8 * @link http://www.open-emr.org
9 * @author Matthew Vita <matthewvita48@gmail.com>
10 * @author Jerry Padgett <sjpadgett@gmail.com>
11 * @author Brady Miller <brady.g.miller@gmail.com>
12 * @author Yash Raj Bothra <yashrajbothra786@gmail.com>
13 * @author Stephen Nielson <snielson@discoverandchange.com>
14 * @copyright Copyright (c) 2018 Matthew Vita <matthewvita48@gmail.com>
15 * @copyright Copyright (c) 2018-2020 Jerry Padgett <sjpadgett@gmail.com>
16 * @copyright Copyright (c) 2019-2021 Brady Miller <brady.g.miller@gmail.com>
17 * @copyright Copyright (c) 2020 Yash Raj Bothra <yashrajbothra786@gmail.com>
18 * @copyright Copyright (c) 2024 Care Management Solutions, Inc. <stephen.waite@cmsvt.com>
19 * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
23 * @OA\Info(title="OpenEMR API", version="7.0.3")
24 * @OA\Server(url="/apis/default/")
26 * securityScheme="openemr_auth",
29 * authorizationUrl="/oauth2/default/authorize",
30 * tokenUrl="/oauth2/default/token",
31 * refreshUrl="/oauth2/default/token",
32 * flow="authorizationCode",
34 * "openid": "Generic mandatory scope",
35 * "offline_access": "Will signal server to provide a refresh token",
36 * "launch/patient": "Will provide a patient selector when logging in as an OpenEMR user (required for testing patient/* scopes in swagger if not logging in as a patient)",
37 * "api:fhir": "FHIR R4 API",
38 * "patient/AllergyIntolerance.read": "Read allergy intolerance resources for the current patient (api:fhir)",
39 * "patient/Appointment.read": "Read appointment resources for the current patient (api:fhir)",
40 * "patient/Binary.read": "Read binary document resources for the current patient (api:fhir)",
41 * "patient/CarePlan.read": "Read care plan resources for the current patient (api:fhir)",
42 * "patient/CareTeam.read": "Read care team resources for the current patient (api:fhir)",
43 * "patient/Condition.read": "Read condition resources for the current patient (api:fhir)",
44 * "patient/Coverage.read": "Read coverage resources for the current patient (api:fhir)",
45 * "patient/Device.read": "Read device resources for the current patient (api:fhir)",
46 * "patient/DiagnosticReport.read": "Read diagnostic report resources for the current patient (api:fhir)",
47 * "patient/DocumentReference.read": "Read document reference resources for the current patient (api:fhir)",
48 * "patient/DocumentReference.$docref" : "Generate a document for the current patient or returns the most current Clinical Summary of Care Document (CCD)",
49 * "patient/Encounter.read": "Read encounter resources for the current patient (api:fhir)",
50 * "patient/Goal.read": "Read goal resources for the current patient (api:fhir)",
51 * "patient/Immunization.read": "Read immunization resources for the current patient (api:fhir)",
52 * "patient/Location.read": "Read location resources for the current patient (api:fhir)",
53 * "patient/Medication.read": "Read medication resources for the current patient (api:fhir)",
54 * "patient/MedicationRequest.read": "Read medication request resources for the current patient (api:fhir)",
55 * "patient/Observation.read": "Read observation resources for the current patient (api:fhir)",
56 * "patient/Organization.read": "Read organization resources for the current patient (api:fhir)",
57 * "patient/Patient.read": "Read patient resource for the current patient (api:fhir)",
58 * "patient/Person.read": "Read person resources for the current patient (api:fhir)",
59 * "patient/Practitioner.read": "Read practitioner resources for the current patient (api:fhir)",
60 * "patient/Procedure.read": "Read procedure resources for the current patient (api:fhir)",
61 * "patient/Provenance.read": "Read provenance resources for the current patient (api:fhir)",
62 * "system/AllergyIntolerance.read": "Read all allergy intolerance resources in the system (api:fhir)",
63 * "system/Binary.read": "Read all binary document resources in the system (api:fhir)",
64 * "system/CarePlan.read": "Read all care plan resources in the system (api:fhir)",
65 * "system/CareTeam.read": "Read all care team resources in the system (api:fhir)",
66 * "system/Condition.read": "Read all condition resources in the system (api:fhir)",
67 * "system/Coverage.read": "Read all coverage resources in the system (api:fhir)",
68 * "system/Device.read": "Read all device resources in the system (api:fhir)",
69 * "system/DiagnosticReport.read": "Read all diagnostic report resources in the system (api:fhir)",
70 * "system/DocumentReference.read": "Read all document reference resources in the system (api:fhir)",
71 * "system/DocumentReference.$docref" : "Generate a document for any patient in the system or returns the most current Clinical Summary of Care Document (CCD)",
72 * "system/Encounter.read": "Read all encounter resources in the system (api:fhir)",
73 * "system/Goal.read": "Read all goal resources in the system (api:fhir)",
74 * "system/Group.read": "Read all group resources in the system (api:fhir)",
75 * "system/Immunization.read": "Read all immunization resources in the system (api:fhir)",
76 * "system/Location.read": "Read all location resources in the system (api:fhir)",
77 * "system/Medication.read": "Read all medication resources in the system (api:fhir)",
78 * "system/MedicationRequest.read": "Read all medication request resources in the system (api:fhir)",
79 * "system/Observation.read": "Read all observation resources in the system (api:fhir)",
80 * "system/Organization.read": "Read all organization resources in the system (api:fhir)",
81 * "system/Patient.read": "Read all patient resources in the system (api:fhir)",
82 * "system/Person.read": "Read all person resources in the system (api:fhir)",
83 * "system/Practitioner.read": "Read all practitioner resources in the system (api:fhir)",
84 * "system/PractitionerRole.read": "Read all practitioner role resources in the system (api:fhir)",
85 * "system/Procedure.read": "Read all procedure resources in the system (api:fhir)",
86 * "system/Provenance.read": "Read all provenance resources in the system (api:fhir)",
87 * "system/ValueSet.read": "Read all valueSet resources in the system (api:fhir)",
88 * "user/AllergyIntolerance.read": "Read all allergy intolerance resources the user has access to (api:fhir)",
89 * "user/Binary.read" : "Read all binary documents the user has access to (api:fhir)",
90 * "user/CarePlan.read": "Read all care plan resources the user has access to (api:fhir)",
91 * "user/CareTeam.read": "Read all care team resources the user has access to (api:fhir)",
92 * "user/Condition.read": "Read all condition resources the user has access to (api:fhir)",
93 * "user/Coverage.read": "Read all coverage resources the user has access to (api:fhir)",
94 * "user/Device.read": "Read all device resources the user has access to (api:fhir)",
95 * "user/DiagnosticReport.read": "Read all diagnostic report resources the user has access to (api:fhir)",
96 * "user/DocumentReference.read": "Read all document reference resources the user has access to (api:fhir)",
97 * "user/DocumentReference.$docref" : "Generate a document for any patient the user has access to or returns the most current Clinical Summary of Care Document (CCD) (api:fhir)",
98 * "user/Encounter.read": "Read all encounter resources the user has access to (api:fhir)",
99 * "user/Goal.read": "Read all goal resources the user has access to (api:fhir)",
100 * "user/Immunization.read": "Read all immunization resources the user has access to (api:fhir)",
101 * "user/Location.read": "Read all location resources the user has access to (api:fhir)",
102 * "user/Medication.read": "Read all medication resources the user has access to (api:fhir)",
103 * "user/MedicationRequest.read": "Read all medication request resources the user has access to (api:fhir)",
104 * "user/Observation.read": "Read all observation resources the user has access to (api:fhir)",
105 * "user/Organization.read": "Read all organization resources the user has access to (api:fhir)",
106 * "user/Organization.write": "Write all organization resources the user has access to (api:fhir)",
107 * "user/Patient.read": "Read all patient resources the user has access to (api:fhir)",
108 * "user/Patient.write": "Write all patient resources the user has access to (api:fhir)",
109 * "user/Person.read": "Read all person resources the user has access to (api:fhir)",
110 * "user/Practitioner.read": "Read all practitioner resources the user has access to (api:fhir)",
111 * "user/Practitioner.write": "Write all practitioner resources the user has access to (api:fhir)",
112 * "user/PractitionerRole.read": "Read all practitioner role resources the user has access to (api:fhir)",
113 * "user/Procedure.read": "Read all procedure resources the user has access to (api:fhir)",
114 * "user/Provenance.read": "Read all provenance resources the user has access to (api:fhir)",
115 * "user/ValueSet.read": "Read all valueSet resources the user has access to (api:fhir)",
116 * "api:oemr": "Standard OpenEMR API",
117 * "user/allergy.read": "Read allergies the user has access to (api:oemr)",
118 * "user/allergy.write": "Write allergies the user has access to for (api:oemr)",
119 * "user/appointment.read": "Read appointments the user has access to (api:oemr)",
120 * "user/appointment.write": "Write appointments the user has access to for (api:oemr)",
121 * "user/dental_issue.read": "Read dental issues the user has access to (api:oemr)",
122 * "user/dental_issue.write": "Write dental issues the user has access to (api:oemr)",
123 * "user/document.read": "Read documents the user has access to (api:oemr)",
124 * "user/document.write": "Write documents the user has access to (api:oemr)",
125 * "user/drug.read": "Read drugs the user has access to (api:oemr)",
126 * "user/encounter.read": "Read encounters the user has access to (api:oemr)",
127 * "user/encounter.write": "Write encounters the user has access to (api:oemr)",
128 * "user/facility.read": "Read facilities the user has access to (api:oemr)",
129 * "user/facility.write": "Write facilities the user has access to (api:oemr)",
130 * "user/immunization.read": "Read immunizations the user has access to (api:oemr)",
131 * "user/insurance.read": "Read insurances the user has access to (api:oemr)",
132 * "user/insurance.write": "Write insurances the user has access to (api:oemr)",
133 * "user/insurance_company.read": "Read insurance companies the user has access to (api:oemr)",
134 * "user/insurance_company.write": "Write insurance companies the user has access to (api:oemr)",
135 * "user/insurance_type.read": "Read insurance types the user has access to (api:oemr)",
136 * "user/list.read": "Read lists the user has access to (api:oemr)",
137 * "user/medical_problem.read": "Read medical problems the user has access to (api:oemr)",
138 * "user/medical_problem.write": "Write medical problems the user has access to (api:oemr)",
139 * "user/medication.read": "Read medications the user has access to (api:oemr)",
140 * "user/medication.write": "Write medications the user has access to (api:oemr)",
141 * "user/message.write": "Read messages the user has access to (api:oemr)",
142 * "user/patient.read": "Read patients the user has access to (api:oemr)",
143 * "user/patient.write": "Write patients the user has access to (api:oemr)",
144 * "user/practitioner.read": "Read practitioners the user has access to (api:oemr)",
145 * "user/practitioner.write": "Write practitioners the user has access to (api:oemr)",
146 * "user/prescription.read": "Read prescriptions the user has access to (api:oemr)",
147 * "user/procedure.read": "Read procedures the user has access to (api:oemr)",
148 * "user/soap_note.read": "Read soap notes the user has access to (api:oemr)",
149 * "user/soap_note.write": "Write soap notes the user has access to (api:oemr)",
150 * "user/surgery.read": "Read surgeries the user has access to (api:oemr)",
151 * "user/surgery.write": "Write surgeries the user has access to (api:oemr)",
152 * "user/transaction.read": "Read transactions the user has access to (api:oemr)",
153 * "user/transaction.write": "Write transactions the user has access to (api:oemr)",
154 * "user/user.read": "Read users the current user has access to (api:oemr)",
155 * "user/vital.read": "Read vitals the user has access to (api:oemr)",
156 * "user/vital.write": "Write vitals the user has access to (api:oemr)",
157 * "api:port": "Standard Patient Portal OpenEMR API",
158 * "patient/encounter.read": "Read encounters the patient has access to (api:port)",
159 * "patient/patient.read": "Write encounters the patient has access to (api:port)",
160 * "patient/appointment.read": "Read appointments the patient has access to (api:port)"
166 * description="FHIR R4 API"
170 * description="Standard OpenEMR API"
173 * name="standard-patient",
174 * description="Standard Patient Portal OpenEMR API"
180 * description="The sort criteria specified in comma separated order with Descending order being specified by a dash before the search parameter name. (Example: name,-category)",
187 * name="_lastUpdated",
189 * parameter="_lastUpdated",
190 * description="The date the resource was last updated.",
197 * response="standard",
198 * description="Standard Response",
200 * mediaType="application/json",
203 * property="validationErrors",
204 * description="Validation errors.",
211 * property="internalErrors",
212 * description="Internal errors.",
220 * description="Returned data.",
227 * "validationErrors": {},
228 * "error_description": {},
235 * response="badrequest",
236 * description="Bad Request",
238 * mediaType="application/json",
241 * property="validationErrors",
242 * description="Validation errors.",
246 * "validationErrors":
248 * "_id": "The search field argument was invalid, improperly formatted, or could not be parsed. Inner message: UUID columns must be a valid UUID string"
255 * response="unauthorized",
256 * description="Unauthorized",
258 * mediaType="application/json",
262 * description="The error.",
266 * property="error_description",
267 * description="The description of the error.",
272 * description="More specific information on the error.",
276 * property="message",
277 * description="Message regarding the error.",
281 * "error": "access_denied",
282 * "error_description": "The resource owner or authorization server denied the request.",
283 * "hint": "Missing ""Authorization"" header",
284 * "message": "The resource owner or authorization server denied the request."
290 * response="uuidnotfound",
291 * description="Not Found",
293 * mediaType="application/json",
297 * description="empty",
306 // Lets keep our controller classes with the routes.
308 use OpenEMR\Common\Acl\AccessDeniedException
;
309 use OpenEMR\Common\Http\HttpRestRequest
;
310 use OpenEMR\RestControllers\AllergyIntoleranceRestController
;
311 use OpenEMR\RestControllers\FacilityRestController
;
312 use OpenEMR\RestControllers\VersionRestController
;
313 use OpenEMR\RestControllers\ProductRegistrationRestController
;
314 use OpenEMR\RestControllers\PatientRestController
;
315 use OpenEMR\RestControllers\EncounterRestController
;
316 use OpenEMR\RestControllers\PractitionerRestController
;
317 use OpenEMR\RestControllers\ListRestController
;
318 use OpenEMR\RestControllers\InsuranceCompanyRestController
;
319 use OpenEMR\RestControllers\AppointmentRestController
;
320 use OpenEMR\RestControllers\ConditionRestController
;
321 use OpenEMR\RestControllers\ONoteRestController
;
322 use OpenEMR\RestControllers\DocumentRestController
;
323 use OpenEMR\RestControllers\DrugRestController
;
324 use OpenEMR\RestControllers\EmployerRestController
;
325 use OpenEMR\RestControllers\ImmunizationRestController
;
326 use OpenEMR\RestControllers\InsuranceRestController
;
327 use OpenEMR\RestControllers\MessageRestController
;
328 use OpenEMR\RestControllers\PrescriptionRestController
;
329 use OpenEMR\RestControllers\ProcedureRestController
;
330 use OpenEMR\RestControllers\TransactionRestController
;
331 use OpenEMR\RestControllers\UserRestController
;
332 use OpenEMR\Services\Search\SearchQueryConfig
;
334 // Note some Http clients may not send auth as json so a function
335 // is implemented to determine and parse encoding on auth route's.
337 // Note that the api route is only for users role
338 // (there is a mechanism in place to ensure only user role can access the api route)
339 RestConfig
::$ROUTE_MAP = array(
342 * path="/api/facility",
343 * description="Returns a single facility.",
348 * description="The name for the facility.",
355 * name="facility_npi",
357 * description="The facility_npi for the facility.",
366 * description="The phone for the facility.",
375 * description="The fax for the facility.",
384 * description="The street for the facility.",
393 * description="The city for the facility.",
402 * description="The state for the facility.",
409 * name="postal_code",
411 * description="The postal_code for the facility.",
418 * name="country_code",
420 * description="The country_code for the facility.",
427 * name="federal_ein",
429 * description="The federal_ein for the facility.",
438 * description="The website for the facility.",
447 * description="The email for the facility.",
454 * name="domain_identifier",
456 * description="The domain_identifier for the facility.",
463 * name="facility_taxonomy",
465 * description="The facility_taxonomy for the facility.",
472 * name="facility_code",
474 * description="The facility_code for the facility.",
481 * name="billing_location",
483 * description="The billing_location setting for the facility.",
490 * name="accepts_assignment",
492 * description="The accepts_assignment setting for the facility.",
501 * description="The oid for the facility.",
508 * name="service_location",
510 * description="The service_location setting for the facility.",
518 * ref="#/components/responses/standard"
522 * ref="#/components/responses/badrequest"
526 * ref="#/components/responses/unauthorized"
528 * security={{"openemr_auth":{}}}
531 "GET /api/facility" => function () {
532 RestConfig
::authorization_check("admin", "users");
533 $return = (new FacilityRestController())->getAll($_GET);
534 RestConfig
::apiLog($return);
540 * path="/api/facility/{fuuid}",
541 * description="Returns a single facility.",
546 * description="The uuid for the facility.",
554 * ref="#/components/responses/standard"
558 * ref="#/components/responses/badrequest"
562 * ref="#/components/responses/unauthorized"
564 * security={{"openemr_auth":{}}}
567 "GET /api/facility/:fuuid" => function ($fuuid) {
568 RestConfig
::authorization_check("admin", "users");
569 $return = (new FacilityRestController())->getOne($fuuid);
570 RestConfig
::apiLog($return);
576 * path="/api/facility",
577 * description="Creates a facility in the system",
582 * mediaType="application/json",
586 * description="The name for the facility.",
590 * property="facility_npi",
591 * description="The facility_npi for the facility.",
596 * description="The phone for the facility.",
601 * description="The fax for the facility.",
606 * description="The street for the facility.",
611 * description="The city for the facility.",
616 * description="The state for the facility.",
620 * property="postal_code",
621 * description="The postal_code for the facility.",
625 * property="country_code",
626 * description="The country_code for the facility.",
630 * property="federal_ein",
631 * description="The federal_ein for the facility.",
635 * property="website",
636 * description="The website for the facility.",
641 * description="The email for the facility.",
645 * property="domain_identifier",
646 * description="The domain_identifier for the facility.",
650 * property="facility_taxonomy",
651 * description="The facility_taxonomy for the facility.",
655 * property="facility_code",
656 * description="The facility_code for the facility.",
660 * property="billing_location",
661 * description="The billing_location setting for the facility.",
665 * property="accepts_assignment",
666 * description="The accepts_assignment setting for the facility.",
671 * description="The oid for the facility.",
675 * property="service_location",
676 * description="The service_location setting for the facility.",
679 * required={"name", "facility_npi"},
682 * "facility_npi": "123456789123",
683 * "phone": "808-606-3030",
684 * "fax": "808-606-3031",
685 * "street": "1337 Bit Shifter Ln",
686 * "city": "San Lorenzo",
688 * "postal_code": "54321",
689 * "country_code": "US",
690 * "federal_ein": "4343434",
691 * "website": "https://example.com",
692 * "email": "foo@bar.com",
693 * "domain_identifier": "",
694 * "facility_taxonomy": "",
695 * "facility_code": "",
696 * "billing_location": "1",
697 * "accepts_assignment": "1",
699 * "service_location": "1"
706 * ref="#/components/responses/standard"
710 * ref="#/components/responses/badrequest"
714 * ref="#/components/responses/unauthorized"
716 * security={{"openemr_auth":{}}}
719 "POST /api/facility" => function () {
720 RestConfig
::authorization_check("admin", "super");
721 $data = (array) (json_decode(file_get_contents("php://input")));
722 $return = (new FacilityRestController())->post($data);
723 RestConfig
::apiLog($return, $data);
729 * path="/api/facility/{fuuid}",
730 * description="Updates a facility in the system",
735 * description="The uuid for the facility.",
744 * mediaType="application/json",
748 * description="The name for the facility.",
752 * property="facility_npi",
753 * description="The facility_npi for the facility.",
758 * description="The phone for the facility.",
763 * description="The fax for the facility.",
768 * description="The street for the facility.",
773 * description="The city for the facility.",
778 * description="The state for the facility.",
782 * property="postal_code",
783 * description="The postal_code for the facility.",
787 * property="country_code",
788 * description="The country_code for the facility.",
792 * property="federal_ein",
793 * description="The federal_ein for the facility.",
797 * property="website",
798 * description="The website for the facility.",
803 * description="The email for the facility.",
807 * property="domain_identifier",
808 * description="The domain_identifier for the facility.",
812 * property="facility_taxonomy",
813 * description="The facility_taxonomy for the facility.",
817 * property="facility_code",
818 * description="The facility_code for the facility.",
822 * property="billing_location",
823 * description="The billing_location setting for the facility.",
827 * property="accepts_assignment",
828 * description="The accepts_assignment setting for the facility.",
833 * description="The oid for the facility.",
837 * property="service_location",
838 * description="The service_location setting for the facility.",
843 * "facility_npi": "123456789123",
844 * "phone": "808-606-3030",
845 * "fax": "808-606-3031",
846 * "street": "1337 Bit Shifter Ln",
847 * "city": "San Lorenzo",
849 * "postal_code": "54321",
850 * "country_code": "US",
851 * "federal_ein": "4343434",
852 * "website": "https://example.com",
853 * "email": "foo@bar.com",
854 * "domain_identifier": "",
855 * "facility_taxonomy": "",
856 * "facility_code": "",
857 * "billing_location": "1",
858 * "accepts_assignment": "1",
860 * "service_location": "1"
867 * ref="#/components/responses/standard"
871 * ref="#/components/responses/badrequest"
875 * ref="#/components/responses/unauthorized"
877 * security={{"openemr_auth":{}}}
880 "PUT /api/facility/:fuuid" => function ($fuuid) {
881 RestConfig
::authorization_check("admin", "super");
882 $data = (array) (json_decode(file_get_contents("php://input")));
883 $return = (new FacilityRestController())->patch($fuuid, $data);
884 RestConfig
::apiLog($return, $data);
890 * path="/api/patient",
891 * description="Retrieves a list of patients",
894 * ref="#/components/parameters/_sort"
899 * description="The first name for the patient.",
908 * description="The last name for the patient.",
917 * description="The social security number for the patient.",
926 * description="The street for the patient.",
933 * name="postal_code",
935 * description="The postal code for the patient.",
944 * description="The city for the patient.",
953 * description="The state for the patient.",
962 * description="The home phone for the patient.",
971 * description="The business phone for the patient.",
980 * description="The cell phone for the patient.",
987 * name="postal_contact",
989 * description="The postal_contact for the patient.",
998 * description="The gender for the patient.",
1005 * name="country_code",
1007 * description="The country code for the patient.",
1016 * description="The email for the patient.",
1025 * description="The DOB for the patient.",
1034 * description="The date this patient resource was last modified.",
1043 * description="The number of records to offset from this index in the search result.",
1052 * description="The maximum number of resources to return in the result set. 0 means unlimited.",
1062 * ref="#/components/responses/standard"
1066 * ref="#/components/responses/badrequest"
1070 * ref="#/components/responses/unauthorized"
1072 * security={{"openemr_auth":{}}}
1075 "GET /api/patient" => function () {
1076 RestConfig
::authorization_check("patients", "demo");
1077 $config = SearchQueryConfig
::createConfigFromQueryParams($_GET);
1078 $return = (new PatientRestController())->getAll($_GET, $config);
1079 RestConfig
::apiLog($return);
1084 * Schema for the patient request
1087 * schema="api_patient_request",
1090 * description="The title of patient.",
1095 * description="The fname of patient.",
1100 * description="The mname of patient.",
1105 * description="The lname of patient.",
1109 * property="street",
1110 * description="The street address of patient.",
1114 * property="postal_code",
1115 * description="The postal code of patient.",
1120 * description="The city of patient.",
1125 * description="The state of patient.",
1129 * property="country_code",
1130 * description="The country code of patient.",
1134 * property="phone_contact",
1135 * description="The phone contact of patient.",
1140 * description="The DOB of patient.",
1145 * description="The lname of patient.",
1150 * description="The race of patient.",
1154 * property="ethnicity",
1155 * description="The ethnicity of patient.",
1158 * required={"fname", "lname", "DOB", "sex"},
1164 * "street": "456 Tree Lane",
1165 * "postal_code": "08642",
1166 * "city": "FooTown",
1168 * "country_code": "US",
1169 * "phone_contact": "123-456-7890",
1170 * "DOB": "1992-02-02",
1179 * path="/api/patient",
1180 * description="Creates a new patient",
1181 * tags={"standard"},
1185 * mediaType="application/json",
1186 * @OA\Schema(ref="#/components/schemas/api_patient_request")
1191 * description="Standard response",
1193 * mediaType="application/json",
1196 * property="validationErrors",
1197 * description="Validation errors.",
1204 * property="internalErrors",
1205 * description="Internal errors.",
1213 * description="Returned data.",
1218 * description="patient pid",
1224 * "validationErrors": {},
1225 * "error_description": {},
1235 * ref="#/components/responses/unauthorized"
1237 * security={{"openemr_auth":{}}}
1240 "POST /api/patient" => function () {
1241 RestConfig
::authorization_check("patients", "demo");
1242 $data = (array) (json_decode(file_get_contents("php://input")));
1243 $return = (new PatientRestController())->post($data);
1244 RestConfig
::apiLog($return, $data);
1249 * Schema for the patient response
1252 * schema="api_patient_response",
1254 * property="validationErrors",
1255 * description="Validation errors.",
1262 * property="internalErrors",
1263 * description="Internal errors.",
1271 * description="Returned data.",
1276 * description="patient id",
1281 * description="patient pid",
1285 * property="pubpid",
1286 * description="patient public id",
1291 * description="patient title",
1296 * description="patient first name",
1301 * description="patient middle name",
1306 * description="patient last name",
1311 * description="patient social security number",
1315 * property="street",
1316 * description="patient street address",
1320 * property="postal_code",
1321 * description="patient postal code",
1326 * description="patient city",
1331 * description="patient state",
1335 * property="county",
1336 * description="patient county",
1340 * property="country_code",
1341 * description="patient country code",
1345 * property="drivers_license",
1346 * description="patient drivers license id",
1350 * property="contact_relationship",
1351 * description="patient contact relationship",
1355 * property="phone_contact",
1356 * description="patient phone contact",
1360 * property="phone_home",
1361 * description="patient home phone",
1365 * property="phone_biz",
1366 * description="patient work phone",
1370 * property="phone_cell",
1371 * description="patient mobile phone",
1376 * description="patient email",
1381 * description="patient DOB",
1386 * description="patient sex (gender)",
1391 * description="patient race",
1395 * property="ethnicity",
1396 * description="patient ethnicity",
1400 * property="status",
1401 * description="patient status",
1407 * "validationErrors": {},
1408 * "error_description": {},
1418 * "street": "456 Tree Lane",
1419 * "postal_code": "08642",
1420 * "city": "FooTown",
1423 * "country_code": "US",
1424 * "drivers_license": "",
1425 * "contact_relationship": "",
1426 * "phone_contact": "123-456-7890",
1431 * "DOB": "1992-02-03",
1442 * path="/api/patient/{puuid}",
1443 * description="Updates a patient",
1444 * tags={"standard"},
1448 * description="The uuid for the patient.",
1457 * mediaType="application/json",
1458 * @OA\Schema(ref="#/components/schemas/api_patient_request")
1463 * description="Standard response",
1465 * mediaType="application/json",
1466 * @OA\Schema(ref="#/components/schemas/api_patient_response")
1471 * ref="#/components/responses/unauthorized"
