorenzo",
184     "state": "AZ",
185     "postal_code": "54321",
186     "email": "foo@bar.com",
187     "service_location": "1",
188     "billing_location": "1",
189     "color": "#FF69B4"
193 #### GET /api/facility
195 Request:
197 ```sh
198 curl -X GET 'http://localhost:8300/apis/api/facility'
201 #### GET /api/facility/:fid
203 Request:
205 ```sh
206 curl -X GET 'http://localhost:8300/apis/api/facility/1'
209 #### GET /api/practitioner
211 Request:
213 ```sh
214 curl -X GET 'http://localhost:8300/apis/api/practitioner'
217 #### GET /api/practitioner/:uuid
219 Request:
221 ```sh
222 curl -X GET 'http://localhost:8300/apis/api/practitioner/90cde167-7b9b-4ed1-bd55-533925cb2605'
225 #### POST /api/practitioner
227 Request:
229 ```sh
230 curl -X POST 'http://localhost:8300/apis/api/practitioner' -d \
232     "title": "Mrs.",
233     "fname": "Eduardo",
234     "mname": "Kathy",
235     "lname": "Perez",
236     "federaltaxid": "",
237     "federaldrugid": "",
238     "upin": "",
239     "facility_id": "3",
240     "facility": "Your Clinic Name Here",
241     "npi": "0123456789",
242     "email": "info@pennfirm.com",
243     "specialty": "",
244     "billname": null,
245     "url": null,
246     "assistant": null,
247     "organization": null,
248     "valedictory": null,
249     "street": "789 Third Avenue",
250     "streetb": "123 Cannaut Street",
251     "city": "San Diego",
252     "state": "CA",
253     "zip": "90210",
254     "phone": "(619) 555-9827",
255     "fax": null,
256     "phonew1": "(619) 555-7822",
257     "phonecell": "(619) 555-7821",
258     "notes": null,
259     "state_license_number": "123456"
263 Response:
265 ```json
267     "validationErrors": [],
268     "internalErrors": [],
269     "data": {
270         "id": 7,
271         "uuid": "90d453fb-0248-4c0d-9575-d99d02b169f5"
272     }
276 #### PATCH /api/practitioner/:uuid
278 Request:
280 ```sh
281 curl -X PATCH 'http://localhost:8300/apis/api/patient/90a8923c-0b1c-4d0a-9981-994b143381a7' -d \
283     "title": "Mr",
284     "fname": "Baz",
285     "mname": "",
286     "lname": "Bop",
287     "street": "456 Tree Lane",
288     "zip": "08642",
289     "city": "FooTown",
290     "state": "FL",
291     "phone": "123-456-7890"
295 Response:
297 ```json
299     "validationErrors": [],
300     "internalErrors": [],
301     "data": {
302         "id": "7",
303         "uuid": "90d453fb-0248-4c0d-9575-d99d02b169f5",
304         "title": "Mr",
305         "fname": "Baz",
306         "lname": "Bop",
307         "mname": "",
308         "federaltaxid": "",
309         "federaldrugid": "",
310         "upin": "",
311         "facility_id": "3",
312         "facility": "Your Clinic Name Here",
313         "npi": "0123456789",
314         "email": "info@pennfirm.com",
315         "active": "1",
316         "specialty": "",
317         "billname": "",
318         "url": "",
319         "assistant": "",
320         "organization": "",
321         "valedictory": "",
322         "street": "456 Tree Lane",
323         "streetb": "123 Cannaut Street",
324         "city": "FooTown",
325         "state": "FL",
326         "zip": "08642",
327         "phone": "123-456-7890",
328         "fax": "",
329         "phonew1": "(619) 555-7822",
330         "phonecell": "(619) 555-7821",
331         "notes": "",
332         "state_license_number": "123456",
333         "abook_title": null,
334         "physician_title": null,
335         "physician_code": null
336     }
340 #### POST /api/patient
342 Request:
344 ```sh
345 curl -X POST 'http://localhost:8300/apis/api/patient' -d \
347     "title": "Mr",
348     "fname": "Foo",
349     "mname": "",
350     "lname": "Bar",
351     "street": "456 Tree Lane",
352     "postal_code": "08642",
353     "city": "FooTown",
354     "state": "FL",
355     "country_code": "US",
356     "phone_contact": "123-456-7890",
357     "DOB": "1992-02-02",
358     "sex": "Male",
359     "race": "",
360     "ethnicity": ""
364 Response:
366 ```json
368     "validationErrors": [],
369     "internalErrors": [],
370     "data": {
371         "pid": 1
372     }
376 #### PUT /api/patient/:puuid
378 Request:
380 ```sh
381 curl -X PUT 'http://localhost:8300/apis/api/patient/90a8923c-0b1c-4d0a-9981-994b143381a7' -d \
383     "title": "Mr",
