NZ Shared Digital Health Record API
0.3.0 - draft
NZ Shared Digital Health Record API
0.3.0 - draft
NZ Shared Digital Health Record API - Local Development build (v0.3.0) built by the FHIR (HL7® FHIR® Standard) Build Tools. See the Directory of published versions
| Draft as of 2024-04-15 |
@prefix fhir: <http://hl7.org/fhir/> . @prefix owl: <http://www.w3.org/2002/07/owl#> . @prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> . @prefix rdfs: <http://www.w3.org/2000/01/rdf-schema#> . @prefix xsd: <http://www.w3.org/2001/XMLSchema#> . # - resource ------------------------------------------------------------------- a fhir:CapabilityStatement ; fhir:nodeRole fhir:treeRoot ; fhir:id [ fhir:v "SDHRCapabliityStatement"] ; # fhir:meta [ ( fhir:profile [ fhir:v "https://fhir-ig.digital.health.nz/hnz-digital-tooling/StructureDefinition/hnz-capability-statement"^^xsd:anyURI ; fhir:link <https://fhir-ig.digital.health.nz/hnz-digital-tooling/StructureDefinition/hnz-capability-statement> ] ) ] ; # fhir:text [ fhir:status [ fhir:v "extensions" ] ; fhir:div "<div xmlns=\"http://www.w3.org/1999/xhtml\"><p class=\"res-header-id\"><b>Generated Narrative: CapabilityStatement SDHRCapabliityStatement</b></p><a name=\"SDHRCapabliityStatement\"> </a><a name=\"hcSDHRCapabliityStatement\"> </a><a name=\"SDHRCapabliityStatement-en-US\"> </a><div style=\"display: inline-block; background-color: #d9e0e7; padding: 6px; margin: 4px; border: 1px solid #8da1b4; border-radius: 5px; line-height: 60%\"><p style=\"margin-bottom: 0px\"/><p style=\"margin-bottom: 0px\">Profile: <a href=\"file:///home/runner/work/fhir-ig-builder/fhir-ig-builder/hnz-digital-tooling/output/StructureDefinition-hnz-capability-statement.html\">Capability Statement profile for use with the Health New Zealand Te Whatu Ora OpenAPI spec converter</a></p></div><h2 id=\"title\">NZ Shared Digital Health Record API</h2><ul><li>Implementation Guide Version: 0.3.0 </li><li>FHIR Version: 4.0.1 </li><li>Supported Formats: <code>application/fhir+json</code></li><li>Supported Patch Formats: </li><li>Published on: 2024-04-15 01:15:23+0000 </li><li>Published by: Health New Zealand </li></ul><blockquote class=\"impl-note\"><p><strong>Note to Implementers: FHIR Capabilities</strong></p><p>Any FHIR capability may be 'allowed' by the system unless explicitly marked as 'SHALL NOT'. A few items are marked as MAY in the Implementation Guide to highlight their potential relevance to the use case.</p></blockquote><h2 id=\"rest\">FHIR RESTful Capabilities</h2><div class=\"panel panel-default\"><div class=\"panel-heading\"><h3 id=\"mode1\" class=\"panel-title\">Mode: <code>server</code></h3></div><div class=\"panel-body\"><div class=\"lead\"><em>Security</em></div><div class=\"row\"><div class=\"col-lg-6\">Enable CORS: yes</div><div class=\"col-lg-6\">Security services supported: <code>SMART-on-FHIR</code></div></div><blockquote><div><p>OAuth 2.0 - Client Credential flow.)</p>\n</div></blockquote><div class=\"lead\"><em>Summary of System-wide Interactions</em></div><ul><li>Supports the <code>search-system</code>interaction described as follows:<div><h3>Request-Context custom header</h3>\n<p>All screening FHIR API requests must include the HNZ request context <em>custom header</em> supplying identifiers for the health user\nand organisation behind the API request.</p>\n<p>This context is supplied using the 'Request-Context' custom header in the form of a base64-encoded JSON object.