1473 * security={{"openemr_auth":{}}}
1476 "PUT /api/patient/:puuid" => function ($puuid) {
1477 RestConfig
::authorization_check("patients", "demo");
1478 $data = (array) (json_decode(file_get_contents("php://input")));
1479 $return = (new PatientRestController())->put($puuid, $data);
1480 RestConfig
::apiLog($return, $data);
1486 * path="/api/patient/{puuid}",
1487 * description="Retrieves a single patient by their uuid",
1488 * tags={"standard"},
1492 * description="The uuid for the patient.",
1500 * description="Standard response",
1502 * mediaType="application/json",
1503 * @OA\Schema(ref="#/components/schemas/api_patient_response")
1508 * ref="#/components/responses/unauthorized"
1510 * security={{"openemr_auth":{}}}
1513 "GET /api/patient/:puuid" => function ($puuid) {
1514 RestConfig
::authorization_check("patients", "demo");
1515 $return = (new PatientRestController())->getOne($puuid);
1516 RestConfig
::apiLog($return);
1522 * path="/api/patient/{puuid}/encounter",
1523 * description="Retrieves a list of encounters for a single patient",
1524 * tags={"standard"},
1528 * description="The uuid for the patient.",
1536 * ref="#/components/responses/standard"
1540 * ref="#/components/responses/badrequest"
1544 * ref="#/components/responses/unauthorized"
1546 * security={{"openemr_auth":{}}}
1549 "GET /api/patient/:puuid/encounter" => function ($puuid) {
1550 RestConfig
::authorization_check("encounters", "auth_a");
1551 $return = (new EncounterRestController())->getAll($puuid);
1552 RestConfig
::apiLog($return);
1557 * Schema for the encounter request
1560 * schema="api_encounter_request",
1563 * description="The date of encounter.",
1567 * property="onset_date",
1568 * description="The onset date of encounter.",
1572 * property="reason",
1573 * description="The reason of encounter.",
1577 * property="facility",
1578 * description="The facility of encounter.",
1582 * property="pc_catid",
1583 * description="The pc_catid of encounter.",
1587 * property="facility_id",
1588 * description="The facility id of encounter.",
1592 * property="billing_facility",
1593 * description="The billing facility id of encounter.",
1597 * property="sensitivity",
1598 * description="The sensitivity of encounter.",
1602 * property="referral_source",
1603 * description="The referral source of encounter.",
1607 * property="pos_code",
1608 * description="The pos_code of encounter.",
1612 * property="external_id",
1613 * description="The external id of encounter.",
1617 * property="provider_id",
1618 * description="The provider id of encounter.",
1622 * property="class_code",
1623 * description="The class_code of encounter.",
1626 * required={"pc_catid", "class_code"},
1628 * "date":"2020-11-10",
1630 * "reason": "Pregnancy Test",
1631 * "facility": "Owerri General Hospital",
1633 * "facility_id": "3",
1634 * "billing_facility": "3",
1635 * "sensitivity": "normal",
1636 * "referral_source": "",
1638 * "external_id": "",
1639 * "provider_id": "1",
1640 * "class_code" : "AMB"
1646 * path="/api/patient/{puuid}/encounter",
1647 * description="Creates a new encounter",
1648 * tags={"standard"},
1652 * description="The uuid for the patient.",
1661 * mediaType="application/json",
1662 * @OA\Schema(ref="#/components/schemas/api_encounter_request")
1667 * description="Standard response",
1669 * mediaType="application/json",
1672 * property="validationErrors",
1673 * description="Validation errors.",
1680 * property="internalErrors",
1681 * description="Internal errors.",
1689 * description="Returned data.",
1693 * property="encounter",
1694 * description="encounter id",
1699 * description="encounter uuid",
1705 * "validationErrors": {},
1706 * "error_description": {},
1709 * "uuid": "90c196f2-51cc-4655-8858-3a80aebff3ef"
1717 * ref="#/components/responses/unauthorized"
1719 * security={{"openemr_auth":{}}}
1722 "POST /api/patient/:puuid/encounter" => function ($puuid) {
1723 RestConfig
::authorization_check("encounters", "auth_a");
1724 $data = (array) (json_decode(file_get_contents("php://input")));
1725 $return = (new EncounterRestController())->post($puuid, $data);
1726 RestConfig
::apiLog($return, $data);
1731 * Schema for the encounter response
1734 * schema="api_encounter_response",
1736 * property="validationErrors",
1737 * description="Validation errors.",
1744 * property="internalErrors",
1745 * description="Internal errors.",
1753 * description="Returned data.",
1758 * description="encounter id",
1763 * description="encounter uuid",
1768 * description="encounter date",
1772 * property="reason",
1773 * description="encounter reason",
1777 * property="facility",
1778 * description="encounter facility name",
1782 * property="facility_id",
1783 * description="encounter facility id name",
1788 * description="encounter for patient pid",
1792 * property="onset_date",
1793 * description="encounter onset date",
1797 * property="sensitivity",
1798 * description="encounter sensitivity",
1802 * property="billing_note",
1803 * description="encounter billing note",
1807 * property="pc_catid",
1808 * description="encounter pc_catid",
1812 * property="last_level_billed",
1813 * description="encounter last_level_billed",
1817 * property="last_level_closed",
1818 * description="encounter last_level_closed",
1822 * property="last_stmt_date",
1823 * description="encounter last_stmt_date",
1827 * property="stmt_count",
1828 * description="encounter stmt_count",
1832 * property="provider_id",
1833 * description="provider id",
1837 * property="supervisor_id",
1838 * description="encounter supervisor id",
1842 * property="invoice_refno",
1843 * description="encounter invoice_refno",
1847 * property="referral_source",
1848 * description="encounter referral source",
1852 * property="billing_facility",
1853 * description="encounter billing facility id",
1857 * property="external_id",
1858 * description="encounter external id",
1862 * property="pos_code",
1863 * description="encounter pos_code",
1867 * property="class_code",
1868 * description="encounter class_code",
1872 * property="class_title",
1873 * description="encounter class_title",
1877 * property="pc_catname",
1878 * description="encounter pc_catname",
1882 * property="billing_facility_name",
1883 * description="encounter billing facility name",
1889 * "validationErrors": {},
1890 * "error_description": {},
1893 * "uuid": "90c196f2-51cc-4655-8858-3a80aebff3ef",
1894 * "date": "2019-09-14 00:00:00",
1895 * "reason": "Pregnancy Test",
1896 * "facility": "Owerri General Hospital",
1897 * "facility_id": "3",
1899 * "onset_date": "2019-04-20 00:00:00",
1900 * "sensitivity": "normal",
1901 * "billing_note": null,
1903 * "last_level_billed": "0",
1904 * "last_level_closed": "0",
1905 * "last_stmt_date": null,
1906 * "stmt_count": "0",
1907 * "provider_id": "1",
1908 * "supervisor_id": "0",
1909 * "invoice_refno": "",
1910 * "referral_source": "",
1911 * "billing_facility": "3",
1912 * "external_id": "",
1914 * "class_code": "AMB",
1915 * "class_title": "ambulatory",
1916 * "pc_catname": "Office Visit",
1917 * "billing_facility_name": "Owerri General Hospital"
1924 * path="/api/patient/{puuid}/encounter/{euuid}",
1925 * description="Modify a encounter",
1926 * tags={"standard"},
1930 * description="The uuid for the patient.",
1939 * description="The uuid for the encounter.",
1948 * mediaType="application/json",
1949 * @OA\Schema(ref="#/components/schemas/api_encounter_request")
1954 * description="Standard response",
1956 * mediaType="application/json",
1957 * @OA\Schema(ref="#/components/schemas/api_encounter_response")
1962 * ref="#/components/responses/unauthorized"
1964 * security={{"openemr_auth":{}}}
1967 "PUT /api/patient/:puuid/encounter/:euuid" => function ($puuid, $euuid) {
1968 RestConfig
::authorization_check("encounters", "auth_a");
1969 $data = (array) (json_decode(file_get_contents("php://input")));
1970 $return = (new EncounterRestController())->put($puuid, $euuid, $data);
1971 RestConfig
::apiLog($return, $data);
1977 * path="/api/patient/{puuid}/encounter/{euuid}",
1978 * description="Retrieves a single encounter for a patient",
1979 * tags={"standard"},
1983 * description="The uuid for the patient.",
1992 * description="The uuid for the encounter.",
2000 * description="Standard response",
2002 * mediaType="application/json",
2003 * @OA\Schema(ref="#/components/schemas/api_encounter_response")
2008 * ref="#/components/responses/unauthorized"
2010 * security={{"openemr_auth":{}}}
2013 "GET /api/patient/:puuid/encounter/:euuid" => function ($puuid, $euuid) {
2014 RestConfig
::authorization_check("encounters", "auth_a");
2015 $return = (new EncounterRestController())->getOne($puuid, $euuid);
2016 RestConfig
::apiLog($return);
2022 * path="/api/patient/{pid}/encounter/{eid}/soap_note",
2023 * description="Retrieves soap notes from an encounter for a patient",
2024 * tags={"standard"},
2028 * description="The pid for the patient.",
2037 * description="The id for the encounter.",
2045 * ref="#/components/responses/standard"
2049 * ref="#/components/responses/badrequest"
2053 * ref="#/components/responses/unauthorized"
2055 * security={{"openemr_auth":{}}}
2058 "GET /api/patient/:pid/encounter/:eid/soap_note" => function ($pid, $eid) {
2059 RestConfig
::authorization_check("encounters", "notes");
2060 $return = (new EncounterRestController())->getSoapNotes($pid, $eid);
2061 RestConfig
::apiLog($return);
2066 * Schema for the vital request
2069 * schema="api_vital_request",
2072 * description="The bps of vitals.",
2077 * description="The bpd of vitals.",
2081 * property="weight",
2082 * description="The weight of vitals. (unit is lb)",
2086 * property="height",
2087 * description="The height of vitals. (unit is inches)",
2091 * property="temperature",
2092 * description="The temperature of temperature. (unit is F)",
2096 * property="temp_method",
2097 * description="The temp_method of vitals.",
2102 * description="The pulse of vitals.",
2106 * property="respiration",
2107 * description="The respiration of vitals.",
2112 * description="The note (ie. comments) of vitals.",
2116 * property="waist_circ",
2117 * description="The waist circumference of vitals. (unit is inches)",
2121 * property="head_circ",
2122 * description="The head circumference of vitals. (unit is inches)",
2126 * property="oxygen_saturation",
2127 * description="The oxygen_saturation of vitals.",
2135 * "temperature": "98",
2136 * "temp_method": "Oral",
2138 * "respiration": "20",
2139 * "note": "Patient with difficulty standing, which made weight measurement difficult.",
2140 * "waist_circ": "37",
2141 * "head_circ": "22.2",
2142 * "oxygen_saturation": "96"
2148 * path="/api/patient/{pid}/encounter/{eid}/vital",
2149 * description="Submits a new vitals form",
2150 * tags={"standard"},
2154 * description="The id for the patient.",
2163 * description="The id for the encounter.",
2172 * mediaType="application/json",
2173 * @OA\Schema(ref="#/components/schemas/api_vital_request")
2178 * ref="#/components/responses/standard"
2182 * ref="#/components/responses/badrequest"
2186 * ref="#/components/responses/unauthorized"
2188 * security={{"openemr_auth":{}}}
2191 "POST /api/patient/:pid/encounter/:eid/vital" => function ($pid, $eid) {
2192 RestConfig
::authorization_check("encounters", "notes");
2193 $data = json_decode(file_get_contents("php://input"), true) ??
[];
2194 $return = (new EncounterRestController())->postVital($pid, $eid, $data);
2195 RestConfig
::apiLog($return, $data);
2201 * path="/api/patient/{pid}/encounter/{eid}/vital/{vid}",
2202 * description="Edit a vitals form",
2203 * tags={"standard"},
2207 * description="The id for the patient.",
2216 * description="The id for the encounter.",
2225 * description="The id for the vitalss form.",
2234 * mediaType="application/json",
2235 * @OA\Schema(ref="#/components/schemas/api_vital_request")
2240 * ref="#/components/responses/standard"
2244 * ref="#/components/responses/badrequest"
2248 * ref="#/components/responses/unauthorized"
2250 * security={{"openemr_auth":{}}}
2253 "PUT /api/patient/:pid/encounter/:eid/vital/:vid" => function ($pid, $eid, $vid) {
2254 RestConfig
::authorization_check("encounters", "notes");
2255 $data = json_decode(file_get_contents("php://input"), true) ??
[];
2256 $return = (new EncounterRestController())->putVital($pid, $eid, $vid, $data);
2257 RestConfig
::apiLog($return, $data);
2263 * path="/api/patient/{pid}/encounter/{eid}/vital",
2264 * description="Retrieves all vitals from an encounter for a patient",
2265 * tags={"standard"},
2269 * description="The pid for the patient.",
2278 * description="The id for the encounter.",
2286 * ref="#/components/responses/standard"
2290 * ref="#/components/responses/badrequest"
2294 * ref="#/components/responses/unauthorized"
2296 * security={{"openemr_auth":{}}}
2299 "GET /api/patient/:pid/encounter/:eid/vital" => function ($pid, $eid) {
2300 RestConfig
::authorization_check("encounters", "notes");
2301 $return = (new EncounterRestController())->getVitals($pid, $eid);
2302 RestConfig
::apiLog($return);
2308 * path="/api/patient/{pid}/encounter/{eid}/vital/{vid}",
2309 * description="Retrieves a vitals form from an encounter for a patient",
2310 * tags={"standard"},
2314 * description="The pid for the patient.",
2323 * description="The id for the encounter.",
2332 * description="The id for the vitals form.",
2340 * ref="#/components/responses/standard"
2344 * ref="#/components/responses/badrequest"
2348 * ref="#/components/responses/unauthorized"
2350 * security={{"openemr_auth":{}}}
2353 "GET /api/patient/:pid/encounter/:eid/vital/:vid" => function ($pid, $eid, $vid) {
2354 RestConfig
::authorization_check("encounters", "notes");
2355 $return = (new EncounterRestController())->getVital($pid, $eid, $vid);
2356 RestConfig
::apiLog($return);
2362 * path="/api/patient/{pid}/encounter/{eid}/soap_note/{sid}",
2363 * description="Retrieves a soap note from an encounter for a patient",
2364 * tags={"standard"},
2368 * description="The pid for the patient.",
2377 * description="The id for the encounter.",
2386 * description="The id for the soap note.",
2394 * ref="#/components/responses/standard"
2398 * ref="#/components/responses/badrequest"
2402 * ref="#/components/responses/unauthorized"
2404 * security={{"openemr_auth":{}}}
2407 "GET /api/patient/:pid/encounter/:eid/soap_note/:sid" => function ($pid, $eid, $sid) {
2408 RestConfig
::authorization_check("encounters", "notes");
2409 $return = (new EncounterRestController())->getSoapNote($pid, $eid, $sid);
2410 RestConfig
::apiLog($return);
2415 * Schema for the soap_note request
2418 * schema="api_soap_note_request",
2420 * property="subjective",
2421 * description="The subjective of soap note.",
2425 * property="objective",
2426 * description="The objective of soap note.",
2430 * property="assessment",
2431 * description="The assessment of soap note.",
2436 * description="The plan of soap note.",
2440 * "subjective": "The patient with mechanical fall and cut finger.",
2441 * "objective": "The patient with finger laceration on exam.",
2442 * "assessment": "The patient with finger laceration requiring sutures.",
2443 * "plan": "Sutured finger laceration."
2449 * path="/api/patient/{pid}/encounter/{eid}/soap_note",
2450 * description="Submits a new soap note",
2451 * tags={"standard"},
2455 * description="The id for the patient.",
2464 * description="The id for the encounter.",
2473 * mediaType="application/json",
2474 * @OA\Schema(ref="#/components/schemas/api_soap_note_request")
2479 * ref="#/components/responses/standard"
2483 * ref="#/components/responses/badrequest"
2487 * ref="#/components/responses/unauthorized"
2489 * security={{"openemr_auth":{}}}
2492 "POST /api/patient/:pid/encounter/:eid/soap_note" => function ($pid, $eid) {
2493 RestConfig
::authorization_check("encounters", "notes");
2494 $data = (array) (json_decode(file_get_contents("php://input")));
2495 $return = (new EncounterRestController())->postSoapNote($pid, $eid, $data);
2496 RestConfig
::apiLog($return, $data);
2502 * path="/api/patient/{pid}/encounter/{eid}/soap_note/{sid}",
2503 * description="Edit a soap note",
2504 * tags={"standard"},
2508 * description="The id for the patient.",
2517 * description="The id for the encounter.",
2526 * description="The id for the soap noted.",
2535 * mediaType="application/json",
2536 * @OA\Schema(ref="#/components/schemas/api_soap_note_request")
2541 * ref="#/components/responses/standard"
2545 * ref="#/components/responses/badrequest"
2549 * ref="#/components/responses/unauthorized"
2551 * security={{"openemr_auth":{}}}
2554 "PUT /api/patient/:pid/encounter/:eid/soap_note/:sid" => function ($pid, $eid, $sid) {
2555 RestConfig
::authorization_check("encounters", "notes");
2556 $data = (array) (json_decode(file_get_contents("php://input")));
2557 $return = (new EncounterRestController())->putSoapNote($pid, $eid, $sid, $data);
2558 RestConfig
::apiLog($return, $data);
2565 * path="/api/practitioner",
2566 * description="Retrieves a list of practitioners",
2567 * tags={"standard"},
2571 * description="The title for the practitioner.",
2580 * description="The first name for the practitioner.",
2589 * description="The last name for the practitioner.",
2598 * description="The middle name for the practitioner.",
2605 * name="federaltaxid",
2607 * description="The federal tax id for the practitioner.",
2614 * name="federaldrugid",
2616 * description="The federal drug id for the practitioner.",
2625 * description="The upin for the practitioner.",
2632 * name="facility_id",
2634 * description="The facility id for the practitioner.",
2643 * description="The facility for the practitioner.",
2652 * description="The npi for the practitioner.",
2661 * description="The email for the practitioner.",
2670 * description="The specialty for the practitioner.",
2679 * description="The billname for the practitioner.",
2688 * description="The url for the practitioner.",
2697 * description="The assistant for the practitioner.",
2704 * name="organization",
2706 * description="The organization for the practitioner.",
2713 * name="valedictory",
2715 * description="The valedictory for the practitioner.",
2724 * description="The street for the practitioner.",
2733 * description="The street (line 2) for the practitioner.",
2742 * description="The city for the practitioner.",
2751 * description="The state for the practitioner.",
2760 * description="The zip for the practitioner.",
2769 * description="The phone for the practitioner.",
2778 * description="The fax for the practitioner.",
2787 * description="The phonew1 for the practitioner.",
2796 * description="The phonecell for the practitioner.",
2805 * description="The notes for the practitioner.",
2812 * name="state_license_number2",
2814 * description="The state license number for the practitioner.",
2823 * description="The username for the practitioner.",
2831 * ref="#/components/responses/standard"
2835 * ref="#/components/responses/badrequest"
2839 * ref="#/components/responses/unauthorized"
2841 * security={{"openemr_auth":{}}}
2844 "GET /api/practitioner" => function () {
2845 RestConfig
::authorization_check("admin", "users");
2846 $return = (new PractitionerRestController())->getAll($_GET);
2847 RestConfig
::apiLog($return);
2853 * path="/api/practitioner/{pruuid}",
2854 * description="Retrieves a single practitioner by their uuid",
2855 * tags={"standard"},
2859 * description="The uuid for the practitioner.",
2867 * ref="#/components/responses/standard"
2871 * ref="#/components/responses/badrequest"
2875 * ref="#/components/responses/unauthorized"
2877 * security={{"openemr_auth":{}}}
2880 "GET /api/practitioner/:pruuid" => function ($pruuid) {
2881 RestConfig
::authorization_check("admin", "users");
2882 $return = (new PractitionerRestController())->getOne($pruuid);
2883 RestConfig
::apiLog($return);
2889 * path="/api/practitioner",
2890 * description="Submits a new practitioner",
2891 * tags={"standard"},
2895 * mediaType="application/json",
2899 * description="The title for the practitioner.",
2904 * description="The first name for the practitioner.",
2909 * description="The middle name for the practitioner.",
2914 * description="The last name for the practitioner.",
2918 * property="federaltaxid",
2919 * description="The federal tax id for the practitioner.",
2923 * property="federaldrugid",
2924 * description="The federal drug id for the practitioner.",
2929 * description="The upin for the practitioner.",
2933 * property="facility_id",
2934 * description="The facility_id for the practitioner.",
2938 * property="facility",
2939 * description="The facility name for the practitioner.",
2944 * description="The npi for the practitioner.",
2949 * description="The email for the practitioner.",
2953 * property="specialty",
2954 * description="The specialty for the practitioner.",
2958 * property="billname",
2959 * description="The billname for the practitioner.",
2964 * description="The url for the practitioner.",
2968 * property="assistant",
2969 * description="The assistant for the practitioner.",
2973 * property="valedictory",
2974 * description="The valedictory for the practitioner.",
2978 * property="street",
2979 * description="The street address for the practitioner.",
2983 * property="streetb",
2984 * description="The streetb address for the practitioner.",
2989 * description="The city for the practitioner.",
2994 * description="The state for the practitioner.",
2999 * description="The zip for the practitioner.",
3004 * description="The phone for the practitioner.",
3009 * description="The fax for the practitioner.",
3013 * property="phonew1",
3014 * description="The phonew1 for the practitioner.",
3018 * property="phonecell",
3019 * description="The phonecell for the practitioner.",
3024 * description="The notes for the practitioner.",
3028 * property="state_license_number",
3029 * description="The state license number for the practitioner.",
3033 * property="username",
3034 * description="The username for the practitioner.",
3037 * required={"fname", "lname", "npi"},
3040 * "fname": "Eduardo",
3043 * "federaltaxid": "",
3044 * "federaldrugid": "",
3046 * "facility_id": "3",
3047 * "facility": "Your Clinic Name Here",
3048 * "npi": "12345678901",
3049 * "email": "info@pennfirm.com",
3053 * "assistant": null,
3054 * "organization": null,
3055 * "valedictory": null,
3056 * "street": "789 Third Avenue",
3057 * "streetb": "123 Cannaut Street",
3058 * "city": "San Diego",
3061 * "phone": "(619) 555-9827",
3063 * "phonew1": "(619) 555-7822",
3064 * "phonecell": "(619) 555-7821",
3066 * "state_license_number": "123456",
3067 * "username": "eduardoperez"
3074 * description="Standard response",
3076 * mediaType="application/json",
3079 * property="validationErrors",
3080 * description="Validation errors.",
3087 * property="internalErrors",
3088 * description="Internal errors.",
3096 * description="Returned data.",
3101 * description="practitioner id",
3106 * description="practitioner uuid",
3112 * "validationErrors": {},
3113 * "error_description": {},
3116 * "uuid": "90d453fb-0248-4c0d-9575-d99d02b169f5"
3124 * ref="#/components/responses/unauthorized"
3126 * security={{"openemr_auth":{}}}
3129 "POST /api/practitioner" => function () {
3130 RestConfig
::authorization_check("admin", "users");
3131 $data = (array) (json_decode(file_get_contents("php://input")));
3132 $return = (new PractitionerRestController())->post($data);
3133 RestConfig
::apiLog($return, $data);
3139 * path="/api/practitioner/{pruuid}",
3140 * description="Edit a practitioner",
3141 * tags={"standard"},
3145 * description="The uuid for the practitioner.",
3154 * mediaType="application/json",
3158 * description="The title for the practitioner.",
3163 * description="The first name for the practitioner.",
3168 * description="The middle name for the practitioner.",
3173 * description="The last name for the practitioner.",
3177 * property="federaltaxid",
3178 * description="The federal tax id for the practitioner.",
3182 * property="federaldrugid",
3183 * description="The federal drug id for the practitioner.",
3188 * description="The upin for the practitioner.",
3192 * property="facility_id",
3193 * description="The facility_id for the practitioner.",
3197 * property="facility",
3198 * description="The facility name for the practitioner.",
3203 * description="The npi for the practitioner.",
3208 * description="The email for the practitioner.",
3212 * property="specialty",
3213 * description="The specialty for the practitioner.",
3217 * property="billname",
3218 * description="The billname for the practitioner.",
3223 * description="The url for the practitioner.",
3227 * property="assistant",
3228 * description="The assistant for the practitioner.",
3232 * property="valedictory",
3233 * description="The valedictory for the practitioner.",
3237 * property="street",
3238 * description="The street address for the practitioner.",
3242 * property="streetb",
3243 * description="The streetb address for the practitioner.",
3248 * description="The city for the practitioner.",
3253 * description="The state for the practitioner.",
3258 * description="The zip for the practitioner.",
3263 * description="The phone for the practitioner.",
3268 * description="The fax for the practitioner.",
3272 * property="phonew1",
3273 * description="The phonew1 for the practitioner.",
3277 * property="phonecell",
3278 * description="The phonecell for the practitioner.",
3283 * description="The notes for the practitioner.",
3287 * property="state_license_number",
3288 * description="The state license number for the practitioner.",
3292 * property="username",
3293 * description="The username for the practitioner.",
3301 * "street": "456 Tree Lane",
3303 * "city": "FooTown",
3305 * "phone": "123-456-7890"
3312 * description="Standard response",
3314 * mediaType="application/json",
3317 * property="validationErrors",
3318 * description="Validation errors.",
3325 * property="internalErrors",
3326 * description="Internal errors.",
3334 * description="Returned data.",
3339 * description="practitioner id",
3344 * description="practitioner uuid",
3349 * description="practitioner title",
3354 * description="practitioner fname",
3359 * description="practitioner lname",
3364 * description="practitioner mname",
3368 * property="federaltaxid",
3369 * description="practitioner federaltaxid",
3373 * property="federaldrugid",
3374 * description="practitioner federaldrugid",
3379 * description="practitioner upin",
3383 * property="facility_id",
3384 * description="practitioner facility_id",
3388 * property="facility",
3389 * description="practitioner facility",
3394 * description="practitioner npi",
3399 * description="practitioner email",
3403 * property="active",
3404 * description="practitioner active setting",
3408 * property="specialty",
3409 * description="practitioner specialty",
3413 * property="billname",
3414 * description="practitioner billname",
3419 * description="practitioner url",
3423 * property="assistant",
3424 * description="practitioner assistant",
3428 * property="organization",
3429 * description="practitioner organization",
3433 * property="valedictory",
3434 * description="practitioner valedictory",
3438 * property="street",
3439 * description="practitioner street",
3443 * property="streetb",
3444 * description="practitioner streetb",
3449 * description="practitioner city",
3454 * description="practitioner state",
3459 * description="practitioner zip",
3464 * description="practitioner phone",
3469 * description="fax",
3473 * property="phonew1",
3474 * description="practitioner phonew1",
3478 * property="phonecell",
3479 * description="practitioner phonecell",
3484 * description="practitioner notes",
3488 * property="state_license_number",
3489 * description="practitioner state license number",
3493 * property="abook_title",
3494 * description="practitioner abook title",
3498 * property="physician_title",
3499 * description="practitioner physician title",
3503 * property="physician_code",
3504 * description="practitioner physician code",
3510 * "validationErrors": {},
3511 * "error_description": {},
3514 * "uuid": "90d453fb-0248-4c0d-9575-d99d02b169f5",
3519 * "federaltaxid": "",
3520 * "federaldrugid": "",
3522 * "facility_id": "3",
3523 * "facility": "Your Clinic Name Here",
3524 * "npi": "0123456789",
3525 * "email": "info@pennfirm.com",
3531 * "organization": "",
3532 * "valedictory": "",
3533 * "street": "456 Tree Lane",
3534 * "streetb": "123 Cannaut Street",
3535 * "city": "FooTown",
3538 * "phone": "123-456-7890",
3540 * "phonew1": "(619) 555-7822",
3541 * "phonecell": "(619) 555-7821",
3543 * "state_license_number": "123456",
3544 * "abook_title": null,
3545 * "physician_title": null,
3546 * "physician_code": null
3554 * ref="#/components/responses/unauthorized"
3556 * security={{"openemr_auth":{}}}
3559 "PUT /api/practitioner/:pruuid" => function ($pruuid) {
3560 RestConfig
::authorization_check("admin", "users");
3561 $data = (array) (json_decode(file_get_contents("php://input")));
3562 $return = (new PractitionerRestController())->patch($pruuid, $data);
3563 RestConfig
::apiLog($return, $data);
3569 * path="/api/medical_problem",
3570 * description="Retrieves a list of medical problems",
3571 * tags={"standard"},
3575 * description="The uuid for the patient.",
3582 * name="condition_uuid",
3584 * description="The uuid for the medical problem.",
3593 * description="The title for the medical problem.",
3602 * description="The start date for the medical problem.",
3611 * description="The end date for the medical problem.",
3620 * description="The diagnosis for the medical problem.",
3628 * ref="#/components/responses/standard"
3632 * ref="#/components/responses/badrequest"
3636 * ref="#/components/responses/unauthorized"
3638 * security={{"openemr_auth":{}}}
3641 "GET /api/medical_problem" => function () {
3642 RestConfig
::authorization_check("encounters", "notes");