384     "fname": "Baz",
385     "mname": "",
386     "lname": "Bop",
387     "street": "456 Tree Lane",
388     "postal_code": "08642",
389     "city": "FooTown",
390     "state": "FL",
391     "country_code": "US",
392     "phone_contact": "123-456-7890",
393     "DOB": "1992-02-03",
394     "sex": "Male",
395     "race": "",
396     "ethnicity": ""
400 Response:
402 ```json
404     "validationErrors": [],
405     "internalErrors": [],
406     "data": {
407         "id": "193",
408         "pid": "1",
409         "pubpid": "",
410         "title": "Mr",
411         "fname": "Baz",
412         "mname": "",
413         "lname": "Bop",
414         "ss": "",
415         "street": "456 Tree Lane",
416         "postal_code": "08642",
417         "city": "FooTown",
418         "state": "FL",
419         "county": "",
420         "country_code": "US",
421         "drivers_license": "",
422         "contact_relationship": "",
423         "phone_contact": "123-456-7890",
424         "phone_home": "",
425         "phone_biz": "",
426         "phone_cell": "",
427         "email": "",
428         "DOB": "1992-02-03",
429         "sex": "Male",
430         "race": "",
431         "ethnicity": "",
432         "status": ""
433     }
437 #### GET /api/patient
439 Request:
441 ```sh
442 curl -X GET 'http://localhost:8300/apis/api/patient'
445 Response:
447 ```json
449     "validationErrors": [],
450     "internalErrors": [],
451     "data": [{ patientRecord }, { patientRecord }, etc]
455 Request:
457 ```sh
458 curl -X GET 'http://localhost:8300/apis/api/patient&fname=...&lname=...&dob=...'
461 Response:
463 ```json
465     "validationErrors": [],
466     "internalErrors": [],
467     "data": [{ patientRecord }, { patientRecord }, etc]
471 #### GET /api/patient/:puuid
473 Request:
475 ```sh
476 curl -X GET 'http://localhost:8300/apis/api/patient/90a8923c-0b1c-4d0a-9981-994b143381a7'
479 Response:
481 ```json
483     "validationErrors": [],
484     "internalErrors": [],
485     "data": {
486         "id": "193",
487         "pid": "1",
488         "pubpid": "",
489         "title": "Mr",
490         "fname": "Baz",
491         "mname": "",
492         "lname": "Bop",
493         "ss": "",
494         "street": "456 Tree Lane",
495         "postal_code": "08642",
496         "city": "FooTown",
497         "state": "FL",
498         "county": "",
499         "country_code": "US",
500         "drivers_license": "",
501         "contact_relationship": "",
502         "phone_contact": "123-456-7890",
503         "phone_home": "",
504         "phone_biz": "",
505         "phone_cell": "",
506         "email": "",
507         "DOB": "1992-02-03",
508         "sex": "Male",
509         "race": "",
510         "ethnicity": "",
511         "status": ""
512     }
516 #### GET /api/immunization
518 Request:
520 ```sh
521 curl -X GET 'http://localhost:8300/apis/api/immunization'
524 #### GET /api/immunization/:uuid
526 Request:
528 ```sh
529 curl -X GET 'http://localhost:8300/apis/api/immunization/90cde167-7b9b-4ed1-bd55-533925cb2605'
532 #### POST /api/patient/:pid/encounter
534 Request:
536 ```sh
537 curl -X POST 'http://localhost:8300/apis/api/patient/90a8923c-0b1c-4d0a-9981-994b143381a7/encounter' -d \
539     "date":"2020-11-10",
540     "onset_date": "",
541     "reason": "Pregnancy Test",
542     "facility": "Owerri General Hospital",
543     "pc_catid": "5",
544     "facility_id": "3",
545     "billing_facility": "3",
546     "sensitivity": "normal",
547     "referral_source": "",
548     "pos_code": "0",
549     "external_id": "",
550     "provider_id": "1",
551     "class_code" : "AMB"
555 Response:
557 ```json
559     "validationErrors": [],
560     "internalErrors": [],
561     "data": {
562         "encounter": 1,
563         "uuid": "90c196f2-51cc-4655-8858-3a80aebff3ef"
564     }
568 #### PUT /api/patient/:pid/encounter/:eid
570 Request:
572 ```sh
573 curl -X POST 'http://localhost:8300/apis/api/patient/90a8923c-0b1c-4d0a-9981-994b143381a7/encounter/90c196f2-51cc-4655-8858-3a80aebff3ef' -d \
575     "date":"2019-09-14",
576     "onset_date": "2019-04-20 00:00:00",
577     "reason": "Pregnancy Test",
578     "pc_catid": "5",
579     "facility_id": "3",
580     "billing_facility": "3",
581     "sensitivity": "normal",
582     "referral_source": "",