</p>\n<table class=\"grid\">\n<thead>\n<tr>\n<th align=\"left\"><strong>Context property</strong></th>\n<th align=\"left\"><strong>Value</strong></th>\n</tr>\n</thead>\n<tbody>\n<tr>\n<td align=\"left\"><code>userIdentifier</code></td>\n<td align=\"left\">The userid of the user as authenticated by the PMS/health application (REQUIRED)</td>\n</tr>\n<tr>\n<td align=\"left\"><code>secondaryIdentifier</code></td>\n<td align=\"left\">The secondary identifier for the user - this <strong>MUST</strong> be the end users Common Person Number (aka HPI Practitioner identifier) of the practitioner using the application (REQUIRED)</td>\n</tr>\n<tr>\n<td align=\"left\"><code>purposeOfUse</code></td>\n<td align=\"left\">Set to <code>"NZSCREEN"</code> (REQUIRED)</td>\n</tr>\n<tr>\n<td align=\"left\"><code>userFullName</code></td>\n<td align=\"left\">Full name of the user of the PMS/health application.` (REQUIRED)</td>\n</tr>\n<tr>\n<td align=\"left\"><code>userRole</code></td>\n<td align=\"left\">Role of the user of the PMS/health application. Set to `"PROV" (REQUIRED)</td>\n</tr>\n<tr>\n<td align=\"left\"><code>orgIdentifier</code></td>\n<td align=\"left\">The HPI Organisation Number (aka HPI Organisation identifier) for the organisation in which the API consumer application is deployed (REQUIRED)</td>\n</tr>\n<tr>\n<td align=\"left\"><code>facilityIdentifier</code></td>\n<td align=\"left\">HPI identifier for the facility where the user is located (REQUIRED)</td>\n</tr>\n</tbody>\n</table>\n<p>A schema definition and examples for <code>Request-Context</code> can be <a href=\"https://github.com/tewhatuora/schemas/blob/main/json-schema/Request-Context.json\">found here</a></p>\n<h4>Example Request-Context Header Payload</h4>\n<p><strong>Base64 Encoded</strong></p>\n<pre><code>eyJ1c2VySWRlbnRpZmllciI6InBhdCIsInVzZXJSb2xlIjoiUFJPViIsInNlY29uZGFyeUlkZW50aWZpZXIiOnsidXNlIjoib2ZmaWNpYWwiLCJzeXN0ZW0iOiJodHRwczovL3N0YW5kYXJkcy5kaWdpdGFsLmhlYWx0aC5uei9ucy9ocGktcGVyc29uLWlkIiwidmFsdWUiOiI5OVpaWlMifSwicHVycG9zZU9mVXNlIjpbIlBST1YiXSwidXNlckZ1bGxOYW1lIjoiQmV2ZXJseSBDcnVzaGVyIiwib3JnSWRlbnRpZmllciI6IkcwMDAwMS1HIiwiZmFjaWxpdHlJZGVudGlmaWVyIjoiRlpaOTk5LUIifQ\n</code></pre>\n<p><strong>Decoded JSON</strong></p>\n<pre><code class=\"language-json\">{\n"userIdentifier": "pat",\n"userRole": "PROV",\n"secondaryIdentifier": {\n "use": "official",\n "system": "https://standards.digital.health.nz/ns/hpi-person-id",\n "value": "99ZZZS"\n},\n"purposeOfUse": [\n "NZSCREEN"\n],\n"userFullName": "Beverly Crusher",\n"orgIdentifier": "G00001-G",\n"facilityIdentifier": "FZZ999-B"\n}\n</code></pre>\n<h3>Error status codes</h3>\n<h4>Read (GET) Operation Statuses</h4>\n<table class=\"grid\">\n<thead>\n<tr>\n<th align=\"center\"><strong>Code</strong></th>\n<th align=\"left\"><strong>Meaning</strong></th>\n<th align=\"left\"><strong>Description</strong></th>\n</tr>\n</thead>\n<tbody>\n<tr>\n<td align=\"center\">200</td>\n<td align=\"left\">OK</td>\n<td align=\"left\">The request was successful, and the response body contains the representation requested</td>\n</tr>\n<tr>\n<td align=\"center\">302</td>\n<td align=\"left\">FOUND</td>\n<td align=\"left\">A common redirect response; you can GET the representation at the URI in the Location response header</td>\n</tr>\n<tr>\n<td align=\"center\">304</td>\n<td align=\"left\">NOT MODIFIED</td>\n<td