3643 $return = (new ConditionRestController())->getAll();
3644 RestConfig
::apiLog($return);
3650 * path="/api/medical_problem/{muuid}",
3651 * description="Retrieves a single medical problem by their uuid",
3652 * tags={"standard"},
3656 * description="The uuid for the medical problem.",
3664 * ref="#/components/responses/standard"
3668 * ref="#/components/responses/badrequest"
3672 * ref="#/components/responses/unauthorized"
3674 * security={{"openemr_auth":{}}}
3677 "GET /api/medical_problem/:muuid" => function ($muuid) {
3678 RestConfig
::authorization_check("encounters", "notes");
3679 $return = (new ConditionRestController())->getOne($muuid);
3680 RestConfig
::apiLog($return);
3686 * path="/api/patient/{puuid}/medical_problem",
3687 * description="Retrieves all medical problems for a patient",
3688 * tags={"standard"},
3692 * description="The uuid for the patient.",
3700 * ref="#/components/responses/standard"
3704 * ref="#/components/responses/badrequest"
3708 * ref="#/components/responses/unauthorized"
3710 * security={{"openemr_auth":{}}}
3713 "GET /api/patient/:puuid/medical_problem" => function ($puuid) {
3714 RestConfig
::authorization_check("encounters", "notes");
3715 $return = (new ConditionRestController())->getAll(['puuid' => $puuid, 'condition_uuid' => $muuid], "medical_problem");
3716 RestConfig
::apiLog($return);
3722 * path="/api/patient/{puuid}/medical_problem/{muuid}",
3723 * description="Retrieves a medical problem for a patient",
3724 * tags={"standard"},
3728 * description="The uuid for the patient.",
3737 * description="The uuid for the medical problem.",
3745 * ref="#/components/responses/standard"
3749 * ref="#/components/responses/badrequest"
3753 * ref="#/components/responses/unauthorized"
3755 * security={{"openemr_auth":{}}}
3758 "GET /api/patient/:puuid/medical_problem/:muuid" => function ($puuid, $muuid) {
3759 RestConfig
::authorization_check("patients", "med");
3760 $return = (new ConditionRestController())->getAll(['puuid' => $puuid, 'condition_uuid' => $muuid]);
3761 RestConfig
::apiLog($return);
3766 * Schema for the medical_problem request
3769 * schema="api_medical_problem_request",
3772 * description="The title of medical problem.",
3776 * property="begdate",
3777 * description="The beginning date of medical problem.",
3781 * property="enddate",
3782 * description="The end date of medical problem.",
3786 * property="diagnosis",
3787 * description="The diagnosis of medical problem. In format `<codetype>:<code>`",
3790 * required={"title", "begdate"},
3792 * "title": "Dermatochalasis",
3793 * "begdate": "2010-10-13",
3795 * "diagnosis": "ICD10:H02.839"
3801 * path="/api/patient/{puuid}/medical_problem",
3802 * description="Submits a new medical problem",
3803 * tags={"standard"},
3807 * description="The uuid for the patient.",
3816 * mediaType="application/json",
3817 * @OA\Schema(ref="#/components/schemas/api_medical_problem_request")
3822 * ref="#/components/responses/standard"
3826 * ref="#/components/responses/badrequest"
3830 * ref="#/components/responses/unauthorized"
3832 * security={{"openemr_auth":{}}}
3835 "POST /api/patient/:puuid/medical_problem" => function ($puuid) {
3836 RestConfig
::authorization_check("patients", "med");
3837 $data = (array) (json_decode(file_get_contents("php://input")));
3838 $return = (new ConditionRestController())->post($puuid, $data);
3839 RestConfig
::apiLog($return, $data);
3845 * path="/api/patient/{puuid}/medical_problem/{muuid}",
3846 * description="Edit a medical problem",
3847 * tags={"standard"},
3851 * description="The uuid for the patient.",
3860 * description="The uuid for the medical problem.",
3869 * mediaType="application/json",
3870 * @OA\Schema(ref="#/components/schemas/api_medical_problem_request")
3875 * ref="#/components/responses/standard"
3879 * ref="#/components/responses/badrequest"
3883 * ref="#/components/responses/unauthorized"
3885 * security={{"openemr_auth":{}}}
3888 "PUT /api/patient/:puuid/medical_problem/:muuid" => function ($puuid, $muuid) {
3889 RestConfig
::authorization_check("patients", "med");
3890 $data = (array) (json_decode(file_get_contents("php://input")));
3891 $return = (new ConditionRestController())->put($puuid, $muuid, $data);
3892 RestConfig
::apiLog($return, $data);
3898 * path="/api/patient/{puuid}/medical_problem/{muuid}",
3899 * description="Delete a medical problem",
3900 * tags={"standard"},
3904 * description="The uuid for the patient.",
3913 * description="The uuid for the medical problem.",
3921 * ref="#/components/responses/standard"
3925 * ref="#/components/responses/badrequest"
3929 * ref="#/components/responses/unauthorized"
3931 * security={{"openemr_auth":{}}}
3934 "DELETE /api/patient/:puuid/medical_problem/:muuid" => function ($puuid, $muuid) {
3935 RestConfig
::authorization_check("patients", "med");
3936 $return = (new ConditionRestController())->delete($puuid, $muuid);
3937 RestConfig
::apiLog($return);
3943 * path="/api/allergy",
3944 * description="Retrieves a list of allergies",
3945 * tags={"standard"},
3949 * description="The uuid for the patient.",
3958 * description="The uuid for the allergy.",
3967 * description="The title for the allergy.",
3976 * description="The start date for the allergy.",
3985 * description="The end date for the allergy.",
3994 * description="The diagnosis for the allergy.",
4002 * ref="#/components/responses/standard"
4006 * ref="#/components/responses/badrequest"
4010 * ref="#/components/responses/unauthorized"
4012 * security={{"openemr_auth":{}}}
4015 "GET /api/allergy" => function () {
4016 RestConfig
::authorization_check("patients", "med");
4017 $return = (new AllergyIntoleranceRestController())->getAll();
4018 RestConfig
::apiLog($return);
4024 * path="/api/allergy/{auuid}",
4025 * description="Retrieves a single allergy by their uuid",
4026 * tags={"standard"},
4030 * description="The uuid for the allergy.",
4038 * ref="#/components/responses/standard"
4042 * ref="#/components/responses/badrequest"
4046 * ref="#/components/responses/unauthorized"
4048 * security={{"openemr_auth":{}}}
4051 "GET /api/allergy/:auuid" => function ($auuid) {
4052 RestConfig
::authorization_check("patients", "med");
4053 $return = (new AllergyIntoleranceRestController())->getOne($auuid);
4054 RestConfig
::apiLog($return);
4060 * path="/api/patient/{puuid}/allergy",
4061 * description="Retrieves all allergies for a patient",
4062 * tags={"standard"},
4066 * description="The uuid for the patient.",
4074 * ref="#/components/responses/standard"
4078 * ref="#/components/responses/badrequest"
4082 * ref="#/components/responses/unauthorized"
4084 * security={{"openemr_auth":{}}}
4087 "GET /api/patient/:puuid/allergy" => function ($puuid) {
4088 RestConfig
::authorization_check("patients", "med");
4089 $return = (new AllergyIntoleranceRestController())->getAll(['lists.pid' => $puuid]);
4090 RestConfig
::apiLog($return);
4096 * path="/api/patient/{puuid}/allergy/{auuid}",
4097 * description="Retrieves a allergy for a patient",
4098 * tags={"standard"},
4102 * description="The uuid for the patient.",
4111 * description="The uuid for the allergy.",
4119 * ref="#/components/responses/standard"
4123 * ref="#/components/responses/badrequest"
4127 * ref="#/components/responses/unauthorized"
4129 * security={{"openemr_auth":{}}}
4132 "GET /api/patient/:puuid/allergy/:auuid" => function ($puuid, $auuid) {
4133 RestConfig
::authorization_check("patients", "med");
4134 $return = (new AllergyIntoleranceRestController())->getAll(['lists.pid' => $puuid, 'lists.id' => $auuid]);
4135 RestConfig
::apiLog($return);
4140 * Schema for the allergy request
4143 * schema="api_allergy_request",
4146 * description="The title of allergy.",
4150 * property="begdate",
4151 * description="The beginning date of allergy.",
4155 * property="enddate",
4156 * description="The end date of allergy.",
4160 * property="diagnosis",
4161 * description="The diagnosis of allergy. In format `<codetype>:<code>`",
4164 * required={"title", "begdate"},
4166 * "title": "Iodine",
4167 * "begdate": "2010-10-13",
4174 * path="/api/patient/{puuid}/allergy",
4175 * description="Submits a new allergy",
4176 * tags={"standard"},
4180 * description="The uuid for the patient.",
4189 * mediaType="application/json",
4190 * @OA\Schema(ref="#/components/schemas/api_allergy_request")
4195 * ref="#/components/responses/standard"
4199 * ref="#/components/responses/badrequest"
4203 * ref="#/components/responses/unauthorized"
4205 * security={{"openemr_auth":{}}}
4208 "POST /api/patient/:puuid/allergy" => function ($puuid) {
4209 RestConfig
::authorization_check("patients", "med");
4210 $data = (array) (json_decode(file_get_contents("php://input")));
4211 $return = (new AllergyIntoleranceRestController())->post($puuid, $data);
4212 RestConfig
::apiLog($return, $data);
4218 * path="/api/patient/{puuid}/allergy/{auuid}",
4219 * description="Edit a allergy",
4220 * tags={"standard"},
4224 * description="The uuid for the patient.",
4233 * description="The uuid for the allergy.",
4242 * mediaType="application/json",
4243 * @OA\Schema(ref="#/components/schemas/api_allergy_request")
4248 * ref="#/components/responses/standard"
4252 * ref="#/components/responses/badrequest"
4256 * ref="#/components/responses/unauthorized"
4258 * security={{"openemr_auth":{}}}
4261 "PUT /api/patient/:puuid/allergy/:auuid" => function ($puuid, $auuid) {
4262 RestConfig
::authorization_check("patients", "med");
4263 $data = (array) (json_decode(file_get_contents("php://input")));
4264 $return = (new AllergyIntoleranceRestController())->put($puuid, $auuid, $data);
4265 RestConfig
::apiLog($return, $data);
4271 * path="/api/patient/{puuid}/allergy/{auuid}",
4272 * description="Delete a medical problem",
4273 * tags={"standard"},
4277 * description="The uuid for the patient.",
4286 * description="The uuid for the allergy.",
4294 * ref="#/components/responses/standard"
4298 * ref="#/components/responses/badrequest"
4302 * ref="#/components/responses/unauthorized"
4304 * security={{"openemr_auth":{}}}
4307 "DELETE /api/patient/:puuid/allergy/:auuid" => function ($puuid, $auuid) {
4308 RestConfig
::authorization_check("patients", "med");
4309 $return = (new AllergyIntoleranceRestController())->delete($puuid, $auuid);
4310 RestConfig
::apiLog($return);
4316 * path="/api/patient/{pid}/medication",
4317 * description="Retrieves all medications for a patient",
4318 * tags={"standard"},
4322 * description="The pid for the patient.",
4330 * ref="#/components/responses/standard"
4334 * ref="#/components/responses/badrequest"
4338 * ref="#/components/responses/unauthorized"
4340 * security={{"openemr_auth":{}}}
4343 "GET /api/patient/:pid/medication" => function ($pid) {
4344 RestConfig
::authorization_check("patients", "med");
4345 $return = (new ListRestController())->getAll($pid, "medication");
4346 RestConfig
::apiLog($return);
4351 * Schema for the medication request
4354 * schema="api_medication_request",
4357 * description="The title of medication.",
4361 * property="begdate",
4362 * description="The beginning date of medication.",
4366 * property="enddate",
4367 * description="The end date of medication.",
4371 * property="diagnosis",
4372 * description="The diagnosis of medication. In format `<codetype>:<code>`",
4375 * required={"title", "begdate"},
4377 * "title": "Norvasc",
4378 * "begdate": "2013-04-13",
4385 * path="/api/patient/{pid}/medication",
4386 * description="Submits a new medication",
4387 * tags={"standard"},
4391 * description="The pid for the patient.",
4400 * mediaType="application/json",
4401 * @OA\Schema(ref="#/components/schemas/api_medication_request")
4406 * ref="#/components/responses/standard"
4410 * ref="#/components/responses/badrequest"
4414 * ref="#/components/responses/unauthorized"
4416 * security={{"openemr_auth":{}}}
4419 "POST /api/patient/:pid/medication" => function ($pid) {
4420 RestConfig
::authorization_check("patients", "med");
4421 $data = (array) (json_decode(file_get_contents("php://input")));
4422 $return = (new ListRestController())->post($pid, "medication", $data);
4423 RestConfig
::apiLog($return, $data);
4429 * path="/api/patient/{pid}/medication/{mid}",
4430 * description="Edit a medication",
4431 * tags={"standard"},
4435 * description="The pid for the patient.",
4444 * description="The id for the medication.",
4453 * mediaType="application/json",
4454 * @OA\Schema(ref="#/components/schemas/api_medication_request")
4459 * ref="#/components/responses/standard"
4463 * ref="#/components/responses/badrequest"
4467 * ref="#/components/responses/unauthorized"
4469 * security={{"openemr_auth":{}}}
4472 "PUT /api/patient/:pid/medication/:mid" => function ($pid, $mid) {
4473 RestConfig
::authorization_check("patients", "med");
4474 $data = (array) (json_decode(file_get_contents("php://input")));
4475 $return = (new ListRestController())->put($pid, $mid, "medication", $data);
4476 RestConfig
::apiLog($return, $data);
4482 * path="/api/patient/{pid}/medication/{mid}",
4483 * description="Retrieves a medication for a patient",
4484 * tags={"standard"},
4488 * description="The id for the patient.",
4497 * description="The id for the medication.",
4505 * ref="#/components/responses/standard"
4509 * ref="#/components/responses/badrequest"
4513 * ref="#/components/responses/unauthorized"
4515 * security={{"openemr_auth":{}}}
4518 "GET /api/patient/:pid/medication/:mid" => function ($pid, $mid) {
4519 RestConfig
::authorization_check("patients", "med");
4520 $return = (new ListRestController())->getOne($pid, "medication", $mid);
4521 RestConfig
::apiLog($return);
4527 * path="/api/patient/{pid}/medication/{mid}",
4528 * description="Delete a medication",
4529 * tags={"standard"},
4533 * description="The id for the patient.",
4542 * description="The id for the medication.",
4550 * ref="#/components/responses/standard"
4554 * ref="#/components/responses/badrequest"
4558 * ref="#/components/responses/unauthorized"
4560 * security={{"openemr_auth":{}}}
4563 "DELETE /api/patient/:pid/medication/:mid" => function ($pid, $mid) {
4564 RestConfig
::authorization_check("patients", "med");
4565 $return = (new ListRestController())->delete($pid, $mid, "medication");
4566 RestConfig
::apiLog($return);
4572 * path="/api/patient/{pid}/surgery",
4573 * description="Retrieves all surgeries for a patient",
4574 * tags={"standard"},
4578 * description="The pid for the patient.",
4586 * ref="#/components/responses/standard"
4590 * ref="#/components/responses/badrequest"
4594 * ref="#/components/responses/unauthorized"
4596 * security={{"openemr_auth":{}}}
4599 "GET /api/patient/:pid/surgery" => function ($pid) {
4600 RestConfig
::authorization_check("patients", "med");
4601 $return = (new ListRestController())->getAll($pid, "surgery");
4602 RestConfig
::apiLog($return);
4608 * path="/api/patient/{pid}/surgery/{sid}",
4609 * description="Retrieves a surgery for a patient",
4610 * tags={"standard"},
4614 * description="The id for the patient.",
4623 * description="The id for the surgery.",
4631 * ref="#/components/responses/standard"
4635 * ref="#/components/responses/badrequest"
4639 * ref="#/components/responses/unauthorized"
4641 * security={{"openemr_auth":{}}}
4644 "GET /api/patient/:pid/surgery/:sid" => function ($pid, $sid) {
4645 RestConfig
::authorization_check("patients", "med");
4646 $return = (new ListRestController())->getOne($pid, "surgery", $sid);
4647 RestConfig
::apiLog($return);
4653 * path="/api/patient/{pid}/surgery/{sid}",
4654 * description="Delete a surgery",
4655 * tags={"standard"},
4659 * description="The id for the patient.",
4668 * description="The id for the surgery.",
4676 * ref="#/components/responses/standard"
4680 * ref="#/components/responses/badrequest"
4684 * ref="#/components/responses/unauthorized"
4686 * security={{"openemr_auth":{}}}
4689 "DELETE /api/patient/:pid/surgery/:sid" => function ($pid, $sid) {
4690 RestConfig
::authorization_check("patients", "med");
4691 $return = (new ListRestController())->delete($pid, $sid, "surgery");
4692 RestConfig
::apiLog($return);
4697 * Schema for the surgery request
4700 * schema="api_surgery_request",
4703 * description="The title of surgery.",
4707 * property="begdate",
4708 * description="The beginning date of surgery.",
4712 * property="enddate",
4713 * description="The end date of surgery.",
4717 * property="diagnosis",
4718 * description="The diagnosis of surgery. In format `<codetype>:<code>`",
4721 * required={"title", "begdate"},
4723 * "title": "Blepharoplasty",
4724 * "begdate": "2013-10-14",
4726 * "diagnosis": "CPT4:15823-50"
4732 * path="/api/patient/{pid}/surgery",
4733 * description="Submits a new surgery",
4734 * tags={"standard"},
4738 * description="The pid for the patient.",
4747 * mediaType="application/json",
4748 * @OA\Schema(ref="#/components/schemas/api_surgery_request")
4753 * ref="#/components/responses/standard"
4757 * ref="#/components/responses/badrequest"
4761 * ref="#/components/responses/unauthorized"
4763 * security={{"openemr_auth":{}}}
4766 "POST /api/patient/:pid/surgery" => function ($pid) {
4767 RestConfig
::authorization_check("patients", "med");
4768 $data = (array) (json_decode(file_get_contents("php://input")));
4769 $return = (new ListRestController())->post($pid, "surgery", $data);
4770 RestConfig
::apiLog($return, $data);
4776 * path="/api/patient/{pid}/surgery/{sid}",
4777 * description="Edit a surgery",
4778 * tags={"standard"},
4782 * description="The pid for the patient.",
4791 * description="The id for the surgery.",
4800 * mediaType="application/json",
4801 * @OA\Schema(ref="#/components/schemas/api_surgery_request")
4806 * ref="#/components/responses/standard"
4810 * ref="#/components/responses/badrequest"
4814 * ref="#/components/responses/unauthorized"
4816 * security={{"openemr_auth":{}}}
4819 "PUT /api/patient/:pid/surgery/:sid" => function ($pid, $sid) {
4820 RestConfig
::authorization_check("patients", "med");
4821 $data = (array) (json_decode(file_get_contents("php://input")));
4822 $return = (new ListRestController())->put($pid, $sid, "surgery", $data);
4823 RestConfig
::apiLog($return, $data);
4829 * path="/api/patient/{pid}/dental_issue",
4830 * description="Retrieves all dental issues for a patient",
4831 * tags={"standard"},
4835 * description="The pid for the patient.",
4843 * ref="#/components/responses/standard"
4847 * ref="#/components/responses/badrequest"
4851 * ref="#/components/responses/unauthorized"
4853 * security={{"openemr_auth":{}}}
4856 "GET /api/patient/:pid/dental_issue" => function ($pid) {
4857 RestConfig
::authorization_check("patients", "med");
4858 $return = (new ListRestController())->getAll($pid, "dental");
4859 RestConfig
::apiLog($return);
4865 * path="/api/patient/{pid}/dental_issue/{did}",
4866 * description="Retrieves a dental issue for a patient",
4867 * tags={"standard"},
4871 * description="The id for the patient.",
4880 * description="The id for the dental issue.",
4888 * ref="#/components/responses/standard"
4892 * ref="#/components/responses/badrequest"
4896 * ref="#/components/responses/unauthorized"
4898 * security={{"openemr_auth":{}}}
4901 "GET /api/patient/:pid/dental_issue/:did" => function ($pid, $did) {
4902 RestConfig
::authorization_check("patients", "med");
4903 $return = (new ListRestController())->getOne($pid, "dental", $did);
4904 RestConfig
::apiLog($return);
4910 * path="/api/patient/{pid}/dental_issue/{did}",
4911 * description="Delete a dental issue",
4912 * tags={"standard"},
4916 * description="The id for the patient.",
4925 * description="The id for the dental issue.",
4933 * ref="#/components/responses/standard"
4937 * ref="#/components/responses/badrequest"
4941 * ref="#/components/responses/unauthorized"
4943 * security={{"openemr_auth":{}}}
4946 "DELETE /api/patient/:pid/dental_issue/:did" => function ($pid, $did) {
4947 RestConfig
::authorization_check("patients", "med");
4948 $return = (new ListRestController())->delete($pid, $did, "dental");
4949 RestConfig
::apiLog($return);
4954 * Schema for the dental_issue request
4957 * schema="api_dental_issue_request",
4960 * description="The title of dental issue.",
4964 * property="begdate",
4965 * description="The beginning date of dental issue.",
4969 * property="enddate",
4970 * description="The end date of dental issue.",
4974 * property="diagnosis",
4975 * description="The diagnosis of dental issue. In format `<codetype>:<code>`",
4978 * required={"title", "begdate"},
4980 * "title": "Halitosis",
4981 * "begdate": "2015-03-17",
4988 * path="/api/patient/{pid}/dental_issue",
4989 * description="Submits a new dental issue",
4990 * tags={"standard"},
4994 * description="The pid for the patient.",
5003 * mediaType="application/json",
5004 * @OA\Schema(ref="#/components/schemas/api_dental_issue_request")
5009 * ref="#/components/responses/standard"
5013 * ref="#/components/responses/badrequest"
5017 * ref="#/components/responses/unauthorized"
5019 * security={{"openemr_auth":{}}}
5022 "POST /api/patient/:pid/dental_issue" => function ($pid) {
5023 RestConfig
::authorization_check("patients", "med");
5024 $data = (array) (json_decode(file_get_contents("php://input")));
5025 $return = (new ListRestController())->post($pid, "dental", $data);
5026 RestConfig
::apiLog($return, $data);
5032 * path="/api/patient/{pid}/dental_issue/{did}",
5033 * description="Edit a dental issue",
5034 * tags={"standard"},
5038 * description="The pid for the patient.",
5047 * description="The id for the dental issue.",
5056 * mediaType="application/json",
5057 * @OA\Schema(ref="#/components/schemas/api_dental_issue_request")
5062 * ref="#/components/responses/standard"
5066 * ref="#/components/responses/badrequest"
5070 * ref="#/components/responses/unauthorized"
5072 * security={{"openemr_auth":{}}}
5075 "PUT /api/patient/:pid/dental_issue/:did" => function ($pid, $did) {
5076 RestConfig
::authorization_check("patients", "med");
5077 $data = (array) (json_decode(file_get_contents("php://input")));
5078 $return = (new ListRestController())->put($pid, $did, "dental", $data);
5079 RestConfig
::apiLog($return, $data);
5085 * path="/api/patient/{pid}/appointment",
5086 * description="Retrieves all appointments for a patient",
5087 * tags={"standard"},
5091 * description="The pid for the patient.",
5099 * ref="#/components/responses/standard"
5103 * ref="#/components/responses/badrequest"
5107 * ref="#/components/responses/unauthorized"
5109 * security={{"openemr_auth":{}}}
5112 "GET /api/patient/:pid/appointment" => function ($pid) {
5113 RestConfig
::authorization_check("patients", "appt");
5114 $return = (new AppointmentRestController())->getAllForPatient($pid);
5115 RestConfig
::apiLog($return);
5121 * path="/api/patient/{pid}/appointment",
5122 * description="Submits a new appointment",
5123 * tags={"standard"},
5127 * description="The id for the patient.",
5136 * mediaType="application/json",
5139 * property="pc_catid",
5140 * description="The category of the appointment.",
5144 * property="pc_title",
5145 * description="The title of the appointment.",
5149 * property="pc_duration",
5150 * description="The duration of the appointment.",
5154 * property="pc_hometext",
5155 * description="Comments for the appointment.",
5159 * property="pc_apptstatus",
5160 * description="use an option from resource=/api/list/apptstat",
5164 * property="pc_eventDate",
5165 * description="The date of the appointment.",
5169 * property="pc_startTime",
5170 * description="The time of the appointment.",
5174 * property="pc_facility",
5175 * description="The facility id of the appointment.",
5179 * property="pc_billing_location",
5180 * description="The billinag location id of the appointment.",
5184 * property="pc_aid",
5185 * description="The provider id for the appointment.",
5188 * required={"pc_catid", "pc_title", "pc_duration", "pc_hometext", "pc_apptstatus", "pc_eventDate", "pc_startTime", "pc_facility", "pc_billing_location"},
5191 * "pc_title": "Office Visit",
5192 * "pc_duration": "900",
5193 * "pc_hometext": "Test",
5194 * "pc_apptstatus": "-",
5195 * "pc_eventDate": "2018-10-19",
5196 * "pc_startTime": "09:00",
5197 * "pc_facility": "9",
5198 * "pc_billing_location": "10",
5206 * ref="#/components/responses/standard"
5210 * ref="#/components/responses/badrequest"
5214 * ref="#/components/responses/unauthorized"
5216 * security={{"openemr_auth":{}}}
5219 "POST /api/patient/:pid/appointment" => function ($pid) {
5220 RestConfig
::authorization_check("patients", "appt");
5221 $data = (array) (json_decode(file_get_contents("php://input")));
5222 $return = (new AppointmentRestController())->post($pid, $data);
5223 RestConfig
::apiLog($return, $data);
5229 * path="/api/appointment",
5230 * description="Retrieves all appointments",
5231 * tags={"standard"},
5234 * ref="#/components/responses/standard"
5238 * ref="#/components/responses/badrequest"
5242 * ref="#/components/responses/unauthorized"
5244 * security={{"openemr_auth":{}}}
5247 "GET /api/appointment" => function () {
5248 RestConfig
::authorization_check("patients", "appt");
5249 $return = (new AppointmentRestController())->getAll();
5250 RestConfig
::apiLog($return);
5256 * path="/api/appointment/{eid}",
5257 * description="Retrieves an appointment",
5258 * tags={"standard"},
5262 * description="The eid for the appointment.",
5270 * ref="#/components/responses/standard"
5274 * ref="#/components/responses/badrequest"
5278 * ref="#/components/responses/unauthorized"
5280 * security={{"openemr_auth":{}}}
5283 "GET /api/appointment/:eid" => function ($eid) {
5284 RestConfig
::authorization_check("patients", "appt");
5285 $return = (new AppointmentRestController())->getOne($eid);
5286 RestConfig
::apiLog($return);
5292 * path="/api/patient/{pid}/appointment/{eid}",
5293 * description="Delete a appointment",
5294 * tags={"standard"},
5298 * description="The id for the patient.",
5307 * description="The eid for the appointment.",
5315 * ref="#/components/responses/standard"
5319 * ref="#/components/responses/badrequest"
5323 * ref="#/components/responses/unauthorized"
5325 * security={{"openemr_auth":{}}}
5328 "DELETE /api/patient/:pid/appointment/:eid" => function ($pid, $eid) {
5329 RestConfig
::authorization_check("patients", "appt");
5330 $return = (new AppointmentRestController())->delete($eid);
5331 RestConfig
::apiLog($return);
5337 * path="/api/patient/{pid}/appointment/{eid}",
5338 * description="Retrieves a appointment for a patient",
5339 * tags={"standard"},
5343 * description="The id for the patient.",
5352 * description="The eid for the appointment.",
5360 * ref="#/components/responses/standard"
5364 * ref="#/components/responses/badrequest"
5368 * ref="#/components/responses/unauthorized"
5370 * security={{"openemr_auth":{}}}
5373 "GET /api/patient/:pid/appointment/:eid" => function ($pid, $eid) {
5374 RestConfig
::authorization_check("patients", "appt");
5375 $return = (new AppointmentRestController())->getOne($eid);
5376 RestConfig
::apiLog($return);
5382 * path="/api/list/{list_name}",
5383 * description="Retrieves a list",
5384 * tags={"standard"},
5388 * description="The list_id of the list.",
5396 * ref="#/components/responses/standard"
5400 * ref="#/components/responses/badrequest"
5404 * ref="#/components/responses/unauthorized"
5406 * security={{"openemr_auth":{}}}
5409 "GET /api/list/:list_name" => function ($list_name) {
5410 RestConfig
::authorization_check("lists", "default");
5411 $return = (new ListRestController())->getOptions($list_name);
5412 RestConfig
::apiLog($return);
5419 * description="Retrieves a list of users",
5420 * tags={"standard"},
5424 * description="The id for the user.",
5433 * description="The title for the user.",
5442 * description="The first name for the user.",
5451 * description="The last name for the user.",
5460 * description="The middle name for the user.",
5467 * name="federaltaxid",
5469 * description="The federal tax id for the user.",
5476 * name="federaldrugid",
5478 * description="The federal drug id for the user.",
5487 * description="The upin for the user.",
5494 * name="facility_id",
5496 * description="The facility id for the user.",
5505 * description="The facility for the user.",
5514 * description="The npi for the user.",
5523 * description="The email for the user.",
5532 * description="The specialty for the user.",
5541 * description="The billname for the user.",
5550 * description="The url for the user.",
5559 * description="The assistant for the user.",
5566 * name="organization",
5568 * description="The organization for the user.",
5575 * name="valedictory",
5577 * description="The valedictory for the user.",
5586 * description="The street for the user.",
5595 * description="The street (line 2) for the user.",
5604 * description="The city for the user.",
5613 * description="The state for the user.",
5622 * description="The zip for the user.",
5631 * description="The phone for the user.",
5640 * description="The fax for the user.",
5649 * description="The phonew1 for the user.",
5658 * description="The phonecell for the user.",
5667 * description="The notes for the user.",
5674 * name="state_license_number2",
5676 * description="The state license number for the user.",
5685 * description="The username for the user.",
5693 * ref="#/components/responses/standard"
5697 * ref="#/components/responses/badrequest"
5701 * ref="#/components/responses/unauthorized"
5703 * security={{"openemr_auth":{}}}
5706 "GET /api/user" => function () {
5707 RestConfig
::authorization_check("admin", "users");
5708 $return = (new UserRestController())->getAll($_GET);
5709 RestConfig
::apiLog($return);
5715 * path="/api/user/{uuid}",
5716 * description="Retrieves a single user by their uuid",
5717 * tags={"standard"},
5721 * description="The uuid for the user.",
5729 * ref="#/components/responses/standard"
5733 * ref="#/components/responses/badrequest"
5737 * ref="#/components/responses/unauthorized"
5739 * security={{"openemr_auth":{}}}
5742 "GET /api/user/:uuid" => function ($uuid) {