583     "pos_code": "0"
587 Response:
589 ```json
591     "validationErrors": [],
592     "internalErrors": [],
593     "data": {
594         "id": "1",
595         "uuid": "90c196f2-51cc-4655-8858-3a80aebff3ef",
596         "date": "2019-09-14 00:00:00",
597         "reason": "Pregnancy Test",
598         "facility": "Owerri General Hospital",
599         "facility_id": "3",
600         "pid": "1",
601         "onset_date": "2019-04-20 00:00:00",
602         "sensitivity": "normal",
603         "billing_note": null,
604         "pc_catid": "5",
605         "last_level_billed": "0",
606         "last_level_closed": "0",
607         "last_stmt_date": null,
608         "stmt_count": "0",
609         "provider_id": "1",
610         "supervisor_id": "0",
611         "invoice_refno": "",
612         "referral_source": "",
613         "billing_facility": "3",
614         "external_id": "",
615         "pos_code": "0",
616         "class_code": "AMB",
617         "class_title": "ambulatory",
618         "pc_catname": "Office Visit",
619         "billing_facility_name": "Owerri General Hospital"
620     }
624 #### GET /api/patient/:pid/encounter
626 Request:
628 ```sh
629 curl -X GET 'http://localhost:8300/apis/api/patient/90a8923c-0b1c-4d0a-9981-994b143381a7/encounter'
632 Response:
634 ```json
636     "validationErrors": [],
637     "internalErrors": [],
638     "data": [{ encounterRecord }, { encounterRecord }, etc]
642 #### GET /api/patient/:pid/encounter/:eid
644 Request:
646 ```sh
647 curl -X GET 'http://localhost:8300/apis/api/patient/90a8923c-0b1c-4d0a-9981-994b143381a7/encounter/90c196f2-51cc-4655-8858-3a80aebff3ef'
650 Response:
652 ```json
654     "validationErrors": [],
655     "internalErrors": [],
656     "data": {
657         "id": "1",
658         "uuid": "90c196f2-51cc-4655-8858-3a80aebff3ef",
659         "date": "2019-09-14 00:00:00",
660         "reason": "Pregnancy Test",
661         "facility": "Owerri General Hospital",
662         "facility_id": "3",
663         "pid": "1",
664         "onset_date": "2019-04-20 00:00:00",
665         "sensitivity": "normal",
666         "billing_note": null,
667         "pc_catid": "5",
668         "last_level_billed": "0",
669         "last_level_closed": "0",
670         "last_stmt_date": null,
671         "stmt_count": "0",
672         "provider_id": "1",
673         "supervisor_id": "0",
674         "invoice_refno": "",
675         "referral_source": "",
676         "billing_facility": "3",
677         "external_id": "",
678         "pos_code": "0",
679         "class_code": "AMB",
680         "class_title": "ambulatory",
681         "pc_catname": "Office Visit",
682         "billing_facility_name": "Owerri General Hospital"
683     }
687 #### POST /api/patient/:pid/encounter/:eid/vital
689 Request:
691 ```sh
692 curl -X POST 'http://localhost:8300/apis/api/patient/1/encounter/1/vital' -d \
694     "bps": "130",
695     "bpd": "80",
696     "weight": "220",
697     "height": "70",
698     "temperature": "98",
699     "temp_method": "Oral",
700     "pulse": "60",
701     "respiration": "20",
702     "note": "...",
703     "waist_circ": "37",
704     "head_circ": "22.2",
705     "oxygen_saturation": "80"
709 #### PUT /api/patient/:pid/encounter/:eid/vital/:vid
711 Request:
713 ```sh
714 curl -X PUT 'http://localhost:8300/apis/api/patient/1/encounter/1/vital/1' -d \
716     "bps": "140",
717     "bpd": "80",
718     "weight": "220",
719     "height": "70",
720     "temperature": "98",
721     "temp_method": "Oral",
722     "pulse": "60",
723     "respiration": "20",
724     "note": "...",
725     "waist_circ": "37",
726     "head_circ": "22.2",
727     "oxygen_saturation": "80"
731 #### GET /api/patient/:pid/encounter/:eid/vital
733 Request:
735 ```sh
736 curl -X GET 'http://localhost:8300/apis/api/patient/1/encounter/1/vital'
739 #### GET /api/patient/:pid/encounter/:eid/vital/:vid
741 Request:
743 ```sh
744 curl -X GET 'http://localhost:8300/apis/api/patient/1/encounter/1/vital/1'
747 #### POST /api/patient/:pid/encounter/:eid/soap_note
749 Request:
751 ```sh
752 curl -X POST 'http://localhost:8300/apis/api/patient/1/encounter/1/soap_note' -d \
754     "subjective": "...",
755     "objective": "...",
756     "assessment": "...",
757     "plan": "..."