align=\"left\">Your client's cached version of the representation is still up to date</td>\n</tr>\n<tr>\n<td align=\"center\">400</td>\n<td align=\"left\">BAD REQUEST</td>\n<td align=\"left\">Missing or bad <code>Recurity-Context</code> custom header; FHIR request payload does not validate against Implementation Guide</td>\n</tr>\n<tr>\n<td align=\"center\">401</td>\n<td align=\"left\">UNAUTHORIZED</td>\n<td align=\"left\">The supplied credentials, if any, are not sufficient to access the resource</td>\n</tr>\n<tr>\n<td align=\"center\">403</td>\n<td align=\"left\">FORBIDDEN</td>\n<td align=\"left\">Insufficient privilege to access the requested FHIR resource/operation</td>\n</tr>\n<tr>\n<td align=\"center\">404</td>\n<td align=\"left\">NOT FOUND</td>\n<td align=\"left\">The requested representation was not found. Retrying this request is unlikely to be successful</td>\n</tr>\n<tr>\n<td align=\"center\">429</td>\n<td align=\"left\">TOO MANY REQUESTS</td>\n<td align=\"left\">Your application is sending too many simultaneous requests</td>\n</tr>\n<tr>\n<td align=\"center\">500</td>\n<td align=\"left\">SERVER ERROR</td>\n<td align=\"left\">An internal server error prevented return of the representation response</td>\n</tr>\n<tr>\n<td align=\"center\">503</td>\n<td align=\"left\">SERVICE UNAVAILABLE</td>\n<td align=\"left\">We are temporarily unable to return the representation. Please wait and try again later</td>\n</tr>\n</tbody>\n</table>\n<h4>Search (GET) Operation Statuses</h4>\n<table class=\"grid\">\n<thead>\n<tr>\n<th align=\"center\"><strong>Code</strong></th>\n<th align=\"left\"><strong>Meaning</strong></th>\n<th align=\"left\"><strong>OperationOutcome</strong> in response?</th>\n<th align=\"left\"><strong>Description</strong></th>\n</tr>\n</thead>\n<tbody>\n<tr>\n<td align=\"center\">200</td>\n<td align=\"left\">OK</td>\n<td align=\"left\">Yes, When there are additional messages about a match result</td>\n<td align=\"left\">The request was successful, and the response body contains the representation requested</td>\n</tr>\n<tr>\n<td align=\"center\">302</td>\n<td align=\"left\">FOUND</td>\n<td align=\"left\">No</td>\n<td align=\"left\">A common redirect response; you can GET the representation at the URI in the Location response header</td>\n</tr>\n<tr>\n<td align=\"center\">400</td>\n<td align=\"left\">BAD REQUEST</td>\n<td align=\"left\">Yes</td>\n<td align=\"left\">Missing or bad <code>Recurity-Context</code> custom header;<br>FHIR request payload does not validate against Implementation Guide</td>\n</tr>\n<tr>\n<td align=\"center\">401</td>\n<td align=\"left\">UNAUTHORIZED</td>\n<td align=\"left\">Yes</td>\n<td align=\"left\">The supplied credentials, if any, are not sufficient to access the resource</td>\n</tr>\n<tr>\n<td align=\"center\">403</td>\n<td align=\"left\">FORBIDDEN</td>\n<td align=\"left\">Yes</td>\n<td align=\"left\">Insufficient privilege to access the requested FHIR resource/operation. See <a href=\"./OperationOutcome-APIError-Unauthorised.html\">OperationOutcome-APIError-Unauthorised</a></td>\n</tr>\n<tr>\n<td align=\"center\">429</td>\n<td align=\"left\">TOO MANY REQUESTS</td>\n<td align=\"left\">No</td>\n<td align=\"left\">Your application is sending too many simultaneous requests</td>\n</tr>\n<tr>\n<td align=\"center\">500</td>\n<td align=\"left\">SERVER ERROR</td>\n<td align=\"left\">No</td>\n<td align=\"left\">An