5743 RestConfig
::authorization_check("admin", "users");
5744 $return = (new UserRestController())->getOne($uuid);
5745 RestConfig
::apiLog($return);
5751 * path="/api/version",
5752 * description="Retrieves the OpenEMR version information",
5753 * tags={"standard"},
5756 * ref="#/components/responses/standard"
5760 * ref="#/components/responses/badrequest"
5764 * ref="#/components/responses/unauthorized"
5766 * security={{"openemr_auth":{}}}
5769 "GET /api/version" => function () {
5770 $return = (new VersionRestController())->getOne();
5771 RestConfig
::apiLog($return);
5777 * path="/api/product",
5778 * description="Retrieves the OpenEMR product registration information",
5779 * tags={"standard"},
5782 * ref="#/components/responses/standard"
5786 * ref="#/components/responses/badrequest"
5790 * ref="#/components/responses/unauthorized"
5792 * security={{"openemr_auth":{}}}
5795 "GET /api/product" => function () {
5796 $return = (new ProductRegistrationRestController())->getOne();
5797 RestConfig
::apiLog($return);
5803 * path="/api/insurance_company",
5804 * description="Retrieves all insurance companies",
5805 * tags={"standard"},
5808 * ref="#/components/responses/standard"
5812 * ref="#/components/responses/badrequest"
5816 * ref="#/components/responses/unauthorized"
5818 * security={{"openemr_auth":{}}}
5821 "GET /api/insurance_company" => function () {
5822 $return = (new InsuranceCompanyRestController())->getAll();
5823 RestConfig
::apiLog($return);
5829 * path="/api/insurance_company/{iid}",
5830 * description="Retrieves insurance company",
5831 * tags={"standard"},
5835 * description="The id of the insurance company.",
5843 * ref="#/components/responses/standard"
5847 * ref="#/components/responses/badrequest"
5851 * ref="#/components/responses/unauthorized"
5853 * security={{"openemr_auth":{}}}
5856 "GET /api/insurance_company/:iid" => function ($iid) {
5857 $return = (new InsuranceCompanyRestController())->getOne($iid);
5858 RestConfig
::apiLog($return);
5864 * path="/api/insurance_type",
5865 * description="Retrieves all insurance types",
5866 * tags={"standard"},
5869 * ref="#/components/responses/standard"
5873 * ref="#/components/responses/badrequest"
5877 * ref="#/components/responses/unauthorized"
5879 * security={{"openemr_auth":{}}}
5882 "GET /api/insurance_type" => function () {
5883 $return = (new InsuranceCompanyRestController())->getInsuranceTypes();
5884 RestConfig
::apiLog($return);
5889 * Schema for the insurance_company request
5892 * schema="api_insurance_company_request",
5895 * description="The name of insurance company.",
5900 * description="The attn of insurance company.",
5904 * property="cms_id",
5905 * description="The cms id of insurance company.",
5909 * property="ins_type_code",
5910 * description="The insurance type code of insurance company. The insurance type code can be found by inspecting the route at (/api/insurance_type).",
5914 * property="x12_receiver_id",
5915 * description="The x12 receiver id of insurance company.",
5919 * property="x12_default_partner_id",
5920 * description="The x12 default partner id of insurance company.",
5924 * property="alt_cms_id",
5925 * description="The alternate cms id of insurance company.",
5930 * description="The line1 address of insurance company.",
5935 * description="The line2 address of insurance company.",
5940 * description="The city of insurance company.",
5945 * description="The state of insurance company.",
5950 * description="The zip of insurance company.",
5954 * property="country",
5955 * description="The country of insurance company.",
5958 * required={"name"},
5960 * "name": "Cool Insurance Company",
5963 * "ins_type_code": "2",
5964 * "x12_receiver_id": null,
5965 * "x12_default_partner_id": null,
5967 * "line1": "123 Cool Lane",
5968 * "line2": "Suite 123",
5969 * "city": "Cooltown",
5978 * path="/api/insurance_company",
5979 * description="Submits a new insurance company",
5980 * tags={"standard"},
5984 * mediaType="application/json",
5985 * @OA\Schema(ref="#/components/schemas/api_insurance_company_request")
5990 * ref="#/components/responses/standard"
5994 * ref="#/components/responses/badrequest"
5998 * ref="#/components/responses/unauthorized"
6000 * security={{"openemr_auth":{}}}
6003 "POST /api/insurance_company" => function () {
6004 $data = (array) (json_decode(file_get_contents("php://input")));
6005 $return = (new InsuranceCompanyRestController())->post($data);
6006 RestConfig
::apiLog($return, $data);
6012 * path="/api/insurance_company/{iid}",
6013 * description="Edit a insurance company",
6014 * tags={"standard"},
6018 * description="The id for the insurance company.",
6027 * mediaType="application/json",
6028 * @OA\Schema(ref="#/components/schemas/api_insurance_company_request")
6033 * ref="#/components/responses/standard"
6037 * ref="#/components/responses/badrequest"
6041 * ref="#/components/responses/unauthorized"
6043 * security={{"openemr_auth":{}}}
6046 "PUT /api/insurance_company/:iid" => function ($iid) {
6047 $data = (array) (json_decode(file_get_contents("php://input")));
6048 $return = (new InsuranceCompanyRestController())->put($iid, $data);
6049 RestConfig
::apiLog($return, $data);
6055 * path="/api/patient/{pid}/document",
6056 * description="Submits a new patient document",
6057 * tags={"standard"},
6061 * description="The pid for the patient.",
6070 * description="The category of the document.",
6079 * mediaType="multipart/form-data",
6082 * property="document",
6083 * description="document",
6092 * ref="#/components/responses/standard"
6096 * ref="#/components/responses/badrequest"
6100 * ref="#/components/responses/unauthorized"
6102 * security={{"openemr_auth":{}}}
6105 "POST /api/patient/:pid/document" => function ($pid) {
6106 $return = (new DocumentRestController())->postWithPath($pid, $_GET['path'], $_FILES['document']);
6107 RestConfig
::apiLog($return);
6113 * path="/api/patient/{pid}/document",
6114 * description="Retrieves all file information of documents from a category for a patient",
6115 * tags={"standard"},
6119 * description="The pid for the patient.",
6128 * description="The category of the documents.",
6136 * ref="#/components/responses/standard"
6140 * ref="#/components/responses/badrequest"
6144 * ref="#/components/responses/unauthorized"
6146 * security={{"openemr_auth":{}}}
6149 "GET /api/patient/:pid/document" => function ($pid) {
6150 $return = (new DocumentRestController())->getAllAtPath($pid, $_GET['path']);
6151 RestConfig
::apiLog($return);
6157 * path="/api/patient/{pid}/document/{did}",
6158 * description="Retrieves a document for a patient",
6159 * tags={"standard"},
6163 * description="The pid for the patient.",
6172 * description="The id for the patient document.",
6180 * ref="#/components/responses/standard"
6184 * ref="#/components/responses/badrequest"
6188 * ref="#/components/responses/unauthorized"
6190 * security={{"openemr_auth":{}}}
6193 "GET /api/patient/:pid/document/:did" => function ($pid, $did) {
6194 $return = (new DocumentRestController())->downloadFile($pid, $did);
6195 RestConfig
::apiLog($return);
6201 * path="/api/patient/{puuid}/employer",
6202 * description="Retrieves all the employer data for a patient. Returns an array of the employer data for the patient.",
6203 * tags={"standard"},
6207 * description="The uuid for the patient.",
6215 * ref="#/components/responses/standard"
6219 * ref="#/components/responses/badrequest"
6223 * ref="#/components/responses/unauthorized"
6225 * security={{"openemr_auth":{}}}
6228 "GET /api/patient/:puuid/employer" => function ($puuid, HttpRestRequest
$request) {
6229 $searchParams = $request->getQueryParams();
6230 $searchParams['puuid'] = $puuid;
6231 if ($request->isPatientRequest()) {
6232 $searchParams['puuid'] = $request->getPatientUUIDString();
6234 $return = (new EmployerRestController())->getAll($searchParams);
6235 RestConfig
::apiLog($return);
6241 * path="/api/patient/{puuid}/insurance",
6242 * description="Retrieves all insurances for a patient",
6243 * tags={"standard"},
6247 * description="The uuid for the patient.",
6255 * ref="#/components/responses/standard"
6259 * ref="#/components/responses/badrequest"
6263 * ref="#/components/responses/unauthorized"
6265 * security={{"openemr_auth":{}}}
6268 "GET /api/patient/:puuid/insurance" => function ($puuid, HttpRestRequest
$request) {
6269 $searchParams = $request->getQueryParams();
6270 $searchParams['puuid'] = $puuid;
6271 if ($request->isPatientRequest()) {
6272 $searchParams['puuid'] = $request->getPatientUUIDString();
6274 $return = (new InsuranceRestController())->getAll($searchParams);
6275 RestConfig
::apiLog($return);
6281 * path="/api/patient/{puuid}/insurance/$swap-insurance",
6282 * description="Updates the insurance for the passed in uuid to be a policy of type `type` and updates (if one exists) the current or most recent insurance for the passed in `type` for a patient to be the `type` of the insurance for the given `uuid`. Validations on the swap operation are performed to make sure the effective `date` of the src and target policies being swapped can be received in each given policy `type` as a policy `type` and `date` must together be unique per patient.",
6283 * tags={"standard"},
6287 * description="The uuid for the patient.",
6296 * description="The type or category of OpenEMR insurance policy, 'primary', 'secondary', or 'tertiary'.",
6305 * description="The insurance uuid that will be swapped into the list of insurances for the type query parameter",
6313 * ref="#/components/responses/standard"
6317 * ref="#/components/responses/badrequest"
6321 * ref="#/components/responses/unauthorized"
6323 * security={{"openemr_auth":{}}}
6326 'GET /api/patient/:puuid/insurance/$swap-insurance' => function ($puuid, HttpRestRequest
$request) {
6327 if ($request->isPatientRequest()) {
6328 $puuid = $request->getPatientUUIDString();
6330 $type = $request->getQueryParam('type');
6331 $insuranceUuid = $request->getQueryParam('uuid');
6333 $return = (new InsuranceRestController())->operationSwapInsurance($puuid, $type, $insuranceUuid);
6334 RestConfig
::apiLog($return);
6340 * path="/api/patient/{puuid}/insurance/{uuid}",
6341 * description="Retrieves all insurances for a patient",
6342 * tags={"standard"},
6346 * description="The uuid for the patient.",
6354 * ref="#/components/responses/standard"
6358 * ref="#/components/responses/badrequest"
6362 * ref="#/components/responses/unauthorized"
6364 * security={{"openemr_auth":{}}}
6367 "GET /api/patient/:puuid/insurance/:uuid" => function ($puuid, $uuid, HttpRestRequest
$request) {
6368 if ($request->isPatientRequest()) {
6369 $puuid = $request->getPatientUUIDString();
6371 $return = (new InsuranceRestController())->getOne($uuid, $puuid);
6372 RestConfig
::apiLog($return);
6377 * Schema for the insurance request. Note the following additional validation checks on the request.
6378 * If the subscriber_relationship value is of type 'self' then the subscriber_fname and subscriber_lname fields
6379 * must match the patient's first and last name or a patient's previous first and last name.
6381 * If the subscriber_relationship value is of type 'self' then the subscriber_ss field must match the patient's
6382 * social security number.
6384 * If the subscriber_relationship value is not of type 'self' then the subscriber_ss field MUST not be the current patient's social security number.
6386 * If the system's global configuration permits only a single insurance type option then any insurance rquest where the type is NOT 'primary' will fail.
6388 * An insurance is considered the current policy for the policy type if the policy date_end field is null. Only one of these records per policy type can exist for a patient.
6390 * schema="api_insurance_request",
6392 * property="provider",
6393 * description="The insurance company id.",
6397 * property="plan_name",
6398 * description="The plan name of insurance. (2-255 characters)",
6402 * property="policy_number",
6403 * description="The policy number of insurance. (2-255 characters)",
6407 * property="group_number",
6408 * description="The group number of insurance.(2-255 characters)",
6412 * property="subscriber_lname",
6413 * description="The subscriber last name of insurance.(2-255 characters).",
6417 * property="subscriber_mname",
6418 * description="The subscriber middle name of insurance.",
6422 * property="subscriber_fname",
6423 * description="The subscriber first name of insurance.",
6427 * property="subscriber_relationship",
6428 * description="The subscriber relationship of insurance. `subscriber_relationship` can be found by querying `resource=/api/list/subscriber_relationship`",
6432 * property="subscriber_ss",
6433 * description="The subscriber ss number of insurance.",
6437 * property="subscriber_DOB",
6438 * description="The subscriber DOB of insurance.",
6442 * property="subscriber_street",
6443 * description="The subscriber street address of insurance.",
6447 * property="subscriber_postal_code",
6448 * description="The subscriber postal code of insurance.",
6452 * property="subscriber_city",
6453 * description="The subscriber city of insurance.",
6457 * property="subscriber_state",
6458 * description="The subscriber state of insurance. `state` can be found by querying `resource=/api/list/state`",
6462 * property="subscriber_country",
6463 * description="The subscriber country of insurance. `country` can be found by querying `resource=/api/list/country`",
6467 * property="subscriber_phone",
6468 * description="The subscriber phone of insurance.",
6472 * property="subscriber_employer",
6473 * description="The subscriber employer of insurance.",
6477 * property="subscriber_employer_street",
6478 * description="The subscriber employer street of insurance.",
6482 * property="subscriber_employer_postal_code",
6483 * description="The subscriber employer postal code of insurance.",
6487 * property="subscriber_employer_state",
6488 * description="The subscriber employer state of insurance.",
6492 * property="subscriber_employer_country",
6493 * description="The subscriber employer country of insurance.",
6497 * property="subscriber_employer_city",
6498 * description="The subscriber employer city of insurance.",
6503 * description="The copay of insurance.",
6508 * description="The effective date of insurance in YYYY-MM-DD format. This value cannot be after the date_end property and cannot be the same date as any other insurance policy for the same insurance type ('primary, 'secondary', etc).",
6512 * property="date_end",
6513 * description="The effective end date of insurance in YYYY-MM-DD format. This value cannot be before the date property. If it is null then this policy is the current policy for this policy type for the patient. There can only be one current policy per type and the request will fail if there is already a current policy for this type.",
6517 * property="subscriber_sex",
6518 * description="The subscriber sex of insurance.",
6522 * property="accept_assignment",
6523 * description="The accept_assignment of insurance.",
6527 * property="policy_type",
6528 * description="The 837p list of policy types for an insurance. See src/Billing/InsurancePolicyType.php for the list of valid values.",
6533 * description="The type or category of OpenEMR insurance policy, 'primary', 'secondary', or 'tertiary'. If this field is missing it will default to 'primary'.",
6536 * required={"provider", "policy_number", "subscriber_fname", "subscriber_lname", "subscriber_relationship", "subscriber_ss", "subscriber_DOB", "subscriber_street", "subscriber_postal_code", "subscriber_city", "subscriber_state", "subscriber_sex", "accept_assignment"},
6539 * "plan_name": "Some Plan",
6540 * "policy_number": "12345",
6541 * "group_number": "252412",
6542 * "subscriber_lname": "Tester",
6543 * "subscriber_mname": "Xi",
6544 * "subscriber_fname": "Foo",
6545 * "subscriber_relationship": "other",
6546 * "subscriber_ss": "234231234",
6547 * "subscriber_DOB": "2018-10-03",
6548 * "subscriber_street": "183 Cool St",
6549 * "subscriber_postal_code": "23418",
6550 * "subscriber_city": "Cooltown",
6551 * "subscriber_state": "AZ",
6552 * "subscriber_country": "USA",
6553 * "subscriber_phone": "234-598-2123",
6554 * "subscriber_employer": "Some Employer",
6555 * "subscriber_employer_street": "123 Heather Lane",
6556 * "subscriber_employer_postal_code": "23415",
6557 * "subscriber_employer_state": "AZ",
6558 * "subscriber_employer_country": "USA",
6559 * "subscriber_employer_city": "Cooltown",
6561 * "date": "2018-10-15",
6562 * "subscriber_sex": "Female",
6563 * "accept_assignment": "TRUE",
6564 * "policy_type": "a",
6572 * path="/api/patient/{puuid}/insurance/{insuranceUuid}",
6573 * description="Edit a specific patient insurance policy. Requires the patients/demo/write ACL to call. This method is the preferred method for updating a patient insurance policy. The {insuranceId} can be found by querying /api/patient/{pid}/insurance",
6574 * tags={"standard"},
6578 * description="The uuid for the patient.",
6585 * name="insuranceUuid",
6587 * description="The insurance policy uuid for the patient.",
6596 * mediaType="application/json",
6597 * @OA\Schema(ref="#/components/schemas/api_insurance_request")
6602 * ref="#/components/responses/standard"
6606 * ref="#/components/responses/badrequest"
6610 * ref="#/components/responses/unauthorized"
6612 * security={{"openemr_auth":{}}}
6615 "PUT /api/patient/:puuid/insurance/:insuranceUuid" => function ($puuid, $insuranceUuid, HttpRestRequest
$request) {
6616 RestConfig
::authorization_check("patients", "demo", '', 'write');
6617 $data = (array) (json_decode(file_get_contents("php://input")));
6618 $return = (new InsuranceRestController())->put($puuid, $insuranceUuid, $data);
6619 RestConfig
::apiLog($return, $data);
6625 * path="/api/patient/{puuid}/insurance",
6626 * description="Submits a new patient insurance.",
6627 * tags={"standard"},
6631 * description="The uuid for the patient.",
6640 * mediaType="application/json",
6641 * @OA\Schema(ref="#/components/schemas/api_insurance_request")
6646 * ref="#/components/responses/standard"
6650 * ref="#/components/responses/badrequest"
6654 * ref="#/components/responses/unauthorized"
6656 * security={{"openemr_auth":{}}}
6659 "POST /api/patient/:puuid/insurance" => function ($puuid) {
6660 RestConfig
::authorization_check("patients", "demo", '', ['write','addonly']);
6661 $data = (array) (json_decode(file_get_contents("php://input")));
6662 $return = (new InsuranceRestController())->post($puuid, $data);
6663 RestConfig
::apiLog($return, $data);
6667 * Schema for the message request
6670 * schema="api_message_request",
6673 * description="The body of message.",
6677 * property="groupname",
6678 * description="The group name (usually is 'Default').",
6683 * description="The sender of the message.",
6688 * description="The recipient of the message.",
6693 * description="use an option from resource=/api/list/note_type",
6697 * property="message_status",
6698 * description="use an option from resource=/api/list/message_status",
6701 * required={"body", "groupname", "from", "to", "title", "message_status"},
6703 * "body": "Test 456",
6704 * "groupname": "Default",
6705 * "from": "Matthew",
6708 * "message_status": "New"
6714 * path="/api/patient/{pid}/message",
6715 * description="Submits a pnote message",
6716 * tags={"standard"},
6720 * description="The id for the patient.",
6729 * mediaType="application/json",
6730 * @OA\Schema(ref="#/components/schemas/api_message_request")
6735 * ref="#/components/responses/standard"
6739 * ref="#/components/responses/badrequest"
6743 * ref="#/components/responses/unauthorized"
6745 * security={{"openemr_auth":{}}}
6748 "POST /api/patient/:pid/message" => function ($pid) {
6749 RestConfig
::authorization_check("patients", "notes");
6750 $data = (array) (json_decode(file_get_contents("php://input")));
6751 $return = (new MessageRestController())->post($pid, $data);
6752 RestConfig
::apiLog($return, $data);
6758 * path="/api/patient/{pid}/transaction",
6759 * description="Get Transactions for a patient",
6760 * tags={"standard"},
6764 * description="The pid for the patient",
6772 * ref="#/components/responses/standard"
6776 * ref="#/components/responses/badrequest"
6780 * ref="#/components/responses/unauthorized"
6782 * security={{"openemr_auth":{}}}
6786 "GET /api/patient/:pid/transaction" => function ($pid) {
6787 RestConfig
::authorization_check("patients", "trans");
6788 $cont = new TransactionRestController();
6789 $return = (new TransactionRestController())->GetPatientTransactions($pid);
6790 RestConfig
::apiLog($return);
6795 * Schema for the transaction request
6798 * schema="api_transaction_request",
6800 * property="message",
6801 * description="The message of the transaction.",
6806 * description="The type of transaction. Use an option from resource=/api/transaction_type",
6810 * property="groupname",
6811 * description="The group name (usually is 'Default').",
6815 * property="referByNpi",
6816 * description="NPI of the person creating the referral.",
6820 * property="referToNpi",
6821 * description="NPI of the person getting the referral.",
6825 * property="referDiagnosis",
6826 * description="The referral diagnosis.",
6830 * property="riskLevel",
6831 * description="The risk level. (Low, Medium, High)",
6835 * property="includeVitals",
6836 * description="Are vitals included (0,1)",
6840 * property="referralDate",
6841 * description="The date of the referral",
6845 * property="authorization",
6846 * description="The authorization for the referral",
6850 * property="visits",
6851 * description="The number of vists for the referral",
6855 * property="validFrom",
6856 * description="The date the referral is valid from",
6860 * property="validThrough",
6861 * description="The date the referral is valid through",
6864 * required={"message", "groupname", "title"},
6866 * "message": "Message",
6868 * "groupname": "Default",
6869 * "referByNpi":"9999999999",
6870 * "referToNpi":"9999999999",
6871 * "referDiagnosis":"Diag 1",
6872 * "riskLevel":"Low",
6873 * "includeVitals":"1",
6874 * "referralDate":"2022-01-01",
6875 * "authorization":"Auth_123",
6877 * "validFrom": "2022-01-02",
6878 * "validThrough": "2022-01-03",
6879 * "body": "Reason 1"
6885 * path="/api/patient/{pid}/transaction",
6886 * description="Submits a transaction",
6887 * tags={"standard"},
6891 * description="The pid for the patient.",
6900 * mediaType="application/json",
6901 * @OA\Schema(ref="#/components/schemas/api_transaction_request")
6906 * ref="#/components/responses/standard"
6910 * ref="#/components/responses/badrequest"
6914 * ref="#/components/responses/unauthorized"
6916 * security={{"openemr_auth":{}}}
6919 "POST /api/patient/:pid/transaction" => function ($pid) {
6920 RestConfig
::authorization_check("patients", "trans");
6921 $data = (array) (json_decode(file_get_contents("php://input")));
6922 $return = (new TransactionRestController())->CreateTransaction($pid, $data);
6923 RestConfig
::apiLog($return, $data);
6929 * path="/api/transaction/{tid}",
6930 * description="Updates a transaction",
6931 * tags={"standard"},
6935 * description="The id for the transaction.",
6944 * mediaType="application/json",
6945 * @OA\Schema(ref="#/components/schemas/api_transaction_request")
6950 * ref="#/components/responses/standard"
6954 * ref="#/components/responses/badrequest"
6958 * ref="#/components/responses/unauthorized"
6960 * security={{"openemr_auth":{}}}
6963 "PUT /api/transaction/:tid" => function ($tid) {
6964 RestConfig
::authorization_check("patients", "trans");
6965 $data = (array) (json_decode(file_get_contents("php://input")));
6966 $return = (new TransactionRestController())->UpdateTransaction($tid, $data);
6967 RestConfig
::apiLog($return, $data);
6973 * path="/api/patient/{pid}/message/{mid}",
6974 * description="Edit a pnote message",
6975 * tags={"standard"},
6979 * description="The id for the patient.",
6988 * description="The id for the pnote message.",
6997 * mediaType="application/json",
6998 * @OA\Schema(ref="#/components/schemas/api_message_request")
7003 * ref="#/components/responses/standard"
7007 * ref="#/components/responses/badrequest"
7011 * ref="#/components/responses/unauthorized"
7013 * security={{"openemr_auth":{}}}
7016 "PUT /api/patient/:pid/message/:mid" => function ($pid, $mid) {
7017 RestConfig
::authorization_check("patients", "notes");
7018 $data = (array) (json_decode(file_get_contents("php://input")));
7019 $return = (new MessageRestController())->put($pid, $mid, $data);
7020 RestConfig
::apiLog($return, $data);
7026 * path="/api/patient/{pid}/message/{mid}",
7027 * description="Delete a pnote message",
7028 * tags={"standard"},
7032 * description="The id for the patient.",
7041 * description="The id for the pnote message.",
7049 * ref="#/components/responses/standard"
7053 * ref="#/components/responses/badrequest"
7057 * ref="#/components/responses/unauthorized"
7059 * security={{"openemr_auth":{}}}
7062 "DELETE /api/patient/:pid/message/:mid" => function ($pid, $mid) {
7063 RestConfig
::authorization_check("patients", "notes");
7064 $return = (new MessageRestController())->delete($pid, $mid);
7065 RestConfig
::apiLog($return);
7071 * path="/api/immunization",
7072 * description="Retrieves a list of immunizations",
7073 * tags={"standard"},
7075 * name="patient_id",
7077 * description="The pid for the patient.",
7086 * description="The id for the immunization.",
7095 * description="The uuid for the immunization.",
7102 * name="administered_date",
7104 * description="The administered date for the immunization.",
7111 * name="immunization_id",
7113 * description="The immunization list_id for the immunization.",
7122 * description="The cvx code for the immunization.",
7129 * name="manufacturer",
7131 * description="The manufacturer for the immunization.",
7138 * name="lot_number",
7140 * description="The lot number for the immunization.",
7147 * name="administered_by_id",
7149 * description="The administered by id for the immunization.",
7156 * name="administered_by",
7158 * description="The administered by for the immunization.",
7165 * name="education_date",
7167 * description="The education date for the immunization.",
7176 * description="The vis date for the immunization.",
7185 * description="The note for the immunization.",
7192 * name="create_date",
7194 * description="The create date for the immunization.",
7201 * name="update_date",
7203 * description="The update date for the immunization.",
7210 * name="created_by",
7212 * description="The created_by for the immunization.",
7219 * name="updated_by",
7221 * description="The updated_by for the immunization.",
7228 * name="amount_administered",
7230 * description="The amount administered for the immunization.",
7237 * name="amount_administered_unit",
7239 * description="The amount administered unit for the immunization.",
7246 * name="expiration_date",
7248 * description="The expiration date for the immunization.",
7257 * description="The route for the immunization.",
7264 * name="administration_site",
7266 * description="The administration site for the immunization.",
7273 * name="added_erroneously",
7275 * description="The added_erroneously for the immunization.",
7282 * name="external_id",
7284 * description="The external_id for the immunization.",
7291 * name="completion_status",
7293 * description="The completion status for the immunization.",
7300 * name="information_source",
7302 * description="The information source for the immunization.",
7309 * name="refusal_reason",
7311 * description="The refusal reason for the immunization.",
7318 * name="ordering_provider",
7320 * description="The ordering provider for the immunization.",
7328 * ref="#/components/responses/standard"
7332 * ref="#/components/responses/badrequest"
7336 * ref="#/components/responses/unauthorized"
7338 * security={{"openemr_auth":{}}}
7341 "GET /api/immunization" => function () {
7342 RestConfig
::authorization_check("patients", "med");
7343 $return = (new ImmunizationRestController())->getAll($_GET);
7344 RestConfig
::apiLog($return);
7350 * path="/api/immunization/{uuid}",
7351 * description="Retrieves a immunization",
7352 * tags={"standard"},
7356 * description="The uuid for the immunization.",
7364 * ref="#/components/responses/standard"
7368 * ref="#/components/responses/badrequest"
7372 * ref="#/components/responses/unauthorized"
7374 * security={{"openemr_auth":{}}}
7377 "GET /api/immunization/:uuid" => function ($uuid) {
7378 RestConfig
::authorization_check("patients", "med");
7379 $return = (new ImmunizationRestController())->getOne($uuid);
7380 RestConfig
::apiLog($return);
7386 * path="/api/procedure",
7387 * description="Retrieves a list of all procedures",
7388 * tags={"standard"},
7391 * ref="#/components/responses/standard"
7395 * ref="#/components/responses/badrequest"
7399 * ref="#/components/responses/unauthorized"
7401 * security={{"openemr_auth":{}}}
7404 "GET /api/procedure" => function () {
7405 RestConfig
::authorization_check("patients", "med");
7406 $return = (new ProcedureRestController())->getAll();
7407 RestConfig
::apiLog($return);
7413 * path="/api/procedure/{uuid}",
7414 * description="Retrieves a procedure",
7415 * tags={"standard"},
7419 * description="The uuid for the procedure.",
7427 * ref="#/components/responses/standard"
7431 * ref="#/components/responses/badrequest"
7435 * ref="#/components/responses/unauthorized"
7437 * security={{"openemr_auth":{}}}
7440 "GET /api/procedure/:uuid" => function ($uuid) {
7441 RestConfig
::authorization_check("patients", "med");
7442 $return = (new ProcedureRestController())->getOne($uuid);
7443 RestConfig
::apiLog($return);
7450 * description="Retrieves a list of all drugs",
7451 * tags={"standard"},
7454 * ref="#/components/responses/standard"
7458 * ref="#/components/responses/badrequest"
7462 * ref="#/components/responses/unauthorized"