761 #### PUT /api/patient/:pid/encounter/:eid/soap_note/:sid
763 Request:
765 ```sh
766 curl -X PUT 'http://localhost:8300/apis/api/patient/1/encounter/1/soap_note/1' -d \
768     "subjective": "...",
769     "objective": "...",
770     "assessment": "...",
771     "plan": "..."
775 #### GET /api/patient/:pid/encounter/:eid/soap_note
777 Request:
779 ```sh
780 curl -X GET 'http://localhost:8300/apis/api/patient/1/encounter/1/soap_note'
783 #### GET /api/patient/:pid/encounter/:eid/soap_note/:sid
785 Request:
787 ```sh
788 curl -X GET 'http://localhost:8300/apis/api/patient/1/encounter/1/soap_note/1'
791 #### GET /api/medical_problem
793 Request:
795 ```sh
796 curl -X GET 'http://localhost:8300/apis/api/medical_problem'
799 #### GET /api/medical_problem/:muuid
801 Request:
803 ```sh
804 curl -X GET 'http://localhost:8300/apis/api/medical_problem/9109890a-6756-44c1-a82d-bdfac91c7424'
807 #### GET /api/patient/:puuid/medical_problem
809 Request:
811 ```sh
812 curl -X GET 'http://localhost:8300/apis/api/patient/9101a093-da04-457f-a6a1-46ce93f0d629/medical_problem'
815 #### GET /api/patient/:puuid/medical_problem/:muuid
817 Request:
819 ```sh
820 curl -X GET 'http://localhost:8300/apis/api/patient/9101a093-da04-457f-a6a1-46ce93f0d629/medical_problem/91208832-47ab-4f65-ba44-08f57d4c028e'
823 #### POST /api/patient/:puuid/medical_problem
825 Request:
827 ```sh
828 curl -X POST 'http://localhost:8300/apis/api/patient/9101a093-da04-457f-a6a1-46ce93f0d629/medical_problem' -d \
830     "title": "Dermatochalasis",
831     "begdate": "2010-04-13",
832     "enddate": null,
833     "diagnosis": "ICD10:H02.839"
837 #### PUT /api/patient/:puuid/medical_problem/:muuid
839 Request:
841 ```sh
842 curl -X PUT 'http://localhost:8300/apis/api/patient/9101a093-da04-457f-a6a1-46ce93f0d629/medical_problem/91208832-47ab-4f65-ba44-08f57d4c028e' -d \
844     "title": "Dermatochalasis",
845     "begdate": "2010-04-13",
846     "enddate": "2018-03-12",
847     "diagnosis": "ICD10:H02.839"
851 #### DELETE /api/patient/:puuid/medical_problem/:muuid
853 Request:
855 ```sh
856 curl -X DELETE 'http://localhost:8300/apis/api/patient/9101a093-da04-457f-a6a1-46ce93f0d629/medical_problem/91208832-47ab-4f65-ba44-08f57d4c028e'
859 #### GET /api/allergy
861 Request:
863 ```sh
864 curl -X GET 'http://localhost:8300/apis/api/allergy'
867 #### GET /api/allergy/:auuid
869 Request:
871 ```sh
872 curl -X GET 'http://localhost:8300/apis/api/allergy/90c196f2-51cc-4655-8858-3a80aebff3ef'
875 #### GET /api/patient/:puuid/allergy
877 Request:
879 ```sh
880 curl -X GET 'http://localhost:8300/apis/api/patient/90c196f2-51cc-4655-8858-3a80aebff3ef/allergy'
883 #### GET /api/patient/:puuid/allergy/:auuid
885 Request:
887 ```sh
888 curl -X GET 'http://localhost:8300/apis/api/patient/90c196f2-51cc-4655-8858-3a80aebff3ef/allergy/90c196f2-51cc-4655-8858-3a80aebff3ef'
891 #### POST /api/patient/:puuid/allergy
893 Request:
895 ```sh
896 curl -X POST 'http://localhost:8300/apis/api/patient/90c196f2-51cc-4655-8858-3a80aebff3ef/allergy' -d \
898     "title": "Iodine",
899     "begdate": "2010-10-13",
900     "enddate": null
904 #### PUT /api/patient/:puuid/allergy/:auuid
906 Request:
908 ```sh
909 curl -X PUT 'http://localhost:8300/apis/api/patient/90c196f2-51cc-4655-8858-3a80aebff3ef/allergy/90c196f2-51cc-4655-8858-3a80aebff3ef' -d \
911     "title": "Iodine",
912     "begdate": "2012-10-13",
913     "enddate": null
917 #### DELETE /api/patient/:puuid/allergy/:auuid
919 Request:
921 ```sh
922 curl -X DELETE 'http://localhost:8300/apis/api/patient/90c196f2-51cc-4655-8858-3a80aebff3ef/allergy/90c196f2-51cc-4655-8858-3a80aebff3ef'
925 #### GET /api/procedure
927 Request:
929 ```sh
930 curl -X GET 'http://localhost:8300/apis/api/procedure'
933 #### GET /api/procedure/:uuid
935 Request:
937 ```sh
938 curl -X GET 'http://localhost:8300/apis/api/procedure/90c196f2-51cc-4655-8858-3a80aebff3ef'