internal server error prevented return of the representation response</td>\n</tr>\n<tr>\n<td align=\"center\">503</td>\n<td align=\"left\">SERVICE UNAVAILABLE</td>\n<td align=\"left\">No</td>\n<td align=\"left\">The server is temporarily unable to return the representation. Please wait and try again later</td>\n</tr>\n</tbody>\n</table>\n<h3>Non existent API endpoints</h3>\n<p>When a consumer attempts to call a non-existent API end point, respond\nwith a <strong>501 Not Implemented</strong> status code.</p>\n</div></li></ul></div></div><h3 id=\"resourcesCap1\">Capabilities by Resource/Profile</h3><h4 id=\"resourcesSummary1\">Summary</h4><p>The summary table lists the resources that are part of this configuration, and for each resource it lists:</p><ul><li>The relevant profiles (if any)</li><li>The interactions supported by each resource (<b><span class=\"bg-info\">R</span></b>ead, <b><span class=\"bg-info\">S</span></b>earch, <b><span class=\"bg-info\">U</span></b>pdate, and <b><span class=\"bg-info\">C</span></b>reate, are always shown, while <b><span class=\"bg-info\">VR</span></b>ead, <b><span class=\"bg-info\">P</span></b>atch, <b><span class=\"bg-info\">D</span></b>elete, <b><span class=\"bg-info\">H</span></b>istory on <b><span class=\"bg-info\">I</span></b>nstance, or <b><span class=\"bg-info\">H</span></b>istory on <b><span class=\"bg-info\">T</span></b>ype are only present if at least one of the resources has support for them.</li><li><span>The required, recommended, and some optional search parameters (if any). </span></li><li>The linked resources enabled for <code>_include</code></li><li>The other resources enabled for <code>_revinclude</code></li><li>The operations on the resource (if any)</li></ul><div class=\"table-responsive\"><table class=\"table table-condensed table-hover\"><thead><tr><th><b>Resource Type</b></th><th><b>Profile</b></th><th class=\"text-center\"><b title=\"GET a resource (read interaction)\">R</b></th><th class=\"text-center\"><b title=\"GET all set of resources of the type (search interaction)\">S</b></th><th class=\"text-center\"><b title=\"PUT a new resource version (update interaction)\">U</b></th><th class=\"text-center\"><b title=\"POST a new resource (create interaction)\">C</b></th><th><b title=\"Required and recommended search parameters\">Searches</b></th><th><code><b>_include</b></code></th><th><code><b>_revinclude</b></code></th><th><b>Operations</b></th></tr></thead><tbody><tr><td><a href=\"#AllergyIntolerance1-1\">AllergyIntolerance</a></td><td><a href=\"StructureDefinition-SDHRAllergyIntolerance.html\">https://fhir-ig.digital.health.nz/sdhr/StructureDefinition/SDHRAllergyIntolerance</a></td><td class=\"text-center\">y</td><td class=\"text-center\">y</td><td class=\"text-center\">y</td><td class=\"text-center\">y</td><td></td><td/><td/><td/></tr><tr><td><a href=\"#Condition1-2\">Condition</a></td><td><a href=\"StructureDefinition-SDHRCondition.html\">https://fhir-ig.digital.health.nz/sdhr/StructureDefinition/SDHRCondition</a></td><td class=\"text-center\">y</td><td class=\"text-center\">y</td><td class=\"text-center\">y</td><td class=\"text-center\">y</td><td></td><td/><td/><td/></tr><tr><td><a href=\"#Encounter1-3\">Encounter</a></td><td><a href=\"StructureDefinition-SDHREncounter.html\">https://fhir-ig.digital.health.nz/sdhr/StructureDefinition/SDHREncounter</a></td><td class=\"text-center\">y</td><td