7464 * security={{"openemr_auth":{}}}
7467 "GET /api/drug" => function () {
7468 RestConfig
::authorization_check("patients", "med");
7469 $return = (new DrugRestController())->getAll();
7470 RestConfig
::apiLog($return);
7476 * path="/api/drug/{uuid}",
7477 * description="Retrieves a drug",
7478 * tags={"standard"},
7482 * description="The uuid for the drug.",
7490 * ref="#/components/responses/standard"
7494 * ref="#/components/responses/badrequest"
7498 * ref="#/components/responses/unauthorized"
7500 * security={{"openemr_auth":{}}}
7503 "GET /api/drug/:uuid" => function ($uuid) {
7504 RestConfig
::authorization_check("patients", "med");
7505 $return = (new DrugRestController())->getOne($uuid);
7506 RestConfig
::apiLog($return);
7512 * path="/api/prescription",
7513 * description="Retrieves a list of all prescriptions",
7514 * tags={"standard"},
7517 * ref="#/components/responses/standard"
7521 * ref="#/components/responses/badrequest"
7525 * ref="#/components/responses/unauthorized"
7527 * security={{"openemr_auth":{}}}
7530 "GET /api/prescription" => function () {
7531 RestConfig
::authorization_check("patients", "med");
7532 $return = (new PrescriptionRestController())->getAll();
7533 RestConfig
::apiLog($return);
7539 * path="/api/prescription/{uuid}",
7540 * description="Retrieves a prescription",
7541 * tags={"standard"},
7545 * description="The uuid for the prescription.",
7553 * ref="#/components/responses/standard"
7557 * ref="#/components/responses/badrequest"
7561 * ref="#/components/responses/unauthorized"
7563 * security={{"openemr_auth":{}}}
7566 "GET /api/prescription/:uuid" => function ($uuid) {
7567 RestConfig
::authorization_check("patients", "med");
7568 $return = (new PrescriptionRestController())->getOne($uuid);
7569 RestConfig
::apiLog($return);
7574 use OpenEMR\Common\Http\StatusCode
;
7575 use OpenEMR\Common\Http\Psr17Factory
;
7576 use OpenEMR\RestControllers\FHIR\FhirAllergyIntoleranceRestController
;
7577 use OpenEMR\RestControllers\FHIR\FhirAppointmentRestController
;
7578 use OpenEMR\RestControllers\FHIR\FhirCarePlanRestController
;
7579 use OpenEMR\RestControllers\FHIR\FhirCareTeamRestController
;
7580 use OpenEMR\RestControllers\FHIR\FhirConditionRestController
;
7581 use OpenEMR\RestControllers\FHIR\FhirCoverageRestController
;
7582 use OpenEMR\RestControllers\FHIR\FhirDeviceRestController
;
7583 use OpenEMR\RestControllers\FHIR\FhirDiagnosticReportRestController
;
7584 use OpenEMR\RestControllers\FHIR\FhirDocumentReferenceRestController
;
7585 use OpenEMR\RestControllers\FHIR\FhirEncounterRestController
;
7586 use OpenEMR\RestControllers\FHIR\FhirObservationRestController
;
7587 use OpenEMR\RestControllers\FHIR\FhirImmunizationRestController
;
7588 use OpenEMR\RestControllers\FHIR\FhirGoalRestController
;
7589 use OpenEMR\RestControllers\FHIR\FhirGroupRestController
;
7590 use OpenEMR\RestControllers\FHIR\FhirLocationRestController
;
7591 use OpenEMR\RestControllers\FHIR\FhirMedicationRestController
;
7592 use OpenEMR\RestControllers\FHIR\FhirMedicationRequestRestController
;
7593 use OpenEMR\RestControllers\FHIR\FhirOrganizationRestController
;
7594 use OpenEMR\RestControllers\FHIR\FhirPatientRestController
;
7595 use OpenEMR\RestControllers\FHIR\FhirPersonRestController
;
7596 use OpenEMR\RestControllers\FHIR\FhirPractitionerRoleRestController
;
7597 use OpenEMR\RestControllers\FHIR\FhirPractitionerRestController
;
7598 use OpenEMR\RestControllers\FHIR\FhirProcedureRestController
;
7599 use OpenEMR\RestControllers\FHIR\FhirProvenanceRestController
;
7600 use OpenEMR\RestControllers\FHIR\FhirValueSetRestController
;
7601 use OpenEMR\RestControllers\FHIR\FhirMetaDataRestController
;
7602 use OpenEMR\RestControllers\FHIR\Operations\FhirOperationExportRestController
;
7603 use OpenEMR\RestControllers\FHIR\Operations\FhirOperationDocRefRestController
;
7604 use OpenEMR\RestControllers\FHIR\Operations\FhirOperationDefinitionRestController
;
7606 // Note that the fhir route includes both user role and patient role
7607 // (there is a mechanism in place to ensure patient role is binded
7608 // to only see the data of the one patient)
7609 RestConfig
::$FHIR_ROUTE_MAP = array(
7612 * path="/fhir/AllergyIntolerance",
7613 * description="Returns a list of AllergyIntolerance resources.",
7618 * description="The uuid for the AllergyIntolerance resource.",
7627 * description="The uuid for the patient.",
7635 * description="Standard Response",
7637 * mediaType="application/json",
7640 * property="json object",
7641 * description="FHIR Json object.",
7646 * "lastUpdated": "2021-09-14T09:13:51"
7648 * "resourceType": "Bundle",
7649 * "type": "collection",
7653 * "relation": "self",
7654 * "url": "https://localhost:9300/apis/default/fhir/AllergyIntolerance"
7663 * ref="#/components/responses/badrequest"
7667 * ref="#/components/responses/unauthorized"
7669 * security={{"openemr_auth":{}}}
7672 "GET /fhir/AllergyIntolerance" => function (HttpRestRequest
$request) {
7673 $getParams = $request->getQueryParams();
7674 if ($request->isPatientRequest()) {
7675 // only allow access to data of binded patient
7676 $return = (new FhirAllergyIntoleranceRestController($request))->getAll($getParams, $request->getPatientUUIDString());
7678 RestConfig
::authorization_check("patients", "med");
7679 $return = (new FhirAllergyIntoleranceRestController($request))->getAll($getParams);
7681 RestConfig
::apiLog($return);
7687 * path="/fhir/AllergyIntolerance/{uuid}",
7688 * description="Returns a single AllergyIntolerance resource.",
7693 * description="The uuid for the AllergyIntolerance resource.",
7701 * description="Standard Response",
7703 * mediaType="application/json",
7706 * property="json object",
7707 * description="FHIR Json object.",
7711 * "id": "94682fe5-f383-4885-9505-64b02e34906f",
7714 * "lastUpdated": "2021-09-16T00:27:32+00:00"
7716 * "resourceType": "AllergyIntolerance",
7718 * "status": "additional",
7719 * "div": "<div xmlns='http://www.w3.org/1999/xhtml'>penicillin</div>"
7721 * "clinicalStatus": {
7724 * "system": "http://terminology.hl7.org/CodeSystem/allergyintolerance-clinical",
7726 * "display": "Active"
7730 * "verificationStatus": {
7733 * "system": "http://terminology.hl7.org/CodeSystem/allergyintolerance-verification",
7734 * "code": "confirmed",
7735 * "display": "Confirmed"
7742 * "criticality": "low",
7746 * "system": "http://terminology.hl7.org/CodeSystem/data-absent-reason",
7747 * "code": "unknown",
7748 * "display": "Unknown"
7753 * "reference": "Patient/94682ef5-b0e3-4289-b19a-11b9592e9c92"
7757 * "manifestation": {
7761 * "system": "http://snomed.info/sct",
7762 * "code": "422587007",
7763 * "display": "Nausea"
7777 * ref="#/components/responses/badrequest"
7781 * ref="#/components/responses/unauthorized"
7785 * ref="#/components/responses/uuidnotfound"
7787 * security={{"openemr_auth":{}}}
7790 "GET /fhir/AllergyIntolerance/:uuid" => function ($uuid, HttpRestRequest
$request) {
7791 if ($request->isPatientRequest()) {
7792 // only allow access to data of binded patient
7793 $return = (new FhirAllergyIntoleranceRestController($request))->getOne($uuid, $request->getPatientUUIDString());
7795 RestConfig
::authorization_check("patients", "med");
7796 $return = (new FhirAllergyIntoleranceRestController($request))->getOne($uuid);
7798 RestConfig
::apiLog($return);
7804 * path="/fhir/Appointment",
7805 * description="Returns a list of Appointment resources.",
7810 * description="The uuid for the Appointment resource.",
7819 * description="The uuid for the patient.",
7827 * description="Standard Response",
7829 * mediaType="application/json",
7832 * property="json object",
7833 * description="FHIR Json object.",
7838 * "lastUpdated": "2021-09-14T09:13:51"
7840 * "resourceType": "Bundle",
7841 * "type": "collection",
7845 * "relation": "self",
7846 * "url": "https://localhost:9300/apis/default/fhir/AllergyIntolerance"
7855 * ref="#/components/responses/badrequest"
7859 * ref="#/components/responses/unauthorized"
7861 * security={{"openemr_auth":{}}}
7864 "GET /fhir/Appointment" => function (HttpRestRequest
$request) {
7865 $getParams = $request->getQueryParams();
7866 if ($request->isPatientRequest()) {
7867 // only allow access to data of binded patient
7868 $return = (new FhirAppointmentRestController($request))->getAll($getParams, $request->getPatientUUIDString());
7870 RestConfig
::authorization_check("patients", "appt");
7871 $return = (new FhirAppointmentRestController($request))->getAll($getParams);
7873 RestConfig
::apiLog($return);
7879 * path="/fhir/Appointment/{uuid}",
7880 * description="Returns a single Appointment resource.",
7885 * description="The uuid for the Appointment resource.",
7893 * description="Standard Response",
7895 * mediaType="application/json",
7898 * property="json object",
7899 * description="FHIR Json object.",
7908 * ref="#/components/responses/badrequest"
7912 * ref="#/components/responses/unauthorized"
7916 * ref="#/components/responses/uuidnotfound"
7918 * security={{"openemr_auth":{}}}
7921 "GET /fhir/Appointment/:uuid" => function ($uuid, HttpRestRequest
$request) {
7922 if ($request->isPatientRequest()) {
7923 // only allow access to data of binded patient
7924 $return = (new FhirAppointmentRestController($request))->getOne($uuid, $request->getPatientUUIDString());
7926 RestConfig
::authorization_check("patients", "appt");
7927 $return = (new FhirAppointmentRestController($request))->getOne($uuid);
7929 RestConfig
::apiLog($return);
7935 * path="/fhir/CarePlan",
7936 * description="Returns a list of CarePlan resources.",
7941 * description="The uuid for the CarePlan resource.",
7950 * description="The uuid for the patient.",
7959 * description="The category of the CarePlan resource.",
7967 * description="Standard Response",
7969 * mediaType="application/json",
7972 * property="json object",
7973 * description="FHIR Json object.",
7978 * "lastUpdated": "2021-09-14T09:13:51"
7980 * "resourceType": "Bundle",
7981 * "type": "collection",
7985 * "relation": "self",
7986 * "url": "https://localhost:9300/apis/default/fhir/CarePlan"
7995 * ref="#/components/responses/badrequest"
7999 * ref="#/components/responses/unauthorized"
8001 * security={{"openemr_auth":{}}}
8004 "GET /fhir/CarePlan" => function (HttpRestRequest
$request) {
8005 $getParams = $request->getQueryParams();
8006 if ($request->isPatientRequest()) {
8007 // only allow access to data of binded patient
8008 $return = (new FhirCarePlanRestController())->getAll($getParams, $request->getPatientUUIDString());
8010 RestConfig
::authorization_check("patients", "med");
8011 $return = (new FhirCarePlanRestController())->getAll($getParams);
8013 RestConfig
::apiLog($return);
8019 * path="/fhir/CarePlan/{uuid}",
8020 * description="Returns a single CarePlan resource.",
8025 * description="The uuid for the CarePlan resource.",
8033 * description="Standard Response",
8035 * mediaType="application/json",
8038 * property="json object",
8039 * description="FHIR Json object.",
8043 * "id": "94682f08-8fbc-451e-b1ec-f922d765c38f_1",
8046 * "lastUpdated": "2021-09-16T00:54:18+00:00"
8048 * "resourceType": "CarePlan",
8050 * "status": "generated",
8051 * "div": "<div xmlns=""http://www.w3.org/1999/xhtml""><p>Treat flu.</p></div>"
8053 * "status": "active",
8059 * "system": "http://hl7.org/fhir/us/core/CodeSystem/careplan-category",
8060 * "code": "assess-plan"
8065 * "description": "Treat flu.",
8067 * "reference": "Patient/94682ef5-b0e3-4289-b19a-11b9592e9c92",
8076 * ref="#/components/responses/badrequest"
8080 * ref="#/components/responses/unauthorized"
8084 * ref="#/components/responses/uuidnotfound"
8086 * security={{"openemr_auth":{}}}
8089 "GET /fhir/CarePlan/:uuid" => function ($uuid, HttpRestRequest
$request) {
8090 if ($request->isPatientRequest()) {
8091 // only allow access to data of binded patient
8092 $return = (new FhirCarePlanRestController())->getOne($uuid, $request->getPatientUUIDString());
8094 RestConfig
::authorization_check("patients", "med");
8095 $return = (new FhirCarePlanRestController())->getOne($uuid);
8097 RestConfig
::apiLog($return);
8103 * path="/fhir/CareTeam",
8104 * description="Returns a list of CareTeam resources.",
8109 * description="The uuid for the CareTeam resource.",
8118 * description="The uuid for the patient.",
8127 * description="The status of the CarePlan resource.",
8135 * description="Standard Response",
8137 * mediaType="application/json",
8140 * property="json object",
8141 * description="FHIR Json object.",
8146 * "lastUpdated": "2021-09-14T09:13:51"
8148 * "resourceType": "Bundle",
8149 * "type": "collection",
8153 * "relation": "self",
8154 * "url": "https://localhost:9300/apis/default/fhir/CareTeam"
8163 * ref="#/components/responses/badrequest"
8167 * ref="#/components/responses/unauthorized"
8169 * security={{"openemr_auth":{}}}
8172 "GET /fhir/CareTeam" => function (HttpRestRequest
$request) {
8173 $getParams = $request->getQueryParams();
8174 if ($request->isPatientRequest()) {
8175 // only allow access to data of binded patient
8176 $return = (new FhirCareTeamRestController())->getAll($getParams, $request->getPatientUUIDString());
8178 RestConfig
::authorization_check("patients", "med");
8179 $return = (new FhirCareTeamRestController())->getAll($getParams);
8181 RestConfig
::apiLog($return);
8187 * path="/fhir/CareTeam/{uuid}",
8188 * description="Returns a single CareTeam resource.",
8193 * description="The uuid for the CareTeam resource.",
8201 * description="Standard Response",
8203 * mediaType="application/json",
8206 * property="json object",
8207 * description="FHIR Json object.",
8211 * "id": "94682f09-69fe-4ada-8ea6-753a52bd1516",
8214 * "lastUpdated": "2021-09-16T01:07:22+00:00"
8216 * "resourceType": "CareTeam",
8217 * "status": "active",
8219 * "reference": "Patient/94682ef5-b0e3-4289-b19a-11b9592e9c92",
8228 * "system": "http://nucc.org/provider-taxonomy",
8229 * "code": "102L00000X",
8230 * "display": "Psychoanalyst"
8236 * "reference": "Practitioner/94682c68-f712-4c39-9158-ff132a08f26b",
8237 * "type": "Practitioner"
8240 * "reference": "Organization/94682c62-b801-4498-84a1-13f158bb2a18",
8241 * "type": "Organization"
8249 * "system": "http://terminology.hl7.org/CodeSystem/data-absent-reason",
8250 * "code": "unknown",
8251 * "display": "Unknown"
8257 * "reference": "Organization/94682c62-b801-4498-84a1-13f158bb2a18",
8258 * "type": "Organization"
8268 * ref="#/components/responses/badrequest"
8272 * ref="#/components/responses/unauthorized"
8276 * ref="#/components/responses/uuidnotfound"
8278 * security={{"openemr_auth":{}}}
8281 "GET /fhir/CareTeam/:uuid" => function ($uuid, HttpRestRequest
$request) {
8282 if ($request->isPatientRequest()) {
8283 // only allow access to data of binded patient
8284 $return = (new FhirCareTeamRestController())->getOne($uuid, $request->getPatientUUIDString());
8286 RestConfig
::authorization_check("patients", "med");
8287 $return = (new FhirCareTeamRestController())->getOne($uuid);
8289 RestConfig
::apiLog($return);
8295 * path="/fhir/Condition",
8296 * description="Returns a list of Condition resources.",
8301 * description="The uuid for the Condition resource.",
8310 * description="The uuid for the patient.",
8318 * description="Standard Response",
8320 * mediaType="application/json",
8323 * property="json object",
8324 * description="FHIR Json object.",
8329 * "lastUpdated": "2021-09-14T09:13:51"
8331 * "resourceType": "Bundle",
8332 * "type": "collection",
8336 * "relation": "self",
8337 * "url": "https://localhost:9300/apis/default/fhir/Condition"
8346 * ref="#/components/responses/badrequest"
8350 * ref="#/components/responses/unauthorized"
8352 * security={{"openemr_auth":{}}}
8355 "GET /fhir/Condition" => function (HttpRestRequest
$request) {
8356 $getParams = $request->getQueryParams();
8357 if ($request->isPatientRequest()) {
8358 // only allow access to data of binded patient
8359 $return = (new FhirConditionRestController())->getAll($getParams, $request->getPatientUUIDString());
8361 RestConfig
::authorization_check("patients", "med");
8362 $return = (new FhirConditionRestController())->getAll($getParams);
8364 RestConfig
::apiLog($return);
8370 * path="/fhir/Condition/{uuid}",
8371 * description="Returns a single Condition resource.",
8376 * description="The uuid for the Condition resource.",
8384 * description="Standard Response",
8386 * mediaType="application/json",
8389 * property="json object",
8390 * description="FHIR Json object.",
8394 * "id": "94682c68-e5bb-4c5c-859a-cebaa5a1e582",
8397 * "lastUpdated": "2021-09-16T02:41:53+00:00"
8399 * "resourceType": "Condition",
8400 * "clinicalStatus": {
8403 * "system": "http://terminology.hl7.org/CodeSystem/condition-clinical",
8404 * "code": "inactive",
8405 * "display": "Inactive"
8409 * "verificationStatus": {
8412 * "system": "http://terminology.hl7.org/CodeSystem/condition-ver-status",
8413 * "code": "unconfirmed",
8414 * "display": "Unconfirmed"
8422 * "system": "http://terminology.hl7.org/CodeSystem/condition-category",
8423 * "code": "problem-list-item",
8424 * "display": "Problem List Item"
8432 * "system": "http://snomed.info/sct",
8433 * "code": "444814009",
8439 * "reference": "Patient/94682c62-d37e-48b5-8018-c5f6f3566609"
8447 * ref="#/components/responses/badrequest"
8451 * ref="#/components/responses/unauthorized"
8455 * ref="#/components/responses/uuidnotfound"
8457 * security={{"openemr_auth":{}}}
8460 "GET /fhir/Condition/:uuid" => function ($uuid, HttpRestRequest
$request) {
8461 if ($request->isPatientRequest()) {
8462 // only allow access to data of binded patient
8463 $return = (new FhirConditionRestController())->getOne($uuid, $request->getPatientUUIDString());
8465 RestConfig
::authorization_check("patients", "med");
8466 $return = (new FhirConditionRestController())->getOne($uuid);
8468 RestConfig
::apiLog($return);
8474 * path="/fhir/Coverage",
8475 * description="Returns a list of Coverage resources.",
8480 * description="The uuid for the Coverage resource.",
8489 * description="The uuid for the patient.",
8498 * description="The payor of the Coverage resource.",
8506 * description="Standard Response",
8508 * mediaType="application/json",
8511 * property="json object",
8512 * description="FHIR Json object.",
8517 * "lastUpdated": "2021-09-14T09:13:51"
8519 * "resourceType": "Bundle",
8520 * "type": "collection",
8524 * "relation": "self",
8525 * "url": "https://localhost:9300/apis/default/fhir/Coverage"
8534 * ref="#/components/responses/badrequest"
8538 * ref="#/components/responses/unauthorized"
8540 * security={{"openemr_auth":{}}}
8543 "GET /fhir/Coverage" => function (HttpRestRequest
$request) {
8544 if ($request->isPatientRequest()) {
8545 // only allow access to data of binded patient
8546 $return = (new FhirCoverageRestController())->getAll($request->getQueryParams(), $request->getPatientUUIDString());
8548 RestConfig
::authorization_check("admin", "super");
8549 $return = (new FhirCoverageRestController())->getAll($request->getQueryParams());
8551 RestConfig
::apiLog($return);
8557 * path="/fhir/Coverage/{uuid}",
8558 * description="Returns a single Coverage resource.",
8563 * description="The uuid for the Coverage resource.",
8571 * description="Standard Response",
8573 * mediaType="application/json",
8576 * property="json object",
8577 * description="FHIR Json object.",
8581 * "id": "960d5f10-edc6-4c65-a6d4-39a1e1da87a8",
8584 * "lastUpdated": "2022-04-14T07:58:45+00:00"
8586 * "resourceType": "Coverage",
8587 * "status": "active",
8589 * "reference": "Patient/960d5f08-9fdf-4bdc-9108-84a149e28bac"
8594 * "system": "http://terminology.hl7.org/CodeSystem/subscriber-relationship",
8605 * ref="#/components/responses/badrequest"
8609 * ref="#/components/responses/unauthorized"
8613 * ref="#/components/responses/uuidnotfound"
8615 * security={{"openemr_auth":{}}}
8618 "GET /fhir/Coverage/:uuid" => function ($uuid, HttpRestRequest
$request) {
8619 if ($request->isPatientRequest()) {
8620 // only allow access to data of binded patient
8621 $return = (new FhirCoverageRestController())->getOne($uuid, $request->getPatientUUIDString());
8623 RestConfig
::authorization_check("admin", "super");
8624 $return = (new FhirCoverageRestController())->getOne($uuid);
8626 RestConfig
::apiLog($return);
8632 * path="/fhir/Device",
8633 * description="Returns a list of Device resources.",
8638 * description="The uuid for the Device resource.",
8647 * description="The uuid for the patient.",
8655 * description="Standard Response",
8657 * mediaType="application/json",
8660 * property="json object",
8661 * description="FHIR Json object.",
8666 * "lastUpdated": "2021-09-14T09:13:51"
8668 * "resourceType": "Bundle",
8669 * "type": "collection",
8673 * "relation": "self",
8674 * "url": "https://localhost:9300/apis/default/fhir/Device"
8683 * ref="#/components/responses/badrequest"
8687 * ref="#/components/responses/unauthorized"
8689 * security={{"openemr_auth":{}}}
8692 "GET /fhir/Device" => function (HttpRestRequest
$request) {
8693 if ($request->isPatientRequest()) {
8694 // only allow access to data of binded patient
8695 $return = (new FhirDeviceRestController())->getAll($request->getQueryParams(), $request->getPatientUUIDString());
8697 RestConfig
::authorization_check("admin", "super");
8698 $return = (new FhirDeviceRestController())->getAll($request->getQueryParams());
8700 RestConfig
::apiLog($return);
8706 * path="/fhir/Device/{uuid}",
8707 * description="Returns a single Device resource.",
8712 * description="The uuid for the Device resource.",
8720 * description="Standard Response",
8722 * mediaType="application/json",
8725 * property="json object",
8726 * description="FHIR Json object.",
8730 * "id": "946dce19-c80a-402c-862a-eadf3f2377f0",
8733 * "lastUpdated": "2021-09-18T19:28:59+00:00"
8735 * "resourceType": "Device",
8738 * "deviceIdentifier": "08717648200274",
8739 * "carrierHRF": "=/08717648200274=,000025=A99971312345600=>014032=}013032&,1000000000000XYZ123"
8742 * "distinctIdentifier": "A99971312345600",
8743 * "manufactureDate": "2013-02-01",
8744 * "expirationDate": "2014-02-01",
8745 * "lotNumber": "000000000000XYZ123",
8746 * "serialNumber": "000025",
8750 * "valueCode": "unknown",
8751 * "url": "http://hl7.org/fhir/StructureDefinition/data-absent-reason"
8756 * "reference": "Patient/946da619-c631-431a-a282-487cd6fb7802",
8765 * ref="#/components/responses/badrequest"
8769 * ref="#/components/responses/unauthorized"
8773 * ref="#/components/responses/uuidnotfound"
8775 * security={{"openemr_auth":{}}}
8778 "GET /fhir/Device/:uuid" => function ($uuid, HttpRestRequest
$request) {
8779 if ($request->isPatientRequest()) {
8780 // only allow access to data of binded patient
8781 $return = (new FhirDeviceRestController())->getOne($uuid, $request->getPatientUUIDString());
8783 RestConfig
::authorization_check("admin", "super");
8784 $return = (new FhirDeviceRestController())->getOne($uuid);
8786 RestConfig
::apiLog($return);
8792 * path="/fhir/DiagnosticReport",
8793 * description="Returns a list of DiagnosticReport resources.",
8798 * description="The uuid for the DiagnosticReport resource.",
8807 * description="The uuid for the patient.",
8816 * description="The code of the DiagnosticReport resource.",
8825 * description="The category of the DiagnosticReport resource.",
8834 * description="The datetime of the DiagnosticReport resource.",
8842 * description="Standard Response",
8844 * mediaType="application/json",
8847 * property="json object",
8848 * description="FHIR Json object.",
8853 * "lastUpdated": "2021-09-14T09:13:51"
8855 * "resourceType": "Bundle",
8856 * "type": "collection",
8860 * "relation": "self",
8861 * "url": "https://localhost:9300/apis/default/fhir/DiagnosticReport"
8870 * ref="#/components/responses/badrequest"
8874 * ref="#/components/responses/unauthorized"
8876 * security={{"openemr_auth":{}}}
8879 "GET /fhir/DiagnosticReport" => function (HttpRestRequest
$request) {
8880 $getParams = $request->getQueryParams();
8881 if ($request->isPatientRequest()) {
8882 // only allow access to data of binded patient
8883 $return = (new FhirDiagnosticReportRestController())->getAll($getParams, $request->getPatientUUIDString());
8885 RestConfig
::authorization_check("admin", "super");
8886 $return = (new FhirDiagnosticReportRestController())->getAll($getParams);
8888 RestConfig
::apiLog($return);
8894 * path="/fhir/DiagnosticReport/{uuid}",
8895 * description="Returns a single DiagnosticReport resource.",
8900 * description="The uuid for the DiagnosticReport resource.",
8908 * description="Standard Response",
8910 * mediaType="application/json",
8913 * property="json object",
8914 * description="FHIR Json object.",
8918 * "id": "93fb2d6a-77ac-48ca-a12d-1a17e40007e3",
8921 * "lastUpdated": "2021-09-18T20:52:34+00:00"
8923 * "resourceType": "DiagnosticReport",
8924 * "status": "final",
8929 * "system": "http://loinc.org",
8930 * "code": "LP7839-6",
8931 * "display": "Pathology"
8939 * "system": "http://loinc.org",
8940 * "code": "11502-2",
8941 * "display": "Laboratory report"
8946 * "reference": "Patient/9353b8f5-0a87-4e2a-afd4-25341fdb0fbc",
8950 * "reference": "Encounter/93540818-cb5f-49df-b73b-83901bb793b6",
8951 * "type": "Encounter"
8953 * "effectiveDateTime": "2015-06-22T00:00:00+00:00",
8954 * "issued": "2015-06-22T00:00:00+00:00",
8957 * "reference": "Organization/935249b5-0ba6-4b5b-8863-a7a27d4c6350",
8958 * "type": "Organization"
8961 * "presentedForm": {
8963 * "contentType": "text/plain",
8964 * "data": "TXMgQWxpY2UgTmV3bWFuIHdhcyB0ZXN0ZWQgZm9yIHRoZSBVcmluYW5hbHlzaXMgbWFjcm8gcGFuZWwgYW5kIHRoZSByZXN1bHRzIGhhdmUgYmVlbiBmb3VuZCB0byBiZSANCm5vcm1hbC4="
8973 * ref="#/components/responses/badrequest"
8977 * ref="#/components/responses/unauthorized"
8981 * ref="#/components/responses/uuidnotfound"
8983 * security={{"openemr_auth":{}}}
8986 "GET /fhir/DiagnosticReport/:uuid" => function ($uuid, HttpRestRequest
$request) {
8987 $getParams = $request->getQueryParams();
8988 if ($request->isPatientRequest()) {
8989 // only allow access to data of binded patient
8990 $return = (new FhirDiagnosticReportRestController())->getOne($uuid, $request->getPatientUUIDString());
8992 RestConfig
::authorization_check("admin", "super");
8993 $return = (new FhirDiagnosticReportRestController())->getOne($uuid);
8995 RestConfig
::apiLog($return);
9001 * path="/fhir/DocumentReference",
9002 * description="Returns a list of DocumentReference resources.",
9007 * description="The uuid for the DocumentReference resource.",
9016 * description="The uuid for the patient.",
9025 * description="The type of the DocumentReference resource.",
9034 * description="The category of the DocumentReference resource.",
9043 * description="The datetime of the DocumentReference resource.",
9051 * description="Standard Response",
9053 * mediaType="application/json",
9056 * property="json object",
9057 * description="FHIR Json object.",
9062 * "lastUpdated": "2021-09-14T09:13:51"
9064 * "resourceType": "Bundle",
9065 * "type": "collection",
9069 * "relation": "self",
9070 * "url": "https://localhost:9300/apis/default/fhir/DocumentReference"
9079 * ref="#/components/responses/badrequest"
9083 * ref="#/components/responses/unauthorized"
9085 * security={{"openemr_auth":{}}}
9088 'GET /fhir/DocumentReference' => function (HttpRestRequest
$request) {
9089 $getParams = $request->getQueryParams();
9090 if ($request->isPatientRequest()) {
9091 // only allow access to data of binded patient
9092 $return = (new FhirDocumentReferenceRestController($request))->getAll($getParams, $request->getPatientUUIDString());
9094 RestConfig
::authorization_check("admin", "super");
9095 $return = (new FhirDocumentReferenceRestController($request))->getAll($getParams);
9097 RestConfig
::apiLog($return);
9103 * path="/fhir/DocumentReference/$docref",
9104 * description="The $docref operation is used to request the server generates a document based on the specified parameters. If no additional parameters are specified then a DocumentReference to the patient's most current Clinical Summary of Care Document (CCD) is returned. The document itself is retrieved using the DocumentReference.content.attachment.url element. See <a href='http://hl7.org/fhir/us/core/OperationDefinition-docref.html' target='_blank' rel='noopener'>http://hl7.org/fhir/us/core/OperationDefinition-docref.html</a> for more details.",
9106 * @OA\ExternalDocumentation(description="Detailed documentation on this operation", url="https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API"),
9110 * description="The uuid for the patient.",
9119 * description="The datetime refers to care dates not record currency dates. All records relating to care provided in a certain date range. If no start date is provided then all documents prior to the end date are in scope. If no start and end date are provided, the most recent or current document is in scope.",
9128 * description="The datetime refers to care dates not record currency dates. All records relating to care provided in a certain date range. If no end date is provided then all documents subsequent to the start date are in scope. If no start and end date are provided, the most recent or current document is in scope.",
9137 * description="The type refers to the document type. This is a LOINC code from the valueset of <a href='http://hl7.org/fhir/R4/valueset-c80-doc-typecodes.html' target='_blank' rel='noopener'>http://hl7.org/fhir/R4/valueset-c80-doc-typecodes.html</a>. The server currently only supports the LOINC code of 34133-9 (Summary of episode node).",
9145 * description="A search bundle of DocumentReferences is returned"
9149 * ref="#/components/responses/badrequest"
9153 * ref="#/components/responses/unauthorized"
9155 * security={{"openemr_auth":{}}}
9158 'POST /fhir/DocumentReference/$docref' => function (HttpRestRequest
$request) {
9160 // NOTE: The order of this route is IMPORTANT as it needs to come before the DocumentReference single request.