941 #### GET /api/drug
943 Request:
945 ```sh
946 curl -X GET 'http://localhost:8300/apis/api/drug'
949 #### GET /api/drug/:uuid
951 Request:
953 ```sh
954 curl -X GET 'http://localhost:8300/apis/api/drug/90c196f2-51cc-4655-8858-3a80aebff3ef'
957 #### GET /api/prescription
959 Request:
961 ```sh
962 curl -X GET 'http://localhost:8300/apis/api/prescription'
965 #### GET /api/prescription/:uuid
967 Request:
969 ```sh
970 curl -X GET 'http://localhost:8300/apis/api/prescription/9128a1ec-95be-4649-8a66-d3686b7ab0ca'
973 #### POST /api/patient/:pid/medication
975 Request:
977 ```sh
978 curl -X POST 'http://localhost:8300/apis/api/patient/1/medication' -d \
980     "title": "Norvasc",
981     "begdate": "2013-10-13",
982     "enddate": null
986 #### PUT /api/patient/:pid/medication/:mid
988 Request:
990 ```sh
991 curl -X PUT 'http://localhost:8300/apis/api/patient/1/medication/1' -d \
993     "title": "Norvasc",
994     "begdate": "2013-04-13",
995     "enddate": null
999 #### GET /api/patient/:pid/medication
1001 Request:
1003 ```sh
1004 curl -X GET 'http://localhost:8300/apis/api/patient/1/medication'
1007 #### GET /api/patient/:pid/medication/:mid
1009 Request:
1011 ```sh
1012 curl -X GET 'http://localhost:8300/apis/api/patient/1/medication/1'
1015 #### DELETE /api/patient/:pid/medication/:mid
1017 Request:
1019 ```sh
1020 curl -X DELETE 'http://localhost:8300/apis/api/patient/1/medication/1'
1023 #### POST /api/patient/:pid/surgery
1025 Request:
1027 ```sh
1028 curl -X POST 'http://localhost:8300/apis/api/patient/1/surgery' -d \
1030     "title": "Blepharoplasty",
1031     "begdate": "2013-10-13",
1032     "enddate": null,
1033     "diagnosis": "CPT4:15823-50"
1037 #### PUT /api/patient/:pid/surgery/:sid
1039 Request:
1041 ```sh
1042 curl -X PUT 'http://localhost:8300/apis/api/patient/1/surgery/1' -d \
1044     "title": "Blepharoplasty",
1045     "begdate": "2013-10-14",
1046     "enddate": null,
1047     "diagnosis": "CPT4:15823-50"
1051 #### GET /api/patient/:pid/surgery
1053 Request:
1055 ```sh
1056 curl -X GET 'http://localhost:8300/apis/api/patient/1/surgery'
1059 #### GET /api/patient/:pid/surgery/:sid
1061 Request:
1063 ```sh
1064 curl -X GET 'http://localhost:8300/apis/api/patient/1/surgery/1'
1067 #### DELETE /api/patient/:pid/surgery/:sid
1069 Request:
1071 ```sh
1072 curl -X DELETE 'http://localhost:8300/apis/api/patient/1/surgery/1'
1075 #### POST /api/patient/:pid/dental_issue
1077 Request:
1079 ```sh
1080 curl -X POST 'http://localhost:8300/apis/api/patient/1/dental_issue' -d \
1082     "title": "Halitosis",
1083     "begdate": "2015-03-17",
1084     "enddate": null
1088 #### PUT /api/patient/:pid/dental_issue/:did
1090 Request:
1092 ```sh
1093 curl -X PUT 'http://localhost:8300/apis/api/patient/1/dental_issue/1' -d \
1095     "title": "Halitosis",
1096     "begdate": "2015-03-17",
1097     "enddate": "2018-03-20"
1101 #### GET /api/patient/:pid/dental_issue
1103 Request:
1105 ```sh
1106 curl -X GET 'http://localhost:8300/apis/api/patient/1/dental_issue'
1109 #### GET /api/patient/:pid/dental_issue/:did
1111 Request:
1113 ```sh
1114 curl -X GET 'http://localhost:8300/apis/api/patient/1/dental_issue/1'
1117 #### DELETE /api/patient/:pid/dental_issue/:did
1119 Request:
1121 ```sh
1122 curl -X DELETE 'http://localhost:8300/apis/api/patient/1/dental_issue/1'
1125 #### GET /api/patient/:pid/insurance
1127 Request:
1129 ```sh
1130 curl -X GET 'http://localhost:8300/apis/api/patient/1/insurance'
1133 #### GET /api/patient/:pid/insurance/:type
1135 Request:
1137 ```sh
1138 curl -X GET 'http://localhost:8300/apis/api/patient/1/insurance/secondary'
1141 #### POST /api/patient/:pid/insurance/:type
1143 Request:
1145 ```sh
1146 curl -X POST 'http://localhost:8300/apis/api/patient/10/insurance/primary' -d \
1148     "type": "primary",
1149     "provider": "33",