class=\"text-center\">y</td><td class=\"text-center\">y</td><td class=\"text-center\">y</td><td></td><td/><td/><td/></tr><tr><td><a href=\"#Observation1-4\">Observation</a></td><td><a href=\"StructureDefinition-SDHRObservation.html\">https://fhir-ig.digital.health.nz/sdhr/StructureDefinition/SDHRObservation</a></td><td class=\"text-center\">y</td><td class=\"text-center\">y</td><td class=\"text-center\">y</td><td class=\"text-center\">y</td><td></td><td/><td/><td/></tr></tbody></table></div><hr/><div class=\"panel panel-default\"><div class=\"panel-heading\"><h4 id=\"AllergyIntolerance1-1\" class=\"panel-title\"><span style=\"float: right;\">Resource Conformance: supported </span>AllergyIntolerance</h4></div><div class=\"panel-body\"><div class=\"container\"><div class=\"row\"><div class=\"col-lg-6\"><span class=\"lead\">Base System Profile</span><br/><a href=\"StructureDefinition-SDHRAllergyIntolerance.html\">SDHRAllergyIntolerance</a></div><div class=\"col-lg-3\"><span class=\"lead\">Profile Conformance</span><br/><b>SHALL</b></div><div class=\"col-lg-3\"><span class=\"lead\">Reference Policy</span><br/></div></div><p/><div class=\"row\"><div class=\"col-lg-6\"><span class=\"lead\">Interaction summary</span><br/><ul><li>Supports <code>read</code>, <code>create</code>, <code>update</code>, <code>search-type</code>.</li></ul></div></div><p/></div></div></div><div class=\"panel panel-default\"><div class=\"panel-heading\"><h4 id=\"Condition1-2\" class=\"panel-title\"><span style=\"float: right;\">Resource Conformance: supported </span>Condition</h4></div><div class=\"panel-body\"><div class=\"container\"><div class=\"row\"><div class=\"col-lg-6\"><span class=\"lead\">Base System Profile</span><br/><a href=\"StructureDefinition-SDHRCondition.html\">SDHRCondition</a></div><div class=\"col-lg-3\"><span class=\"lead\">Profile Conformance</span><br/><b>SHALL</b></div><div class=\"col-lg-3\"><span class=\"lead\">Reference Policy</span><br/></div></div><p/><div class=\"row\"><div class=\"col-lg-6\"><span class=\"lead\">Interaction summary</span><br/><ul><li>Supports <code>read</code>, <code>create</code>, <code>update</code>, <code>search-type</code>.</li></ul></div></div><p/></div></div></div><div class=\"panel panel-default\"><div class=\"panel-heading\"><h4 id=\"Encounter1-3\" class=\"panel-title\"><span style=\"float: right;\">Resource Conformance: supported </span>Encounter</h4></div><div class=\"panel-body\"><div class=\"container\"><div class=\"row\"><div class=\"col-lg-6\"><span class=\"lead\">Base System Profile</span><br/><a href=\"StructureDefinition-SDHREncounter.html\">SDHREncounter</a></div><div class=\"col-lg-3\"><span class=\"lead\">Profile Conformance</span><br/><b>SHALL</b></div><div class=\"col-lg-3\"><span class=\"lead\">Reference Policy</span><br/></div></div><p/><div class=\"row\"><div class=\"col-lg-6\"><span class=\"lead\">Interaction summary</span><br/><ul><li>Supports <code>read</code>, <code>create</code>, <code>update</code>, <code>search-type</code>.