9161 if ($request->isPatientRequest()) {
9162 // only allow access to data of binded patient
9163 $return = (new FhirOperationDocRefRestController($request))->getAll($request->getQueryParams(), $request->getPatientUUIDString());
9165 // TODO: it seems like regular users should be able to grab authorship / provenance information
9166 RestConfig
::authorization_check("patients", "demo");
9167 $return = (new FhirOperationDocRefRestController($request))->getAll($request->getQueryParams());
9169 RestConfig
::apiLog($return);
9175 * path="/fhir/DocumentReference/{uuid}",
9176 * description="Returns a single DocumentReference resource.",
9181 * description="The uuid for the DocumentReference resource.",
9189 * description="Standard Response",
9191 * mediaType="application/json",
9194 * property="json object",
9195 * description="FHIR Json object.",
9199 * "id": "946e7553-1aaa-49f8-8f81-ae15ccaa9165",
9202 * "lastUpdated": "2021-09-19T03:17:51+00:00"
9204 * "resourceType": "DocumentReference",
9207 * "value": "946e7553-1aaa-49f8-8f81-ae15ccaa9165"
9210 * "status": "current",
9214 * "system": "http://terminology.hl7.org/CodeSystem/v3-NullFlavor",
9216 * "display": "unknown"
9224 * "system": "https://localhost:9300/apis/default/fhir/ValueSet/openemr-document-types",
9225 * "code": "openemr-document",
9226 * "display": "OpenEMR Document"
9232 * "reference": "Patient/946da619-c631-431a-a282-487cd6fb7802",
9235 * "date": "2021-09-19T03:15:56+00:00",
9242 * "contentType": "image/gif",
9243 * "url": "https://localhost:9300/apis/default/fhir/Binary/7"
9246 * "system": "http://ihe.net/fhir/ValueSet/IHE.FormatCode.codesystem",
9247 * "code": "urn:ihe:iti:xds:2017:mimeTypeSufficient",
9248 * "display": "mimeType Sufficient"
9258 * ref="#/components/responses/badrequest"
9262 * ref="#/components/responses/unauthorized"
9266 * ref="#/components/responses/uuidnotfound"
9268 * security={{"openemr_auth":{}}}
9271 "GET /fhir/DocumentReference/:uuid" => function ($uuid, HttpRestRequest
$request) {
9272 $getParams = $request->getQueryParams();
9273 if ($request->isPatientRequest()) {
9274 // only allow access to data of binded patient
9275 $return = (new FhirDocumentReferenceRestController($request))->getOne($uuid, $request->getPatientUUIDString());
9277 RestConfig
::authorization_check("admin", "super");
9278 $return = (new FhirDocumentReferenceRestController($request))->getOne($uuid);
9280 RestConfig
::apiLog($return);
9286 * path="/fhir/Binary/{id}",
9287 * description="Used for downloading binary documents generated either with BULK FHIR Export or with the $docref CCD export operation. Documentation can be found at <a href='https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API' target='_blank' rel='noopener'>https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API</a>",
9292 * description="The id for the Document.",
9300 * description="The documentation for working with BULK FHIR or $docref document exports can be found at <a href='https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API' target='_blank' rel='noopener'>https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API</a>"
9304 * ref="#/components/responses/badrequest"
9308 * ref="#/components/responses/unauthorized"
9310 * security={{"openemr_auth":{}}}
9313 'GET /fhir/Binary/:id' => function ($documentId, HttpRestRequest
$request) {
9314 $docController = new \OpenEMR\RestControllers\FHIR\
FhirDocumentRestController($request);
9316 if ($request->isPatientRequest()) {
9317 $response = $docController->downloadDocument($documentId, $request->getPatientUUIDString());
9319 RestConfig
::authorization_check("admin", "users");
9320 $response = $docController->downloadDocument($documentId);
9328 * path="/fhir/Encounter",
9329 * description="Returns a list of Encounter resources.",
9334 * description="The uuid for the Encounter resource.",
9343 * description="The uuid for the patient.",
9352 * description="The datetime of the Encounter resource.",
9360 * description="Standard Response",
9362 * mediaType="application/json",
9365 * property="json object",
9366 * description="FHIR Json object.",
9371 * "lastUpdated": "2021-09-14T09:13:51"
9373 * "resourceType": "Bundle",
9374 * "type": "collection",
9378 * "relation": "self",
9379 * "url": "https://localhost:9300/apis/default/fhir/Encounter"
9388 * ref="#/components/responses/badrequest"
9392 * ref="#/components/responses/unauthorized"
9394 * security={{"openemr_auth":{}}}
9397 "GET /fhir/Encounter" => function (HttpRestRequest
$request) {
9398 $getParams = $request->getQueryParams();
9399 if ($request->isPatientRequest()) {
9400 // only allow access to data of binded patient
9401 $return = (new FhirEncounterRestController())->getAll($getParams, $request->getPatientUUIDString());
9403 RestConfig
::authorization_check("encounters", "auth_a");
9404 $return = (new FhirEncounterRestController())->getAll($getParams);
9406 RestConfig
::apiLog($return);
9412 * path="/fhir/Encounter/{uuid}",
9413 * description="Returns a single Encounter resource.",
9418 * description="The uuid for the Encounter resource.",
9426 * description="Standard Response",
9428 * mediaType="application/json",
9431 * property="json object",
9432 * description="FHIR Json object.",
9436 * "id": "946da61d-6b95-4f8e-abe5-534a25913b71",
9439 * "lastUpdated": "2021-09-19T06:27:41+00:00"
9441 * "resourceType": "Encounter",
9444 * "system": "urn:ietf:rfc:3986",
9445 * "value": "946da61d-6b95-4f8e-abe5-534a25913b71"
9448 * "status": "finished",
9450 * "system": "http://terminology.hl7.org/CodeSystem/v3-ActCode",
9452 * "display": "ambulatory"
9458 * "system": "http://snomed.info/sct",
9459 * "code": "185349003",
9460 * "display": "Encounter for check up (procedure)"
9466 * "reference": "Patient/946da61b-626b-4f88-81e2-adfb88f4f0fe",
9475 * "system": "http://terminology.hl7.org/CodeSystem/v3-ParticipationType",
9477 * "display": "Primary Performer"
9483 * "start": "2012-08-13T00:00:00+00:00"
9486 * "reference": "Practitioner/946da61d-ac5f-4fdc-b3f2-7b58dc49976b",
9487 * "type": "Practitioner"
9492 * "start": "2012-08-13T00:00:00+00:00"
9500 * ref="#/components/responses/badrequest"
9504 * ref="#/components/responses/unauthorized"
9508 * ref="#/components/responses/uuidnotfound"
9510 * security={{"openemr_auth":{}}}
9513 "GET /fhir/Encounter/:uuid" => function ($uuid, HttpRestRequest
$request) {
9514 if ($request->isPatientRequest()) {
9515 // only allow access to data of binded patient
9516 $return = (new FhirEncounterRestController())->getOne($uuid, $request->getPatientUUIDString());
9518 RestConfig
::authorization_check("admin", "super");
9519 $return = (new FhirEncounterRestController())->getOne($uuid);
9521 RestConfig
::apiLog($return);
9527 * path="/fhir/Goal",
9528 * description="Returns a list of Condition resources.",
9533 * description="The uuid for the Goal resource.",
9542 * description="The uuid for the patient.",
9550 * description="Standard Response",
9552 * mediaType="application/json",
9555 * property="json object",
9556 * description="FHIR Json object.",
9561 * "lastUpdated": "2021-09-14T09:13:51"
9563 * "resourceType": "Bundle",
9564 * "type": "collection",
9568 * "relation": "self",
9569 * "url": "https://localhost:9300/apis/default/fhir/Goal"
9578 * ref="#/components/responses/badrequest"
9582 * ref="#/components/responses/unauthorized"
9584 * security={{"openemr_auth":{}}}
9587 "GET /fhir/Goal" => function (HttpRestRequest
$request) {
9588 $getParams = $request->getQueryParams();
9589 if ($request->isPatientRequest()) {
9590 // only allow access to data of binded patient
9591 $return = (new FhirGoalRestController())->getAll($getParams, $request->getPatientUUIDString());
9593 RestConfig
::authorization_check("admin", "super");
9594 $return = (new FhirGoalRestController())->getAll($getParams);
9596 RestConfig
::apiLog($return);
9602 * path="/fhir/Goal/{uuid}",
9603 * description="Returns a single Goal resource.",
9608 * description="The uuid for the Goal resource.",
9616 * description="Standard Response",
9618 * mediaType="application/json",
9621 * property="json object",
9622 * description="FHIR Json object.",
9626 * "id": "946da61d-6b88-4d54-bdd6-4029e2ad9e3f_1",
9629 * "lastUpdated": "2021-09-19T06:45:58+00:00"
9631 * "resourceType": "Goal",
9632 * "lifecycleStatus": "active",
9634 * "text": "Eating more vegetables."
9637 * "reference": "Patient/946da619-c631-431a-a282-487cd6fb7802",
9645 * "valueCode": "unknown",
9646 * "url": "http://hl7.org/fhir/StructureDefinition/data-absent-reason"
9650 * "detailString": "Eating more vegetables.",
9651 * "dueDate": "2021-09-09"
9660 * ref="#/components/responses/badrequest"
9664 * ref="#/components/responses/unauthorized"
9668 * ref="#/components/responses/uuidnotfound"
9670 * security={{"openemr_auth":{}}}
9673 "GET /fhir/Goal/:uuid" => function ($uuid, HttpRestRequest
$request) {
9674 if ($request->isPatientRequest()) {
9675 // only allow access to data of binded patient
9676 $return = (new FhirGoalRestController())->getOne($uuid, $request->getPatientUUIDString());
9678 RestConfig
::authorization_check("admin", "super");
9679 $return = (new FhirGoalRestController())->getOne($uuid);
9681 RestConfig
::apiLog($return);
9687 * path="/fhir/Group",
9688 * description="The BULK FHIR Exports documentation can be found at <a href='https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API' target='_blank' rel='noopener'>https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API</a>",
9693 * description="The uuid for the Group resource.",
9702 * description="The uuid for the patient.",
9710 * description="Standard Response",
9712 * mediaType="application/json",
9715 * property="json object",
9716 * description="FHIR Json object.",
9721 * "lastUpdated": "2021-09-14T09:13:51"
9723 * "resourceType": "Bundle",
9724 * "type": "collection",
9728 * "relation": "self",
9729 * "url": "https://localhost:9300/apis/default/fhir/Group"
9738 * ref="#/components/responses/badrequest"
9742 * ref="#/components/responses/unauthorized"
9744 * security={{"openemr_auth":{}}}
9747 'GET /fhir/Group' => function (HttpRestRequest
$request) {
9748 RestConfig
::authorization_check("admin", "users");
9749 $getParams = $request->getQueryParams();
9750 if ($request->isPatientRequest()) {
9751 // only allow access to data of binded patient
9752 $return = (new FhirGroupRestController())->getAll($getParams, $request->getPatientUUIDString());
9754 $return = (new FhirGroupRestController())->getAll($getParams);
9756 RestConfig
::apiLog($return);
9762 * path="/fhir/Group/{uuid}",
9763 * description="The BULK FHIR Exports documentation can be found at <a href='https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API' target='_blank' rel='noopener'>https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API</a>",
9768 * description="The uuid for the Group resource.",
9776 * description="The BULK FHIR Exports documentation can be found at <a href='https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API' target='_blank' rel='noopener'>https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API</a>"
9780 * ref="#/components/responses/badrequest"
9784 * ref="#/components/responses/unauthorized"
9788 * ref="#/components/responses/uuidnotfound"
9790 * security={{"openemr_auth":{}}}
9793 "GET /fhir/Group/:uuid" => function ($uuid, HttpRestRequest
$request) {
9794 RestConfig
::authorization_check("admin", "users");
9795 if ($request->isPatientRequest()) {
9796 // only allow access to data of binded patient
9797 $return = (new FhirGroupRestController())->getOne($uuid, $request->getPatientUUIDString());
9799 $return = (new FhirGroupRestController())->getOne($uuid);
9801 RestConfig
::apiLog($return);
9807 * path="/fhir/Group/{id}/$export",
9808 * description="The BULK FHIR Exports documentation can be found at <a href='https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API' target='_blank' rel='noopener'>https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API</a>",
9813 * description="The id for the Group resource.",
9821 * description="The BULK FHIR Exports documentation can be found at <a href='https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API' target='_blank' rel='noopener'>https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API</a>"
9825 * ref="#/components/responses/badrequest"
9829 * ref="#/components/responses/unauthorized"
9831 * security={{"openemr_auth":{}}}
9834 'GET /fhir/Group/:id/$export' => function ($groupId, HttpRestRequest
$request) {
9835 RestConfig
::authorization_check("admin", "users");
9836 $fhirExportService = new FhirOperationExportRestController($request);
9837 $exportParams = $request->getQueryParams();
9838 $exportParams['groupId'] = $groupId;
9839 $return = $fhirExportService->processExport(
9842 $request->getHeader('Accept')[0] ??
'',
9843 $request->getHeader('Prefer')[0] ??