1150     "plan_name": "Some Plan",
1151     "policy_number": "12345",
1152     "group_number": "252412",
1153     "subscriber_lname": "Tester",
1154     "subscriber_mname": "Xi",
1155     "subscriber_fname": "Foo",
1156     "subscriber_relationship": "other",
1157     "subscriber_ss": "234231234",
1158     "subscriber_DOB": "2018-10-03",
1159     "subscriber_street": "183 Cool St",
1160     "subscriber_postal_code": "23418",
1161     "subscriber_city": "Cooltown",
1162     "subscriber_state": "AZ",
1163     "subscriber_country": "USA",
1164     "subscriber_phone": "234-598-2123",
1165     "subscriber_employer": "Some Employer",
1166     "subscriber_employer_street": "123 Heather Lane",
1167     "subscriber_employer_postal_code": "23415",
1168     "subscriber_employer_state": "AZ",
1169     "subscriber_employer_country": "USA",
1170     "subscriber_employer_city": "Cooltown",
1171     "copay": "35",
1172     "date": "2018-10-15",
1173     "subscriber_sex": "Female",
1174     "accept_assignment": "TRUE",
1175     "policy_type": "a"
1179 Notes:
1181 -   `provider` is the insurance company id
1182 -   `state` can be found by querying `resource=/api/list/state`
1183 -   `country` can be found by querying `resource=/api/list/country`
1185 #### PUT /api/patient/:pid/insurance/:type
1187 Request:
1189 ```sh
1190 curl -X PUT 'http://localhost:8300/apis/api/patient/10/insurance/primary' -d \
1192     "type": "primary",
1193     "provider": "33",
1194     "plan_name": "Some Plan",
1195     "policy_number": "12345",
1196     "group_number": "252412",
1197     "subscriber_lname": "Tester",
1198     "subscriber_mname": "Xi",
1199     "subscriber_fname": "Foo",
1200     "subscriber_relationship": "other",
1201     "subscriber_ss": "234231234",
1202     "subscriber_DOB": "2018-10-03",
1203     "subscriber_street": "183 Cool St",
1204     "subscriber_postal_code": "23418",
1205     "subscriber_city": "Cooltown",
1206     "subscriber_state": "AZ",
1207     "subscriber_country": "USA",
1208     "subscriber_phone": "234-598-2123",
1209     "subscriber_employer": "Some Employer",
1210     "subscriber_employer_street": "123 Heather Lane",
1211     "subscriber_employer_postal_code": "23415",
1212     "subscriber_employer_state": "AZ",
1213     "subscriber_employer_country": "USA",
1214     "subscriber_employer_city": "Cooltown",
1215     "copay": "35",
1216     "date": "2018-10-15",
1217     "subscriber_sex": "Female",
1218     "accept_assignment": "TRUE",
1219     "policy_type": "a"
1223 Notes:
1225 -   `provider` is the insurance company id
1226 -   `state` can be found by querying `resource=/api/list/state`
1227 -   `country` can be found by querying `resource=/api/list/country`
1229 #### GET /api/list/:list_name
1231 Request:
1233 ```sh
1234 curl -X GET 'http://localhost:8300/apis/api/list/medical_problem_issue_list'
1237 #### GET /api/version
1239 Request:
1241 ```sh
1242 curl -X GET 'http://localhost:8300/apis/api/version'
1245 #### GET /api/product
1247 Request:
1249 ```sh
1250 curl -X GET 'http://localhost:8300/apis/api/product'
1253 #### GET /api/insurance_company
1255 Request:
1257 ```sh
1258 curl -X GET 'http://localhost:8300/apis/api/insurance_company'
1261 #### GET /api/insurance_type
1263 Request:
1265 ```sh
1266 curl -X GET 'http://localhost:8300/apis/api/insurance_type'
1269 #### POST /api/insurance_company
1271 Request:
1273 ```sh
1274 curl -X POST 'http://localhost:8300/apis/api/insurance_company' -d \
1276     "name": "Cool Insurance Company",
1277     "attn": null,
1278     "cms_id": null,
1279     "ins_type_code": "2",
1280     "x12_receiver_id": null,
1281     "x12_default_partner_id": null,
1282     "alt_cms_id": "",
1283     "line1": "123 Cool Lane",
1284     "line2": "Suite 123",
1285     "city": "Cooltown",
1286     "state": "CA",
1287     "zip": "12245",
1288     "country": "USA"