''
9845 RestConfig
::apiLog($return);
9851 * path="/fhir/Immunization",
9852 * description="Returns a list of Immunization resources.",
9857 * description="The uuid for the Immunization resource.",
9866 * description="The uuid for the patient.",
9874 * description="Standard Response",
9876 * mediaType="application/json",
9879 * property="json object",
9880 * description="FHIR Json object.",
9885 * "lastUpdated": "2021-09-14T09:13:51"
9887 * "resourceType": "Bundle",
9888 * "type": "collection",
9892 * "relation": "self",
9893 * "url": "https://localhost:9300/apis/default/fhir/Immunization"
9902 * ref="#/components/responses/badrequest"
9906 * ref="#/components/responses/unauthorized"
9908 * security={{"openemr_auth":{}}}
9911 "GET /fhir/Immunization" => function (HttpRestRequest
$request) {
9912 $getParams = $request->getQueryParams();
9913 if ($request->isPatientRequest()) {
9914 // only allow access to data of binded patient
9915 $return = (new FhirImmunizationRestController())->getAll($getParams, $request->getPatientUUIDString());
9917 RestConfig
::authorization_check("patients", "med");
9918 $return = (new FhirImmunizationRestController())->getAll($getParams);
9920 RestConfig
::apiLog($return);
9926 * path="/fhir/Immunization/{uuid}",
9927 * description="Returns a single Immunization resource.",
9932 * description="The uuid for the Immunization resource.",
9940 * description="Standard Response",
9942 * mediaType="application/json",
9945 * property="json object",
9946 * description="FHIR Json object.",
9950 * "id": "95e8d8b7-e3e2-4e03-8eb1-31e1d9097d8f",
9953 * "lastUpdated": "2022-03-26T05:42:59+00:00"
9955 * "resourceType": "Immunization",
9956 * "status": "completed",
9960 * "system": "http://hl7.org/fhir/sid/cvx",
9962 * "display": "SARS-COV-2 (COVID-19) vaccine, mRNA, spike protein, LNP, preservative free, 100 mcg/0.5mL dose"
9967 * "reference": "Patient/95e8d830-3068-48cf-930a-2fefb18c2bcf"
9969 * "occurrenceDateTime": "2022-03-26T05:35:00+00:00",
9970 * "recorded": "2022-03-26T05:42:26+00:00",
9971 * "primarySource": false
9978 * ref="#/components/responses/badrequest"
9982 * ref="#/components/responses/unauthorized"
9986 * ref="#/components/responses/uuidnotfound"
9988 * security={{"openemr_auth":{}}}
9991 "GET /fhir/Immunization/:uuid" => function ($uuid, HttpRestRequest
$request) {
9992 if ($request->isPatientRequest()) {
9993 // only allow access to data of binded patient
9994 $return = (new FhirImmunizationRestController())->getOne($uuid, $request->getPatientUUIDString());
9996 RestConfig
::authorization_check("patients", "med");
9997 $return = (new FhirImmunizationRestController())->getOne($uuid);
9999 RestConfig
::apiLog($return);
10005 * path="/fhir/Location",
10006 * description="Returns a list of Location resources.",
10011 * description="The uuid for the Location resource.",
10019 * description="Standard Response",
10021 * mediaType="application/json",
10024 * property="json object",
10025 * description="FHIR Json object.",
10030 * "lastUpdated": "2021-09-14T09:13:51"
10032 * "resourceType": "Bundle",
10033 * "type": "collection",
10037 * "relation": "self",
10038 * "url": "https://localhost:9300/apis/default/fhir/Location"
10047 * ref="#/components/responses/badrequest"
10051 * ref="#/components/responses/unauthorized"
10053 * security={{"openemr_auth":{}}}
10056 "GET /fhir/Location" => function (HttpRestRequest
$request) {
10057 $return = (new FhirLocationRestController())->getAll($request->getQueryParams(), $request->getPatientUUIDString());
10058 RestConfig
::apiLog($return);
10064 * path="/fhir/Location/{uuid}",
10065 * description="Returns a single Location resource.",
10070 * description="The uuid for the Location resource.",
10078 * description="Standard Response",
10080 * mediaType="application/json",
10083 * property="json object",
10084 * description="FHIR Json object.",
10088 * "id": "946da61d-c4f2-4f03-a2a7-b571f6a24b65",
10090 * "versionId": "1",
10091 * "lastUpdated": "2021-09-19T08:14:58+00:00"
10093 * "resourceType": "Location",
10094 * "status": "active",
10095 * "name": "Your Clinic Name Here",
10098 * "system": "phone",
10099 * "value": "000-000-0000"
10103 * "value": "000-000-0000"
10112 * ref="#/components/responses/badrequest"
10116 * ref="#/components/responses/unauthorized"
10120 * ref="#/components/responses/uuidnotfound"
10122 * security={{"openemr_auth":{}}}
10125 "GET /fhir/Location/:uuid" => function ($uuid, HttpRestRequest
$request) {
10126 $return = (new FhirLocationRestController())->getOne($uuid, $request->getPatientUUIDString());
10127 RestConfig
::apiLog($return);
10133 * path="/fhir/Medication",
10134 * description="Returns a list of Medication resources.",
10138 * description="Standard Response",
10140 * mediaType="application/json",
10143 * property="json object",
10144 * description="FHIR Json object.",
10149 * "lastUpdated": "2021-09-14T09:13:51"
10151 * "resourceType": "Bundle",
10152 * "type": "collection",
10156 * "relation": "self",
10157 * "url": "https://localhost:9300/apis/default/fhir/Medication"
10166 * ref="#/components/responses/badrequest"
10170 * ref="#/components/responses/unauthorized"
10172 * security={{"openemr_auth":{}}}
10175 "GET /fhir/Medication" => function (HttpRestRequest
$request) {
10176 RestConfig
::authorization_check("patients", "med");
10177 $return = (new FhirMedicationRestController())->getAll($request->getQueryParams());
10178 RestConfig
::apiLog($return);
10184 * path="/fhir/Medication/{uuid}",
10185 * description="Returns a single Medication resource.",
10190 * description="The uuid for the Medication resource.",
10198 * description="Standard Response",
10200 * mediaType="application/json",
10203 * property="json object",
10204 * description="FHIR Json object.",
10208 * "id": "961aa334-9348-4145-8252-de665e3c4afa",
10210 * "versionId": "1",
10211 * "lastUpdated": "2022-04-19T23:42:14+00:00"
10213 * "resourceType": "Medication",
10217 * "system": "http://www.nlm.nih.gov/research/umls/rxnorm",
10222 * "status": "active",
10224 * "lotNumber": "132",
10225 * "expirationDate": "0000-00-00"
10233 * ref="#/components/responses/badrequest"
10237 * ref="#/components/responses/unauthorized"
10241 * ref="#/components/responses/uuidnotfound"
10243 * security={{"openemr_auth":{}}}
10246 "GET /fhir/Medication/:uuid" => function ($uuid, HttpRestRequest
$request) {
10247 if ($request->isPatientRequest()) {
10248 // only allow access to data of binded patient
10249 $return = (new FhirMedicationRestController())->getOne($uuid, $request->getPatientUUIDString());
10251 RestConfig
::authorization_check("patients", "med");
10252 $return = (new FhirMedicationRestController())->getOne($uuid);
10254 RestConfig
::apiLog($return);
10260 * path="/fhir/MedicationRequest",
10261 * description="Returns a list of MedicationRequest resources.",
10266 * description="The uuid for the MedicationRequest resource.",
10275 * description="The uuid for the patient.",
10284 * description="The intent of the MedicationRequest resource.",
10293 * description="The status of the MedicationRequest resource.",
10301 * description="Standard Response",
10303 * mediaType="application/json",
10306 * property="json object",
10307 * description="FHIR Json object.",
10312 * "lastUpdated": "2021-09-14T09:13:51"
10314 * "resourceType": "Bundle",
10315 * "type": "collection",
10319 * "relation": "self",
10320 * "url": "https://localhost:9300/apis/default/fhir/MedicationRequest"
10329 * ref="#/components/responses/badrequest"
10333 * ref="#/components/responses/unauthorized"
10335 * security={{"openemr_auth":{}}}
10338 "GET /fhir/MedicationRequest" => function (HttpRestRequest
$request) {
10339 $getParams = $request->getQueryParams();
10340 if ($request->isPatientRequest()) {
10341 // only allow access to data of binded patient
10342 $return = (new FhirMedicationRequestRestController())->getAll($getParams, $request->getPatientUUIDString());
10344 RestConfig
::authorization_check("patients", "med");
10345 $return = (new FhirMedicationRequestRestController())->getAll($getParams);
10347 RestConfig
::apiLog($return);
10353 * path="/fhir/MedicationRequest/{uuid}",
10354 * description="Returns a single MedicationRequest resource.",
10359 * description="The uuid for the MedicationRequest resource.",
10367 * description="Standard Response",
10369 * mediaType="application/json",
10372 * property="json object",
10373 * description="FHIR Json object.",
10377 * "id": "946da61d-9cff-4416-8d27-805f19f9d7d8",
10379 * "versionId": "1",
10380 * "lastUpdated": "2021-09-20T04:03:14+00:00"
10382 * "resourceType": "MedicationRequest",
10383 * "status": "active",
10384 * "intent": "order",
10389 * "system": "http://terminology.hl7.org/CodeSystem/medicationrequest-category",
10390 * "code": "community",
10391 * "display": "Home/Community"
10396 * "reportedBoolean": false,
10397 * "medicationCodeableConcept": {
10400 * "system": "http://www.nlm.nih.gov/research/umls/rxnorm",
10401 * "code": "1738139",
10402 * "display": "Acetaminophen 325 MG Oral Tablet"
10407 * "reference": "Patient/946da617-1a4a-4b2c-ae66-93b84377cb1e",
10408 * "type": "Patient"
10410 * "authoredOn": "2021-09-18T00:00:00+00:00",
10412 * "reference": "Practitioner/946da61d-ac5f-4fdc-b3f2-7b58dc49976b",
10413 * "type": "Practitioner"
10421 * ref="#/components/responses/badrequest"
10425 * ref="#/components/responses/unauthorized"
10429 * ref="#/components/responses/uuidnotfound"
10431 * security={{"openemr_auth":{}}}
10434 "GET /fhir/MedicationRequest/:uuid" => function ($uuid, HttpRestRequest
$request) {
10435 if ($request->isPatientRequest()) {
10436 // only allow access to data of binded patient
10437 $return = (new FhirMedicationRequestRestController())->getOne($uuid, $request->getPatientUUIDString());
10439 RestConfig
::authorization_check("patients", "med");
10440 $return = (new FhirMedicationRequestRestController())->getOne($uuid);
10442 RestConfig
::apiLog($return);
10448 * path="/fhir/Observation",
10449 * description="Returns a list of Observation resources.",
10454 * description="The uuid for the Observation resource.",
10463 * description="The uuid for the patient.",
10472 * description="The code of the Observation resource.",
10481 * description="The category of the Observation resource.",
10490 * description="The datetime of the Observation resource.",
10498 * description="Standard Response",
10500 * mediaType="application/json",
10503 * property="json object",
10504 * description="FHIR Json object.",
10509 * "lastUpdated": "2021-09-14T09:13:51"
10511 * "resourceType": "Bundle",
10512 * "type": "collection",
10516 * "relation": "self",
10517 * "url": "https://localhost:9300/apis/default/fhir/Observation"
10526 * ref="#/components/responses/badrequest"
10530 * ref="#/components/responses/unauthorized"
10532 * security={{"openemr_auth":{}}}
10535 "GET /fhir/Observation" => function (HttpRestRequest
$request) {
10536 $getParams = $request->getQueryParams();
10537 if ($request->isPatientRequest()) {
10538 // only allow access to data of binded patient
10539 $return = (new FhirObservationRestController())->getAll($getParams, $request->getPatientUUIDString());
10541 RestConfig
::authorization_check("patients", "med");
10542 $return = (new FhirObservationRestController())->getAll($getParams);
10544 RestConfig
::apiLog($return);
10550 * path="/fhir/Observation/{uuid}",
10551 * description="Returns a single Observation resource.",
10556 * description="The uuid for the Observation resource.",
10564 * description="Standard Response",
10566 * mediaType="application/json",
10569 * property="json object",
10570 * description="FHIR Json object.",
10574 * "id": "946da61e-0597-485e-9dfd-a87205ea56b3",
10576 * "versionId": "1",
10577 * "lastUpdated": "2021-09-20T04:12:16+00:00"
10579 * "resourceType": "Observation",
10580 * "status": "final",
10585 * "system": "http://terminology.hl7.org/CodeSystem/observation-category",
10586 * "code": "vital-signs"
10594 * "system": "http://loinc.org",
10595 * "code": "85354-9",
10596 * "display": "Blood pressure systolic and diastolic"
10601 * "reference": "Patient/946da619-c631-431a-a282-487cd6fb7802",
10602 * "type": "Patient"
10604 * "effectiveDateTime": "2015-08-31T00:00:00+00:00",
10610 * "system": "http://loinc.org",
10611 * "code": "8480-6",
10612 * "display": "Systolic blood pressure"
10616 * "valueQuantity": {
10618 * "unit": "mm[Hg]",
10619 * "system": "http://unitsofmeasure.org",
10627 * "system": "http://loinc.org",
10628 * "code": "8462-4",
10629 * "display": "Diastolic blood pressure"
10633 * "valueQuantity": {
10635 * "unit": "mm[Hg]",
10636 * "system": "http://unitsofmeasure.org",
10647 * ref="#/components/responses/badrequest"
10651 * ref="#/components/responses/unauthorized"
10655 * ref="#/components/responses/uuidnotfound"
10657 * security={{"openemr_auth":{}}}
10660 "GET /fhir/Observation/:uuid" => function ($uuid, HttpRestRequest
$request) {
10661 if ($request->isPatientRequest()) {
10662 // only allow access to data of binded patient
10663 $return = (new FhirObservationRestController())->getOne($uuid, $request->getPatientUUIDString());
10665 RestConfig
::authorization_check("patients", "med");
10666 $return = (new FhirObservationRestController())->getOne($uuid);
10668 RestConfig
::apiLog($return);
10674 * path="/fhir/Organization",
10675 * description="Returns a list of Organization resources.",
10680 * description="The uuid for the Organization resource.",
10689 * description="The name of the Organization resource.",
10698 * description="The email of the Organization resource.",
10707 * description="The phone of the Organization resource.",
10716 * description="The telecom of the Organization resource.",
10725 * description="The address of the Organization resource.",
10732 * name="address-city",
10734 * description="The address-city of the Organization resource.",
10741 * name="address-postalcode",
10743 * description="The address-postalcode of the Organization resource.",
10750 * name="address-state",
10752 * description="The address-state of the Organization resource.",
10760 * description="Standard Response",
10762 * mediaType="application/json",
10765 * property="json object",
10766 * description="FHIR Json object.",
10771 * "lastUpdated": "2021-09-14T09:13:51"
10773 * "resourceType": "Bundle",
10774 * "type": "collection",
10778 * "relation": "self",
10779 * "url": "https://localhost:9300/apis/default/fhir/Organization"
10788 * ref="#/components/responses/badrequest"
10792 * ref="#/components/responses/unauthorized"
10794 * security={{"openemr_auth":{}}}
10797 "GET /fhir/Organization" => function (HttpRestRequest
$request) {
10798 if (!$request->isPatientRequest()) {
10799 RestConfig
::authorization_check("admin", "users");
10801 $return = (new FhirOrganizationRestController())->getAll($request->getQueryParams());
10802 RestConfig
::apiLog($return);
10808 * path="/fhir/Organization/{uuid}",
10809 * description="Returns a single Organization resource.",
10814 * description="The uuid for the Organization resource.",
10822 * description="Standard Response",
10824 * mediaType="application/json",
10827 * property="json object",
10828 * description="FHIR Json object.",
10832 * "id": "95f0e672-be37-4c73-95c9-649c2d200018",
10834 * "versionId": "1",
10835 * "lastUpdated": "2022-03-30T07:43:23+00:00"
10837 * "resourceType": "Organization",
10839 * "status": "generated",
10840 * "div": "<div xmlns='http://www.w3.org/1999/xhtml'> <p>Your Clinic Name Here</p></div>"
10844 * "system": "http://hl7.org/fhir/sid/us-npi",
10845 * "value": "1234567890"
10853 * "system": "http://terminology.hl7.org/CodeSystem/organization-type",
10855 * "display": "Healthcare Provider"
10860 * "name": "Your Clinic Name Here",
10863 * "system": "phone",
10864 * "value": "000-000-0000",
10869 * "value": "000-000-0000",
10882 * ref="#/components/responses/badrequest"
10886 * ref="#/components/responses/unauthorized"
10890 * ref="#/components/responses/uuidnotfound"
10892 * security={{"openemr_auth":{}}}
10895 "GET /fhir/Organization/:uuid" => function ($uuid, HttpRestRequest
$request) {
10896 $patientUUID = null;
10897 if (!$request->isPatientRequest()) {
10898 RestConfig
::authorization_check("admin", "users");
10900 $patientUUID = $request->getPatientUUIDString();
10902 $return = (new FhirOrganizationRestController())->getOne($uuid, $patientUUID);
10904 RestConfig
::apiLog($return);
10910 * path="/fhir/Organization",
10911 * description="Adds a Organization resource.",
10916 * mediaType="application/json",
10918 * description="The json object for the Organization resource.",
10922 * "id": "95f0e672-be37-4c73-95c9-649c2d200018",
10924 * "versionId": "1",
10925 * "lastUpdated": "2022-03-30T07:43:23+00:00"
10927 * "resourceType": "Organization",
10929 * "status": "generated",
10930 * "div": "<div xmlns='http://www.w3.org/1999/xhtml'> <p>Your Clinic Name Here</p></div>"
10934 * "system": "http://hl7.org/fhir/sid/us-npi",
10935 * "value": "1234567890"
10943 * "system": "http://terminology.hl7.org/CodeSystem/organization-type",
10945 * "display": "Healthcare Provider"
10950 * "name": "Your Clinic Name Here Hey",
10953 * "system": "phone",
10954 * "value": "000-000-0000",
10959 * "value": "000-000-0000",
10971 * description="Standard Response",
10973 * mediaType="application/json",
10976 * property="json object",
10977 * description="FHIR Json object.",
10981 * "id": "95f0e672-be37-4c73-95c9-649c2d200018",
10983 * "versionId": "1",
10984 * "lastUpdated": "2022-03-30T07:43:23+00:00"
10986 * "resourceType": "Organization",
10988 * "status": "generated",
10989 * "div": "<div xmlns='http://www.w3.org/1999/xhtml'> <p>Your Clinic Name Here</p></div>"
10993 * "system": "http://hl7.org/fhir/sid/us-npi",
10994 * "value": "1234567890"
11002 * "system": "http://terminology.hl7.org/CodeSystem/organization-type",
11004 * "display": "Healthcare Provider"
11009 * "name": "Your Clinic Name Here Now",
11012 * "system": "phone",
11013 * "value": "000-000-0000",
11018 * "value": "000-000-0000",
11031 * ref="#/components/responses/badrequest"
11035 * ref="#/components/responses/unauthorized"
11037 * security={{"openemr_auth":{}}}
11040 "POST /fhir/Organization" => function (HttpRestRequest
$request) {
11041 RestConfig
::authorization_check("admin", "super");
11042 $data = (array) (json_decode(file_get_contents("php://input"), true));
11043 $return = (new FhirOrganizationRestController())->post($data);
11044 RestConfig
::apiLog($return, $data);
11050 * path="/fhir/Organization/{uuid}",
11051 * description="Modifies a Organization resource.",
11056 * description="The uuid for the organization.",
11065 * mediaType="application/json",
11067 * description="The json object for the Organization resource.",
11071 * "id": "95f0e672-be37-4c73-95c9-649c2d200018",
11073 * "versionId": "1",
11074 * "lastUpdated": "2022-03-30T07:43:23+00:00"
11076 * "resourceType": "Organization",
11078 * "status": "generated",
11079 * "div": "<div xmlns='http://www.w3.org/1999/xhtml'> <p>Your Clinic Name Here</p></div>"
11083 * "system": "http://hl7.org/fhir/sid/us-npi",
11084 * "value": "1234567890"
11092 * "system": "http://terminology.hl7.org/CodeSystem/organization-type",
11094 * "display": "Healthcare Provider"
11099 * "name": "Your Clinic Name Here",
11102 * "system": "phone",
11103 * "value": "000-000-0000",
11108 * "value": "000-000-0000",
11120 * description="Standard Response",
11122 * mediaType="application/json",
11126 * "uuid": "95f217c1-258c-44ca-bf11-909dce369574"
11133 * ref="#/components/responses/badrequest"
11137 * ref="#/components/responses/unauthorized"
11139 * security={{"openemr_auth":{}}}
11142 "PUT /fhir/Organization/:uuid" => function ($uuid, HttpRestRequest
$request) {
11143 RestConfig
::authorization_check("admin", "super");
11144 $data = (array) (json_decode(file_get_contents("php://input"), true));
11145 $return = (new FhirOrganizationRestController())->patch($uuid, $data);
11146 RestConfig
::apiLog($return, $data);
11152 * path="/fhir/Patient",
11153 * description="Adds a Patient resource.",
11158 * mediaType="application/json",
11160 * description="The json object for the Patient resource.",
11164 * "id": "95f22ff4-dd25-4290-8b52-1dd2fedf8e54",
11166 * "versionId": "1",
11167 * "lastUpdated": "2022-03-31T02:48:28+00:00"
11169 * "resourceType": "Patient",
11171 * "status": "generated",
11172 * "div": "<div xmlns='http://www.w3.org/1999/xhtml'> <p>Brenda Smith</p></div>"
11176 * "valueCode": "F",
11177 * "url": "http://hl7.org/fhir/us/core/StructureDefinition/us-core-birthsex"
11183 * "system": "http://terminology.hl7.org/CodeSystem/v3-NullFlavor",
11185 * "display": "Unknown"
11187 * "url": "ombCategory"
11190 * "valueString": "Unknown",
11194 * "url": "http://hl7.org/fhir/us/core/StructureDefinition/us-core-race"
11199 * "use": "official",
11203 * "system": "http://terminology.hl7.org/CodeSystem/v2-0203",
11208 * "system": "http://terminology.hl7.org/CodeSystem/v2-0203",
11215 * "use": "official",
11216 * "family": "Smith",
11222 * "gender": "female",
11223 * "birthDate": "2017-03-10",
11224 * "communication": {
11229 * "system": "http://terminology.hl7.org/CodeSystem/data-absent-reason",
11230 * "code": "unknown",
11231 * "display": "Unknown"
11242 * description="Standard Response",
11244 * mediaType="application/json",
11247 * property="json object",
11248 * description="FHIR Json object.",
11252 * "id": "95f22ff4-dd25-4290-8b52-1dd2fedf8e54",
11254 * "versionId": "1",
11255 * "lastUpdated": "2022-03-31T02:48:28+00:00"
11257 * "resourceType": "Patient",
11259 * "status": "generated",
11260 * "div": "<div xmlns='http://www.w3.org/1999/xhtml'> <p>Brenda Smith</p></div>"
11264 * "valueCode": "F",
11265 * "url": "http://hl7.org/fhir/us/core/StructureDefinition/us-core-birthsex"
11271 * "system": "http://terminology.hl7.org/CodeSystem/v3-NullFlavor",
11273 * "display": "Unknown"
11275 * "url": "ombCategory"
11278 * "valueString": "Unknown",
11282 * "url": "http://hl7.org/fhir/us/core/StructureDefinition/us-core-race"
11287 * "use": "official",
11291 * "system": "http://terminology.hl7.org/CodeSystem/v2-0203",
11296 * "system": "http://terminology.hl7.org/CodeSystem/v2-0203",
11303 * "use": "official",
11304 * "family": "Smith",
11310 * "gender": "female",
11311 * "birthDate": "2017-03-10",
11312 * "communication": {
11317 * "system": "http://terminology.hl7.org/CodeSystem/data-absent-reason",
11318 * "code": "unknown",
11319 * "display": "Unknown"
11331 * ref="#/components/responses/badrequest"
11335 * ref="#/components/responses/unauthorized"
11337 * security={{"openemr_auth":{}}}
11340 "POST /fhir/Patient" => function (HttpRestRequest
$request) {
11341 RestConfig
::authorization_check("patients", "demo");
11342 $data = (array) (json_decode(file_get_contents("php://input"), true));
11343 $return = (new FhirPatientRestController())->post($data);
11344 RestConfig
::apiLog($return, $data);
11350 * path="/fhir/Patient/{uuid}",
11351 * description="Modifies a Patient resource.",
11356 * description="The uuid for the Patient resource.",
11365 * mediaType="application/json",
11367 * description="The json object for the Patient resource.",
11371 * "id": "95f22ff4-dd25-4290-8b52-1dd2fedf8e54",
11373 * "versionId": "1",
11374 * "lastUpdated": "2022-03-31T02:48:28+00:00"
11376 * "resourceType": "Patient",
11378 * "status": "generated",
11379 * "div": "<div xmlns='http://www.w3.org/1999/xhtml'> <p>Brenda Smith</p></div>"
11383 * "valueCode": "F",
11384 * "url": "http://hl7.org/fhir/us/core/StructureDefinition/us-core-birthsex"
11390 * "system": "http://terminology.hl7.org/CodeSystem/v3-NullFlavor",
11392 * "display": "Unknown"
11394 * "url": "ombCategory"
11397 * "valueString": "Unknown",
11401 * "url": "http://hl7.org/fhir/us/core/StructureDefinition/us-core-race"
11406 * "use": "official",
11410 * "system": "http://terminology.hl7.org/CodeSystem/v2-0203",
11415 * "system": "http://terminology.hl7.org/CodeSystem/v2-0203",
11422 * "use": "official",
11423 * "family": "Smith",
11429 * "gender": "female",
11430 * "birthDate": "2017-03-10",
11431 * "communication": {
11436 * "system": "http://terminology.hl7.org/CodeSystem/data-absent-reason",
11437 * "code": "unknown",
11438 * "display": "Unknown"
11449 * description="Standard Response",
11451 * mediaType="application/json",
11455 * "uuid": "95f2ad04-5834-4243-8838-e396a7faadbf"
11462 * ref="#/components/responses/badrequest"
11466 * ref="#/components/responses/unauthorized"
11468 * security={{"openemr_auth":{}}}
11471 "PUT /fhir/Patient/:uuid" => function ($uuid, HttpRestRequest
$request) {
11472 RestConfig
::authorization_check("patients", "demo");
11473 $data = (array) (json_decode(file_get_contents("php://input"), true));
11474 $return = (new FhirPatientRestController())->put($uuid, $data);
11475 RestConfig
::apiLog($return, $data);
11481 * path="/fhir/Patient",
11482 * description="Returns a list of Patient resources.",
11487 * description="The uuid for the Patient resource.",
11494 * name="identifier",
11496 * description="The identifier of the Patient resource.",
11505 * description="The name of the Patient resource.",
11512 * name="birthdate",
11514 * description="The birthdate of the Patient resource.",
11523 * description="The gender of the Patient resource.",
11532 * description="The address of the Patient resource.",
11539 * name="address-city",
11541 * description="The address-city of the Patient resource.",
11548 * name="address-postalcode",
11550 * description="The address-postalcode of the Patient resource.",
11557 * name="address-state",
11559 * description="The address-state of the Patient resource.",
11568 * description="The email of the Patient resource.",
11577 * description="The family name of the Patient resource.",
11586 * description="The given name of the Patient resource.",
11595 * description="The phone number of the Patient resource.",
11604 * description="The fax number of the Patient resource.",
11611 * ref="#/components/parameters/_lastUpdated"
11615 * description="Standard Response",
11617 * mediaType="application/json",
11620 * property="json object",
11621 * description="FHIR Json object.",
11626 * "lastUpdated": "2021-09-14T09:13:51"
11628 * "resourceType": "Bundle",
11629 * "type": "collection",
11633 * "relation": "self",
11634 * "url": "https://localhost:9300/apis/default/fhir/Patient"
11643 * ref="#/components/responses/badrequest"
11647 * ref="#/components/responses/unauthorized"
11649 * security={{"openemr_auth":{}}}
11652 "GET /fhir/Patient" => function (HttpRestRequest
$request) {
11653 $params = $request->getQueryParams();
11654 if ($request->isPatientRequest()) {
11655 // only allow access to data of binded patient
11656 // Note in Patient context still have to return a bundle even if it is just one resource. (ie.
11657 // need to use getAll rather than getOne)
11658 $params['_id'] = $request->getPatientUUIDString();
11659 $return = (new FhirPatientRestController())->getAll($params, $request->getPatientUUIDString());
11661 RestConfig
::authorization_check("patients", "demo");
11662 $return = (new FhirPatientRestController())->getAll($params);
11664 RestConfig
::apiLog($return);
11670 * path="/fhir/Patient/$export",
11671 * description="The BULK FHIR Exports documentation can be found at <a href='https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API' target='_blank' rel='noopener'>https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API</a>",
11675 * description="The BULK FHIR Exports documentation can be found at <a href='https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API' target='_blank' rel='noopener'>https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API</a>"
11679 * ref="#/components/responses/badrequest"
11683 * ref="#/components/responses/unauthorized"
11685 * security={{"openemr_auth":{}}}
11688 // we have to have the bulk fhir export operation here otherwise it will match $export to the patient $id
11689 'GET /fhir/Patient/$export' => function (HttpRestRequest
$request) {
11690 RestConfig
::authorization_check("admin", "users");
11691 $fhirExportService = new FhirOperationExportRestController($request);
11692 $return = $fhirExportService->processExport(
11693 $request->getQueryParams(),
11695 $request->getHeader('Accept')[0] ??
'',
11696 $request->getHeader('Prefer')[0] ??
''
11698 RestConfig
::apiLog($return);
11704 * path="/fhir/Patient/{uuid}",
11705 * description="Returns a single Patient resource.",
11710 * description="The uuid for the Patient resource.",
11718 * description="Standard Response",
11720 * mediaType="application/json",
11723 * property="json object",
11724 * description="FHIR Json object.",
11728 * "id": "946da617-1a4a-4b2c-ae66-93b84377cb1e",
11730 * "versionId": "1",
11731 * "lastUpdated": "2021-09-21T17:08:03+00:00"
11733 * "resourceType": "Patient",
11735 * "status": "generated",
11736 * "div": "<div xmlns=""http://www.w3.org/1999/xhtml""> <p>Aurore252 Von197</p></div>"
11740 * "valueCode": "F",
11741 * "url": "http://hl7.org/fhir/us/core/StructureDefinition/us-core-birthsex"
11747 * "system": "urn:oid:2.16.840.1.113883.6.238",
11748 * "code": "1006-6",
11749 * "display": "Abenaki"
11751 * "url": "ombCategory"
11754 * "valueString": "Abenaki",
11758 * "url": "http://hl7.org/fhir/us/core/StructureDefinition/us-core-race"
11763 * "valueString": "Declined To Specify",
11767 * "url": "http://hl7.org/fhir/us/core/StructureDefinition/us-core-ethnicity"
11772 * "use": "official",
11776 * "system": "http://terminology.hl7.org/CodeSystem/v2-0203",
11781 * "system": "http://terminology.hl7.org/CodeSystem/v2-0203",
11788 * "use": "official",
11789 * "family": "Von197",
11795 * "gender": "female",
11796 * "birthDate": "1970-07-03",
11802 * "city": "Boston",
11803 * "state": "Massachusetts",
11804 * "postalCode": "02215",
11806 * "start": "2020-09-21T17:08:03.532+00:00"
11810 * "communication": {
11815 * "system": "http://terminology.hl7.org/CodeSystem/data-absent-reason",
11816 * "code": "unknown",
11817 * "display": "Unknown"
11829 * ref="#/components/responses/badrequest"
11833 * ref="#/components/responses/unauthorized"
11837 * ref="#/components/responses/uuidnotfound"
11839 * security={{"openemr_auth":{}}}
11842 "GET /fhir/Patient/:uuid" => function ($uuid, HttpRestRequest
$request) {
11843 if ($request->isPatientRequest()) {
11844 // only allow access to data of binded patient
11845 if (empty($uuid) ||
($uuid != $request->getPatientUUIDString())) {
11846 throw new AccessDeniedException("patients", "demo", "patient id invalid");
11848 $uuid = $request->getPatientUUIDString();
11850 RestConfig
::authorization_check("patients", "demo");
11852 $return = (new FhirPatientRestController())->getOne($uuid);
11853 RestConfig
::apiLog($return);
11859 * path="/fhir/Person",
11860 * description="Returns a list of Person resources.",
11865 * description="The name of the Person resource.",
11874 * description="The active status of the Person resource.",
11883 * description="The address of the Person resource.",
11890 * name="address-city",
11892 * description="The address-city of the Person resource.",
11899 * name="address-postalcode",
11901 * description="The address-postalcode of the Person resource.",
11908 * name="address-state",
11910 * description="The address-state of the Person resource.",
11919 * description="The email of the Person resource.",
11928 * description="The family name of the Person resource.",
11937 * description="The given name of the Person resource.",
11946 * description="The phone number of the Person resource.",
11955 * description="The fax number of the Person resource.",
11963 * description="Standard Response",
11965 * mediaType="application/json",
11968 * property="json object",
11969 * description="FHIR Json object.",
11974 * "lastUpdated": "2021-09-14T09:13:51"
11976 * "resourceType": "Bundle",
11977 * "type": "collection",
11981 * "relation": "self",
11982 * "url": "https://localhost:9300/apis/default/fhir/Person"
11991 * ref="#/components/responses/badrequest"
11995 * ref="#/components/responses/unauthorized"
11997 * security={{"openemr_auth":{}}}
12000 "GET /fhir/Person" => function (HttpRestRequest
$request) {
12001 RestConfig
::authorization_check("admin", "users");
12002 $return = (new FhirPersonRestController())->getAll($request->getQueryParams());
12003 RestConfig
::apiLog($return);
12009 * path="/fhir/Person/{uuid}",
12010 * description="Returns a single Person resource.",
12015 * description="The uuid for the Person resource.",
12023 * description="Standard Response",
12025 * mediaType="application/json",
12028 * property="json object",
12029 * description="FHIR Json object.",
12033 * "id": "960c7cd6-187a-4119-8cd4-85389d80efb9",
12035 * "versionId": "1",
12036 * "lastUpdated": "2022-04-13T08:57:32+00:00"
12038 * "resourceType": "Person",
12040 * "status": "generated",
12041 * "div": "<div xmlns='http://www.w3.org/1999/xhtml'> <p>Administrator Administrator</p></div>"
12045 * "use": "official",
12046 * "family": "Administrator",
12055 * "system": "phone",
12056 * "value": "1234567890",
12060 * "system": "phone",
12061 * "value": "1234567890",
12065 * "system": "phone",
12066 * "value": "1234567890",
12070 * "system": "email",
12071 * "value": "hey@hey.com",
12078 * "123 Lane Street"
12080 * "city": "Bellevue",
12083 * "start": "2021-04-13T08:57:32.146+00:00"
12094 * ref="#/components/responses/badrequest"
12098 * ref="#/components/responses/unauthorized"
12102 * ref="#/components/responses/uuidnotfound"
12104 * security={{"openemr_auth":{}}}
12107 "GET /fhir/Person/:uuid" => function ($uuid, HttpRestRequest
$request) {
12108 // if the api user is requesting their own user we need to let it through
12109 // this is because the /Person endpoint needs to be responsive to the fhirUser return value
12110 // for the currently logged in user
12111 if ($request->getRequestUserUUIDString() == $uuid) {
12112 $return = (new FhirPersonRestController())->getOne($uuid);
12113 } elseif (!$request->isPatientRequest()) {
12114 // not a patient ,make sure we have access to the users ACL
12115 RestConfig
::authorization_check("admin", "users");
12116 $return = (new FhirPersonRestController())->getOne($uuid);
12118 // if we are a patient bound request we need to make sure we are only bound to the patient
12119 $return = (new FhirPersonRestController())->getOne($uuid, $request->getPatientUUIDString());
12122 RestConfig
::apiLog($return);
12128 * path="/fhir/Practitioner",
12129 * description="Returns a list of Practitioner resources.",
12134 * description="The uuid for the Practitioner resource.",
12143 * description="The name of the Practitioner resource.",
12152 * description="The active status of the Practitioner resource.",
12161 * description="The address of the Practitioner resource.",
12168 * name="address-city",
12170 * description="The address-city of the Practitioner resource.",
12177 * name="address-postalcode",
12179 * description="The address-postalcode of the Practitioner resource.",
12186 * name="address-state",
12188 * description="The address-state of the Practitioner resource.",
12197 * description="The email of the Practitioner resource.",
12206 * description="The family name of the Practitioner resource.",
12215 * description="The given name of the Practitioner resource.",
12224 * description="The phone number of the Practitioner resource.",
12233 * description="The fax number of the Practitioner resource.",
12241 * description="Standard Response",
12243 * mediaType="application/json",
12246 * property="json object",
12247 * description="FHIR Json object.",
12252 * "lastUpdated": "2021-09-14T09:13:51"
12254 * "resourceType": "Bundle",
12255 * "type": "collection",
12259 * "relation": "self",
12260 * "url": "https://localhost:9300/apis/default/fhir/Practitioner"
12269 * ref="#/components/responses/badrequest"
12273 * ref="#/components/responses/unauthorized"
12275 * security={{"openemr_auth":{}}}
12278 "GET /fhir/Practitioner" => function (HttpRestRequest
$request) {
12280 // TODO: @adunsulag talk with brady.miller about patients needing access to any practitioner resource
12281 // that is referenced in connected patient resources -- such as AllergyIntollerance.
12282 // I don't believe patients are assigned to a particular practitioner
12283 // should we allow just open api access to admin information? Should we restrict particular pieces
12284 // of data in the practitioner side (phone number, address information) based on a permission set?
12285 if (!$request->isPatientRequest()) {
12286 RestConfig
::authorization_check("admin", "users");
12288 $return = (new FhirPractitionerRestController())->getAll($request->getQueryParams());
12289 RestConfig
::apiLog($return);
12295 * path="/fhir/Practitioner/{uuid}",
12296 * description="Returns a single Practitioner resource.",
12301 * description="The uuid for the Practitioner resource.",
12309 * description="Standard Response",
12311 * mediaType="application/json",
12314 * property="json object",
12315 * description="FHIR Json object.",
12319 * "id": "9473b0cf-e969-4eaa-8044-51037767fa4f",
12321 * "versionId": "1",
12322 * "lastUpdated": "2021-09-21T17:41:57+00:00"
12324 * "resourceType": "Practitioner",
12326 * "status": "generated",
12327 * "div": "<div xmlns=""http://www.w3.org/1999/xhtml""> <p>Billy Smith</p></div>"
12331 * "system": "http://hl7.org/fhir/sid/us-npi",
12332 * "value": "11223344554543"
12338 * "use": "official",
12339 * "family": "Smith",
12351 * ref="#/components/responses/badrequest"
12355 * ref="#/components/responses/unauthorized"
12359 * ref="#/components/responses/uuidnotfound"
12361 * security={{"openemr_auth":{}}}
12364 "GET /fhir/Practitioner/:uuid" => function ($uuid, HttpRestRequest
$request) {
12365 // TODO: @adunsulag talk with brady.miller about patients needing access to any practitioner resource
12366 // that is referenced in connected patient resources -- such as AllergyIntollerance.
12367 // I don't believe patients are assigned to a particular practitioner
12368 // should we allow just open api access to admin information? Should we restrict particular pieces
12369 // of data in the practitioner side (phone number, address information) based on a permission set?
12370 if (!$request->isPatientRequest()) {
12371 RestConfig
::authorization_check("admin", "users");
12373 $return = (new FhirPractitionerRestController())->getOne($uuid);
12374 RestConfig
::apiLog($return);
12380 * path="/fhir/Practitioner",
12381 * description="Adds a Practitioner resources.",
12386 * mediaType="application/json",
12388 * description="The json object for the Practitioner resource.",
12392 * "id": "9473b0cf-e969-4eaa-8044-51037767fa4f",
12394 * "versionId": "1",
12395 * "lastUpdated": "2021-09-21T17:41:57+00:00"
12397 * "resourceType": "Practitioner",
12399 * "status": "generated",
12400 * "div": "<div xmlns=""http://www.w3.org/1999/xhtml""> <p>Billy Smith</p></div>"
12404 * "system": "http://hl7.org/fhir/sid/us-npi",
12405 * "value": "11223344554543"
12411 * "use": "official",
12412 * "family": "Smith",
12423 * description="Standard Response",
12425 * mediaType="application/json",
12428 * property="json object",
12429 * description="FHIR Json object.",
12433 * "id": "9473b0cf-e969-4eaa-8044-51037767fa4f",
12435 * "versionId": "1",
12436 * "lastUpdated": "2021-09-21T17:41:57+00:00"
12438 * "resourceType": "Practitioner",
12440 * "status": "generated",
12441 * "div": "<div xmlns=""http://www.w3.org/1999/xhtml""> <p>Billy Smith</p></div>"
12445 * "system": "http://hl7.org/fhir/sid/us-npi",
12446 * "value": "11223344554543"
12452 * "use": "official",
12453 * "family": "Smith",
12465 * ref="#/components/responses/badrequest"
12469 * ref="#/components/responses/unauthorized"
12471 * security={{"openemr_auth":{}}}
12474 "POST /fhir/Practitioner" => function (HttpRestRequest
$request) {
12475 RestConfig
::authorization_check("admin", "users");
12476 $data = (array) (json_decode(file_get_contents("php://input"), true));
12477 $return = (new FhirPractitionerRestController())->post($data);
12478 RestConfig
::apiLog($return, $data);
12484 * path="/fhir/Practitioner/{uuid}",
12485 * description="Modify a Practitioner resource.",
12490 * description="The uuid for the Practitioner resource.",
12499 * mediaType="application/json",
12501 * description="The json object for the Practitioner resource.",
12505 * "id": "9473b0cf-e969-4eaa-8044-51037767fa4f",
12507 * "versionId": "1",
12508 * "lastUpdated": "2021-09-21T17:41:57+00:00"
12510 * "resourceType": "Practitioner",
12512 * "status": "generated",
12513 * "div": "<div xmlns=""http://www.w3.org/1999/xhtml""> <p>Billy Smith</p></div>"
12517 * "system": "http://hl7.org/fhir/sid/us-npi",
12518 * "value": "11223344554543"
12524 * "use": "official",
12525 * "family": "Smith",
12536 * description="Standard Response",
12538 * mediaType="application/json",
12542 * "uuid": "95f294d7-e14c-441d-81a6-309fe369ee21"
12549 * ref="#/components/responses/badrequest"
12553 * ref="#/components/responses/unauthorized"
12555 * security={{"openemr_auth":{}}}
12558 "PUT /fhir/Practitioner/:uuid" => function ($uuid, HttpRestRequest
$request) {
12559 RestConfig
::authorization_check("admin", "users");
12560 $data = (array) (json_decode(file_get_contents("php://input"), true));
12561 $return = (new FhirPractitionerRestController())->patch($uuid, $data);
12562 RestConfig
::apiLog($return, $data);
12568 * path="/fhir/PractitionerRole",
12569 * description="Returns a list of PractitionerRole resources.",
12572 * name="specialty",
12574 * description="The specialty of the PractitionerRole resource.",
12581 * name="practitioner",
12583 * description="The practitioner of the PractitionerRole resource.",
12591 * description="Standard Response",
12593 * mediaType="application/json",
12596 * property="json object",
12597 * description="FHIR Json object.",
12602 * "lastUpdated": "2021-09-14T09:13:51"
12604 * "resourceType": "Bundle",
12605 * "type": "collection",
12609 * "relation": "self",
12610 * "url": "https://localhost:9300/apis/default/fhir/PractitionerRole"
12619 * ref="#/components/responses/badrequest"
12623 * ref="#/components/responses/unauthorized"
12625 * security={{"openemr_auth":{}}}
12628 "GET /fhir/PractitionerRole" => function (HttpRestRequest
$request) {
12629 RestConfig
::authorization_check("admin", "users");
12630 $return = (new FhirPractitionerRoleRestController())->getAll($request->getQueryParams());
12631 RestConfig
::apiLog($return);
12637 * path="/fhir/PractitionerRole/{uuid}",
12638 * description="Returns a single PractitionerRole resource.",
12643 * description="The uuid for the PractitionerRole resource.",
12651 * description="Standard Response",
12653 * mediaType="application/json",
12656 * property="json object",
12657 * description="FHIR Json object.",
12661 * "id": "960c806f-9463-482e-b228-67b5be1fed55",
12663 * "versionId": "1",
12664 * "lastUpdated": "2022-04-13T06:18:17+00:00"
12666 * "resourceType": "PractitionerRole",
12667 * "practitioner": {
12668 * "reference": "Practitioner/960c7cd6-187a-4119-8cd4-85389d80efb9",
12669 * "display": "Administrator Administrator"
12671 * "organization": {
12672 * "reference": "Organization/960c7cc6-b4ae-49bc-877b-1a2913271c43",
12673 * "display": "Your Clinic Name Here"
12680 * "text": "Psychoanalyst"
12686 * "text": "Counselor"
12695 * ref="#/components/responses/badrequest"
12699 * ref="#/components/responses/unauthorized"
12703 * ref="#/components/responses/uuidnotfound"
12705 * security={{"openemr_auth":{}}}
12708 "GET /fhir/PractitionerRole/:uuid" => function ($uuid, HttpRestRequest
$request) {
12709 RestConfig
::authorization_check("admin", "users");
12710 $return = (new FhirPractitionerRoleRestController())->getOne($uuid);
12711 RestConfig
::apiLog($return);
12717 * path="/fhir/Procedure",
12718 * description="Returns a list of Procedure resources.",
12723 * description="The uuid for the Procedure resource.",
12732 * description="The uuid for the patient.",
12741 * description="The datetime of the Procedure resource.",
12749 * description="Standard Response",
12751 * mediaType="application/json",
12754 * property="json object",
12755 * description="FHIR Json object.",
12760 * "lastUpdated": "2021-09-14T09:13:51"
12762 * "resourceType": "Bundle",
12763 * "type": "collection",
12767 * "relation": "self",
12768 * "url": "https://localhost:9300/apis/default/fhir/Procedure"
12777 * ref="#/components/responses/badrequest"
12781 * ref="#/components/responses/unauthorized"
12783 * security={{"openemr_auth":{}}}
12786 "GET /fhir/Procedure" => function (HttpRestRequest
$request) {
12787 if ($request->isPatientRequest()) {
12788 // only allow access to data of binded patient
12789 $return = (new FhirProcedureRestController())->getAll($request->getQueryParams(), $request->getPatientUUIDString());
12791 RestConfig
::authorization_check("patients", "med");
12792 $return = (new FhirProcedureRestController())->getAll($request->getQueryParams());
12794 RestConfig
::apiLog($return);
12800 * path="/fhir/Procedure/{uuid}",
12801 * description="Returns a single Procedure resource.",
12806 * description="The uuid for the Procedure resource.",
12814 * description="Standard Response",
12816 * mediaType="application/json",
12819 * property="json object",
12820 * description="FHIR Json object.",
12824 * "id": "95e9d3fb-fe7b-448a-aa60-d40b11b486a5",
12826 * "versionId": "1",
12827 * "lastUpdated": "2022-03-26T17:20:14+00:00"
12829 * "resourceType": "Procedure",
12830 * "status": "in-progress",
12832 * "reference": "Patient/95e8d830-3068-48cf-930a-2fefb18c2bcf",
12833 * "type": "Patient"
12841 * ref="#/components/responses/badrequest"
12845 * ref="#/components/responses/unauthorized"
12849 * ref="#/components/responses/uuidnotfound"
12851 * security={{"openemr_auth":{}}}
12854 "GET /fhir/Procedure/:uuid" => function ($uuid, HttpRestRequest
$request) {
12855 if ($request->isPatientRequest()) {
12856 // only allow access to data of binded patient
12857 $return = (new FhirProcedureRestController())->getOne($uuid, $request->getPatientUUIDString());
12859 RestConfig
::authorization_check("patients", "med");
12860 $return = (new FhirProcedureRestController())->getOne($uuid);
12862 RestConfig
::apiLog($return);
12868 * path="/fhir/Provenance/{uuid}",
12869 * description="Returns a single Provenance resource.",
12874 * description="The id for the Provenance resource. Format is \<resource name\>:\<uuid\> (Example: AllergyIntolerance:95ea43f3-1066-4bc7-b224-6c23b985f145).",
12882 * description="Standard Response",
12884 * mediaType="application/json",
12887 * property="json object",
12888 * description="FHIR Json object.",
12892 * "id": "AllergyIntolerance:95ea43f3-1066-4bc7-b224-6c23b985f145",
12893 * "resourceType": "Provenance",
12896 * "reference": "AllergyIntolerance/95ea43f3-1066-4bc7-b224-6c23b985f145",
12897 * "type": "AllergyIntolerance"
12900 * "recorded": "2022-03-26T22:43:30+00:00",
12906 * "system": "http://terminology.hl7.org/CodeSystem/provenance-participant-type",
12907 * "code": "author",
12908 * "display": "Author"
12913 * "reference": "Organization/95e8d810-7e55-44aa-bb48-fecd5b0d88c7",
12914 * "type": "Organization"
12917 * "reference": "Organization/95e8d810-7e55-44aa-bb48-fecd5b0d88c7",
12918 * "type": "Organization"
12925 * "system": "http://hl7.org/fhir/us/core/CodeSystem/us-core-provenance-participant-type",
12926 * "code": "transmitter",
12927 * "display": "Transmitter"
12933 * "reference": "Organization/95e8d810-7e55-44aa-bb48-fecd5b0d88c7",
12934 * "type": "Organization"
12937 * "reference": "Organization/95e8d810-7e55-44aa-bb48-fecd5b0d88c7",
12938 * "type": "Organization"
12947 * ref="#/components/responses/badrequest"
12951 * ref="#/components/responses/unauthorized"
12955 * ref="#/components/responses/uuidnotfound"
12957 * security={{"openemr_auth":{}}}
12960 "GET /fhir/Provenance/:uuid" => function ($uuid, HttpRestRequest
$request) {
12961 if ($request->isPatientRequest()) {
12962 // only allow access to data of binded patient
12963 $return = (new FhirProvenanceRestController($request))->getOne($uuid, $request->getPatientUUIDString());
12965 RestConfig
::authorization_check("admin", "super");
12966 $return = (new FhirProvenanceRestController($request))->getOne($uuid);
12968 RestConfig
::apiLog($return);
12974 * path="/fhir/Provenance",
12975 * description="Returns a list of Provenance resources.",
12980 * description="The id for the Provenance resource. Format is \<resource name\>:\<uuid\> (Example: AllergyIntolerance:95ea43f3-1066-4bc7-b224-6c23b985f145).",
12988 * description="Standard Response",
12990 * mediaType="application/json",
12993 * property="json object",
12994 * description="FHIR Json object.",
12999 * "lastUpdated": "2021-09-14T09:13:51"
13001 * "resourceType": "Bundle",
13002 * "type": "collection",
13006 * "relation": "self",
13007 * "url": "https://localhost:9300/apis/default/fhir/Provenance"
13016 * ref="#/components/responses/badrequest"
13020 * ref="#/components/responses/unauthorized"
13022 * security={{"openemr_auth":{}}}
13025 // NOTE: this GET request only supports requests with an _id parameter. FHIR inferno test tool requires the 'search'
13026 // property to support which is why this endpoint exists.
13027 "GET /fhir/Provenance" => function (HttpRestRequest
$request) {
13028 if ($request->isPatientRequest()) {
13029 // only allow access to data of binded patient
13030 $return = (new FhirProvenanceRestController($request))->getAll($request->getQueryParams(), $request->getPatientUUIDString());
13032 // TODO: it seems like regular users should be able to grab authorship / provenance information
13033 RestConfig
::authorization_check("admin", "super");
13034 $return = (new FhirProvenanceRestController($request))->getAll($request->getQueryParams());
13036 RestConfig
::apiLog($return);
13042 * path="/fhir/ValueSet",
13043 * description="Returns a list of ValueSet resources.",
13048 * description="The uuid for the ValueSet resource.",
13056 * description="Standard Response",
13058 * mediaType="application/json",
13061 * property="json object",
13062 * description="FHIR Json object.",
13067 * "lastUpdated": "2021-09-14T09:13:51"
13069 * "resourceType": "Bundle",
13070 * "type": "collection",
13074 * "relation": "self",
13075 * "url": "https://localhost:9300/apis/default/fhir/ValueSet"
13084 * ref="#/components/responses/badrequest"
13088 * ref="#/components/responses/unauthorized"
13090 * security={{"openemr_auth":{}}}
13093 "GET /fhir/ValueSet" => function (HttpRestRequest
$request) {
13094 RestConfig
::authorization_check("admin", "super");
13095 $return = (new FhirValueSetRestController())->getAll($request->getQueryParams());
13096 RestConfig
::apiLog($return);
13102 * path="/fhir/ValueSet/{uuid}",
13103 * description="Returns a single ValueSet resource.",
13108 * description="The uuid for the ValueSet resource.",
13116 * description="Standard Response",
13118 * mediaType="application/json",
13121 * property="json object",
13122 * description="FHIR Json object.",
13126 * "resourceType": "ValueSet",
13127 * "id": "appointment-type",
13133 * "code": "no_show",
13134 * "display": "No Show"
13137 * "code": "office_visit",
13138 * "display": "Office Visit"
13141 * "code": "established_patient",
13142 * "display": "Established Patient"
13145 * "code": "new_patient",
13146 * "display": "New Patient"
13149 * "code": "health_and_behavioral_assessment",
13150 * "display": "Health and Behavioral Assessment"
13153 * "code": "preventive_care_services",
13154 * "display": "Preventive Care Services"
13157 * "code": "ophthalmological_services",
13158 * "display": "Ophthalmological Services"
13170 * ref="#/components/responses/badrequest"
13174 * ref="#/components/responses/unauthorized"
13178 * ref="#/components/responses/uuidnotfound"
13180 * security={{"openemr_auth":{}}}
13183 "GET /fhir/ValueSet/:uuid" => function ($uuid, HttpRestRequest
$request) {
13184 RestConfig
::authorization_check("admin", "super");
13185 $return = (new FhirValueSetRestController())->getOne($uuid);
13186 RestConfig
::apiLog($return);
13194 * path="/fhir/metadata",
13195 * description="Returns metadata (ie. CapabilityStatement resource) of the fhir server.",
13199 * description="Return CapabilityStatement resource of the fhir server"
13203 "GET /fhir/metadata" => function () {
13204 $return = (new FhirMetaDataRestController())->getMetaData();
13205 RestConfig
::apiLog($return);
13211 * path="/fhir/.well-known/smart-configuration",
13212 * description="Returns smart configuration of the fhir server.",
13216 * description="Return smart configuration of the fhir server"
13220 "GET /fhir/.well-known/smart-configuration" => function () {
13221 $authController = new \OpenEMR\RestControllers\
AuthorizationController();
13222 $return = (new \OpenEMR\RestControllers\SMART\
SMARTConfigurationController($authController))->getConfig();
13223 RestConfig
::apiLog($return);
13229 * path="/fhir/OperationDefinition",
13230 * description="Returns a list of the OperationDefinition resources that are specific to this OpenEMR installation",
13234 * description="Return list of OperationDefinition resources"
13238 "GET /fhir/OperationDefinition" => function (HttpRestRequest
$request) {
13239 // for now we will just hard code the custom resources
13240 $operationDefinitionController = new FhirOperationDefinitionRestController();
13241 $return = $operationDefinitionController->getAll($request->getQueryParams());
13242 RestConfig
::apiLog($return);
13248 * path="/fhir/OperationDefinition/{operation}",
13249 * description="Returns a single OperationDefinition resource that is specific to this OpenEMR installation",
13252 * name="operation",
13254 * description="The name of the operation to query. For example $bulkdata-status",
13262 * description="Standard Response",
13264 * mediaType="application/json",
13267 * property="json object",
13268 * description="FHIR Json object.",
13272 * "resourceType": "OperationDefinition",
13273 * "name": "$bulkdata-status",
13274 * "status": "active",
13275 * "kind": "operation",
13283 * "system": "http://hl7.org/fhir/data-types",
13284 * "code": "string",
13285 * "display": "string"
13288 * "system": "http://hl7.org/fhir/ValueSet/search-param-type",
13289 * "code": "string",
13290 * "display": "string"
13300 "GET /fhir/OperationDefinition/:operation" => function ($operation, HttpRestRequest
$request) {
13301 // for now we will just hard code the custom resources
13302 $operationDefinitionController = new FhirOperationDefinitionRestController();
13303 $return = $operationDefinitionController->getOne($operation);
13304 RestConfig
::apiLog($return);
13308 // FHIR root level operations
13312 * path="/fhir/$export",
13313 * description="The BULK FHIR Exports documentation can be found at <a href='https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API' target='_blank' rel='noopener'>https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API</a>",
13317 * description="The BULK FHIR Exports documentation can be found at <a href='https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API' target='_blank' rel='noopener'>https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API</a>"
13321 * ref="#/components/responses/badrequest"
13325 * ref="#/components/responses/unauthorized"
13327 * security={{"openemr_auth":{}}}
13330 'GET /fhir/$export' => function (HttpRestRequest
$request) {
13331 RestConfig
::authorization_check("admin", "users");
13332 $fhirExportService = new FhirOperationExportRestController($request);
13333 $return = $fhirExportService->processExport(
13334 $request->getQueryParams(),
13336 $request->getHeader('Accept')[0] ??
'',
13337 $request->getHeader('Prefer')[0] ??
''
13339 RestConfig
::apiLog($return);
13343 // these two operations are adopted based on the documentation used in the IBM FHIR Server
13344 // we'd reference cerner or epic but we couldn't find any documentation about those (Jan 30th 2021)
13345 // @see https://ibm.github.io/FHIR/guides/FHIRBulkOperations/
13349 * path="/fhir/$bulkdata-status",
13350 * description="The BULK FHIR Exports documentation can be found at <a href='https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API' target='_blank' rel='noopener'>https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API</a>",
13354 * description="The BULK FHIR Exports documentation can be found at <a href='https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API' target='_blank' rel='noopener'>https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API</a>"
13358 * ref="#/components/responses/badrequest"
13362 * ref="#/components/responses/unauthorized"
13364 * security={{"openemr_auth":{}}}
13367 'GET /fhir/$bulkdata-status' => function (HttpRestRequest
$request) {
13368 RestConfig
::authorization_check("admin", "users");
13369 $jobUuidString = $request->getQueryParam('job');
13370 // if we were truly async we would return 202 here to say we are in progress with a JSON response
13371 // since OpenEMR data is so small we just return the JSON from the database
13372 $fhirExportService = new FhirOperationExportRestController($request);
13373 $return = $fhirExportService->processExportStatusRequestForJob($jobUuidString);
13374 RestConfig
::apiLog($return);
13380 * path="/fhir/$bulkdata-status",
13381 * description="The BULK FHIR Exports documentation can be found at <a href='https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API' target='_blank' rel='noopener'>https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API</a>",
13385 * description="The BULK FHIR Exports documentation can be found at <a href='https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API' target='_blank' rel='noopener'>https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API</a>"
13389 * ref="#/components/responses/badrequest"
13393 * ref="#/components/responses/unauthorized"
13395 * security={{"openemr_auth":{}}}
13398 'DELETE /fhir/$bulkdata-status' => function (HttpRestRequest
$request) {
13399 RestConfig
::authorization_check("admin", "users");
13400 $job = $request->getQueryParam('job');
13401 $fhirExportService = new FhirOperationExportRestController($request);
13402 $return = $fhirExportService->processDeleteExportForJob($job);
13403 RestConfig
::apiLog($return);
13408 // Note that the portal (api) route is only for patient role
13409 // (there is a mechanism in place to ensure only patient role can access the portal (api) route)
13410 RestConfig
::$PORTAL_ROUTE_MAP = array(
13413 * path="/portal/patient",
13414 * description="Returns the patient.",
13415 * tags={"standard-patient"},
13418 * description="Standard response",
13420 * mediaType="application/json",
13421 * @OA\Schema(ref="#/components/schemas/api_patient_response")
13426 * ref="#/components/responses/unauthorized"
13428 * security={{"openemr_auth":{}}}
13431 "GET /portal/patient" => function (HttpRestRequest
$request) {
13432 $return = (new PatientRestController())->getOne($request->getPatientUUIDString());
13433 RestConfig
::apiLog($return);
13439 * path="/portal/patient/encounter",
13440 * description="Returns encounters for the patient.",
13441 * tags={"standard-patient"},
13444 * ref="#/components/responses/standard"
13448 * ref="#/components/responses/badrequest"
13452 * ref="#/components/responses/unauthorized"
13454 * security={{"openemr_auth":{}}}
13457 "GET /portal/patient/encounter" => function (HttpRestRequest
$request) {
13458 $return = (new EncounterRestController())->getAll($request->getPatientUUIDString());
13459 RestConfig
::apiLog($return);
13465 * path="/portal/patient/encounter/{euuid}",
13466 * description="Returns a selected encounter by its uuid.",
13467 * tags={"standard-patient"},
13471 * description="The uuid for the encounter.",
13479 * ref="#/components/responses/standard"
13483 * ref="#/components/responses/badrequest"
13487 * ref="#/components/responses/unauthorized"
13489 * security={{"openemr_auth":{}}}
13492 "GET /portal/patient/encounter/:euuid" => function ($euuid, HttpRestRequest
$request) {
13493 $return = (new EncounterRestController())->getOne($request->getPatientUUIDString(), $euuid);
13494 RestConfig
::apiLog($return);
13500 * path="/portal/patient/appointment",
13501 * description="Retrieves all appointments for a patient",
13502 * tags={"standard-patient"},
13505 * ref="#/components/responses/standard"
13509 * ref="#/components/responses/badrequest"
13513 * ref="#/components/responses/unauthorized"
13515 * security={{"openemr_auth":{}}}
13518 "GET /portal/patient/appointment" => function (HttpRestRequest
$request) {
13519 $return = (new AppointmentRestController())->getAllForPatientByUuid($request->getPatientUUIDString());
13520 RestConfig
::apiLog($return);
13527 * path="/portal/patient/appointment/{auuid}",
13528 * description="Returns a selected appointment by its uuid.",
13529 * tags={"standard-patient"},
13533 * description="The uuid for the appointment.",
13541 * ref="#/components/responses/standard"
13545 * ref="#/components/responses/badrequest"
13549 * ref="#/components/responses/unauthorized"
13551 * security={{"openemr_auth":{}}}
13554 "GET /portal/patient/appointment/:auuid" => function ($auuid, HttpRestRequest
$request) {
13555 $return = (new AppointmentRestController())->getOneForPatient($auuid, $request->getPatientUUIDString());
13556 RestConfig
::apiLog($return);