1292 Notes: `ins_type_code` can be found by inspecting the above route (/api/insurance_type).
1294 #### PUT /api/insurance_company/:iid
1296 Request:
1298 ```sh
1299 curl -X PUT 'http://localhost:8300/apis/api/insurance_company/1' -d \
1301     "name": "Super Insurance Company",
1302     "attn": null,
1303     "cms_id": null,
1304     "ins_type_code": "2",
1305     "x12_receiver_id": null,
1306     "x12_default_partner_id": null,
1307     "alt_cms_id": "",
1308     "line1": "123 Cool Lane",
1309     "line2": "Suite 123",
1310     "city": "Cooltown",
1311     "state": "CA",
1312     "zip": "12245",
1313     "country": "USA"
1317 Notes: `ins_type_code` can be found by inspecting the above route (/api/insurance_type).
1319 #### GET /api/appointment
1321 Request:
1323 ```sh
1324 curl -X GET 'http://localhost:8300/apis/api/appointment'
1327 #### GET /api/appointment/:eid
1329 Request:
1331 ```sh
1332 curl -X GET 'http://localhost:8300/apis/api/appointment/1'
1335 #### GET /api/patient/:pid/appointment
1337 Request:
1339 ```sh
1340 curl -X GET 'http://localhost:8300/apis/api/patient/1/appointment'
1343 #### GET /api/patient/:pid/appointment/:eid
1345 Request:
1347 ```sh
1348 curl -X GET 'http://localhost:8300/apis/api/patient/1/appointment/1'
1351 #### POST /api/patient/:pid/appointment
1353 Request:
1355 ```sh
1356 curl -X POST 'http://localhost:8300/apis/api/patient/1/appointment' -d \
1358     "pc_eid":"1",
1359     "pc_catid": "5",
1360     "pc_title": "Office Visit",
1361     "pc_duration": "900",
1362     "pc_hometext": "Test",
1363     "pc_apptstatus": "-",
1364     "pc_eventDate": "2018-10-19",
1365     "pc_startTime": "09:00",
1366     "pc_facility": "9",
1367     "pc_billing_location": "10"
1371 #### DELETE /api/patient/:pid/appointment/:eid
1373 Request:
1375 ```sh
1376 curl -X DELETE 'http://localhost:8300/apis/api/patient/1/appointment/1' -d \
1379 #### GET /api/patient/:pid/document
1381 Request:
1383 ```sh
1384 curl -X GET 'http://localhost:8300/apis/api/patient/1/document&path=/eye_module/imaging-eye/drawings-eye'
1387 Note: The `path` query string represents the OpenEMR documents paths with two exceptions:
1389 -   Spaces are represented with `_`
1390 -   All characters are lowercase
1392 #### POST /api/patient/:pid/document
1394 Request:
1396 ```sh
1397 curl -X POST 'http://localhost:8300/apis/api/patient/1/document&path=/eye_module/imaging-eye/drawings-eye' \
1398  -F document=@/home/someone/Desktop/drawing.jpg
1401 Note: The `path` query string represents the OpenEMR documents paths with two exceptions:
1403 -   Spaces are represented with `_`
1404 -   All characters are lowercase
1406 #### GET /api/patient/:pid/document/:did
1408 Request:
1410 ```sh
1411 curl -X GET 'http://localhost:8300/apis/api/patient/1/document/1'
1414 #### POST /api/patient/:pid/message
1416 Request:
1418 ```sh
1419 curl -X POST 'http://localhost:8300/apis/api/patient/1/message' -d \
1421     "body": "Test 123",
1422     "groupname": "Default",
1423     "from": "admin",
1424     "to": "Matthew",
1425     "title": "Other",
1426     "message_status": "New"
1430 Notes:
1432 -   For `title`, use `resource=/api/list/note_type`
1433 -   For `message_type`, use `resource=/api/list/message_status`
1435 #### PUT /api/patient/:pid/message/:mid
1437 Request:
1439 ```sh
1440 curl -X PUT 'http://localhost:8300/apis/api/patient/1/message/1' -d \
1442     "body": "Test 456",
1443     "groupname": "Default",
1444     "from": "Matthew",
1445     "to": "admin",
1446     "title": "Other",
1447     "message_status": "New"
1451 Notes:
1453 -   For `title`, use `resource=/api/list/note_type`
1454 -   For `message_type`, use `resource=/api/list/message_status`
1456 #### DELETE /api/patient/:pid/message/:mid
1458 Request:
1460 ```sh
1461 curl -X DELETE 'http://localhost:8300/apis/api/patient/1/message/1'
1464 ### /portal/ Endpoints
1466 OpenEMR patient portal endpoints Use `http://localhost:8300/apis/portal as base URI.`
1468 _Example:_ `http://localhost:8300/apis/portal/patient` returns a resource of the patient.
1470 #### POST /portal/auth
1472 The OpenEMR Patient Portal API utilizes the OAuth2 password credential flow for authentication. To obtain an API token, submit your login credentials and requested scope. The scope must match a site that has been setup in OpenEMR, in the /sites/ directory. If additional sites have not been created, set the scope
1473 to 'default'. If the patient portal is set to require email address on authenticate, then need to also include an `email` field in the request.
1475 Request:
1477 ```sh
1478 curl -X POST -H 'Content-Type: application/json' 'http://localhost:8300/apis/portal/auth' \
1479 -d '{
1480     "grant_type":"password",
1481     "username": "ServiceUser",
1482     "password": "password",
1483     "scope":"site id"
1487 Response:
1489 ```json
1491     "token_type": "Bearer",
1492     "access_token": "eyJ0b2tlbiI6IjAwNmZ4TWpsNWhsZmNPelZicXBEdEZVUlNPQUY5KzdzR1Jjejc4WGZyeGFjUjY2QlhaaEs4eThkU3cxbTd5VXFBeTVyeEZpck9mVzBQNWc5dUlidERLZ0trUElCME5wRDVtTVk5bE9WaE5DTHF5RnRnT0Q0OHVuaHRvbXZ6OTEyNmZGUmVPUllSYVJORGoyZTkzTDA5OWZSb0ZRVGViTUtWUFd4ZW5cL1piSzhIWFpJZUxsV3VNcUdjQXR5dmlLQXRXNDAiLCJzaXRlX2lkIjoiZGVmYXVsdCIsImFwaSI6Im9lbXIifQ==",
1493     "expires_in": "3600",
1494     "user_data": {
1495         "user_id": "1"
1496     }
1500 The Bearer token is required for each OpenEMR Patient Portal API request, and is conveyed using an Authorization header.
1502 Request:
1504 ```sh
1505 curl -X GET 'http://localhost:8300/apis/portal/patient' \
1506   -H 'Authorization: Bearer eyJ0b2tlbiI6IjAwNmZ4TWpsNWhsZmNPelZicXBEdEZVUlNPQUY5KzdzR1Jjejc4WGZyeGFjUjY2QlhaaEs4eThkU3cxbTd5VXFBeTVyeEZpck9mVzBQNWc5dUlidERLZ0trUElCME5wRDVtTVk5bE9WaE5DTHF5RnRnT0Q0OHVuaHRvbXZ6OTEyNmZGUmVPUllSYVJORGoyZTkzTDA5OWZSb0ZRVGViTUtWUFd4ZW5cL1piSzhIWFpJZUxsV3VNcUdjQXR5dmlLQXRXNDAiLCJzaXRlX2lkIjoiZGVmYXVsdCIsImFwaSI6Im9lbXIifQ=='
1509 #### GET /portal/patient
1511 Request:
1513 ```sh
1514 curl -X GET 'http://localhost:8300/apis/portal/patient'
1517 Response:
1519 ```json
1521     "validationErrors": [],
1522     "internalErrors": [],
1523     "data": {
1524         "id": "193",
1525         "pid": "1",
1526         "pubpid": "",
1527         "title": "Mr",
1528         "fname": "Baz",
1529         "mname": "",
1530         "lname": "Bop",
1531         "ss": "",
1532         "street": "456 Tree Lane",
1533         "postal_code": "08642",
1534         "city": "FooTown",
1535         "state": "FL",
1536         "county": "",
1537         "country_code": "US",
1538         "drivers_license": "",
1539         "contact_relationship": "",
1540         "phone_contact": "123-456-7890",
1541         "phone_home": "",
1542         "phone_biz": "",
1543         "phone_cell": "",
1544         "email": "",
1545         "DOB": "1992-02-03",
1546         "sex": "Male",
1547         "race": "",
1548         "ethnicity": "",
1549         "status": ""
1550     }
1554 ### Dev Notes
1556 -   For business logic, make or use the services [here](src/Services)
1557 -   For controller logic, make or use the classes [here](src/RestControllers)
1558 -   For routing declarations, use the class [here](_rest_routes.inc.php).
1560 ### Project Management
1562 #### General API
1564 -   TODO(?): Prevent `ListService` from using `enddate` of `0000-00-00` by default
1565 -   TODO(?): API for fee sheets
1566 -   TODO(?): API for pharmacies
1567 -   TODO(?): API for immunizations
1568 -   TODO(?): API for prescriptions
1569 -   TODO(?): Drug search API
1570 -   TODO(?): API for onotes