</li></ul></div></div><p/></div></div></div><div class=\"panel panel-default\"><div class=\"panel-heading\"><h4 id=\"Observation1-4\" class=\"panel-title\"><span style=\"float: right;\">Resource Conformance: supported </span>Observation</h4></div><div class=\"panel-body\"><div class=\"container\"><div class=\"row\"><div class=\"col-lg-6\"><span class=\"lead\">Base System Profile</span><br/><a href=\"StructureDefinition-SDHRObservation.html\">SDHRObservation</a></div><div class=\"col-lg-3\"><span class=\"lead\">Profile Conformance</span><br/><b>SHALL</b></div><div class=\"col-lg-3\"><span class=\"lead\">Reference Policy</span><br/></div></div><p/><div class=\"row\"><div class=\"col-lg-6\"><span class=\"lead\">Interaction summary</span><br/><ul><li>Supports <code>read</code>, <code>create</code>, <code>update</code>, <code>search-type</code>.</li></ul></div></div><p/></div></div></div></div>"^^rdf:XMLLiteral ] ; # fhir:extension ( [ ( fhir:extension [ fhir:url [ fhir:v "licenseURL"^^xsd:anyURI ] ; fhir:value [ a fhir:uri ; fhir:v "https://www.tewhatuora.govt.nz/assets/Our-health-system/Digital-health/Digital-Service-Hub/API-Access-and-Use-Agreement.docx"^^xsd:anyURI ] ] [ fhir:url [ fhir:v "externalDocs"^^xsd:anyURI ] ; fhir:value [ a fhir:uri ; fhir:v "https://fhir-ig.digital.health.nz/shared-care"^^xsd:anyURI ] ] [ fhir:url [ fhir:v "licenseName"^^xsd:anyURI ] ; fhir:value [ a fhir:string ; fhir:v "Health New Zealand Digital Services Hub API Access and Use Agreement" ] ] [ ( fhir:extension [ ( fhir:extension [ fhir:url [ fhir:v "key"^^xsd:anyURI ] ; fhir:value [ a fhir:string ; fhir:v "X-Correlation-Id" ] ] [ fhir:url [ fhir:v "value"^^xsd:anyURI ] ; fhir:value [ a fhir:uri ; fhir:v "https://raw.githubusercontent.com/tewhatuora/schemas/main/shared-care/Api-Key.json"^^xsd:anyURI ] ] [ fhir:url [ fhir:v "required"^^xsd:anyURI ] ; fhir:value [ a fhir:boolean ; fhir:v true ] ] ) ; fhir:url [ fhir:v "https://fhir-ig.digital.health.nz/hnz-digital-tooling/StructureDefinition/custom-headers-extension"^^xsd:anyURI ] ] [ ( fhir:extension [ fhir:url [ fhir:v "key"^^xsd:anyURI ] ; fhir:value [ a fhir:string ; fhir:v "Request-Context" ] ] [ fhir:url [ fhir:v "value"^^xsd:anyURI ] ; fhir:value [ a fhir:uri ; fhir:v "https://raw.githubusercontent.com/tewhatuora/schemas/main/shared-care/Request-Context.json"^^xsd:anyURI ] ] [ fhir:url [ fhir:v "required"^^xsd:anyURI ] ; fhir:value [ a fhir:boolean ; fhir:v true ] ] ) ; fhir:url [ fhir:v "https://fhir-ig.digital.health.nz/hnz-digital-tooling/StructureDefinition/custom-headers-extension"^^xsd:anyURI ] ] ) ; fhir:url [ fhir:v "globalHeaders"^^xsd:anyURI ] ] ) ; fhir:url [ fhir:v "https://fhir-ig.digital.health.nz/hnz-digital-tooling/StructureDefinition/resource-metadata-extension"^^xsd:anyURI ] ] ) ; # fhir:url [ fhir:v "https://fhir-ig.digital.health.nz/sdhr/CapabilityStatement/SDHRCapabliityStatement"^^xsd:anyURI] ; # fhir:version [ fhir:v "0.3.0"] ; # fhir:name [ fhir:v "SDHRCapabliityStatement"] ; # fhir:title [ fhir:v "NZ Shared Digital Health Record API"] ; # fhir:status [ fhir:v "draft"] ; # fhir:experimental [ fhir:v true] ; # fhir:date [ fhir:v "2024-04-15T01:15:23.3688326Z"^^xsd:dateTime] ; # fhir:publisher [ fhir:v "Health New Zealand"] ; # fhir:contact ( [ fhir:name [ fhir:v "Health New Zealand" ] ; ( fhir:telecom [ fhir:system [ fhir:v "url" ] ; fhir:value [ fhir:v "https://github.com/tewhatuora" ] ] ) ] [ fhir:name [ fhir:v "HNZ Integration Team" ] ; ( fhir:telecom [ fhir:system [ fhir:v "email" ] ; fhir:value [ fhir:v "integration@tewhatuora.govt.nz" ] ; fhir:use [ fhir:v "work" ] ] ) ] ) ; # fhir:description [ fhir:v "NZ Shared Digital Health Record API"] ; # fhir:kind [ fhir:v "capability"] ; # fhir:software [ fhir:name [ fhir:v "NZ Shared Digital Health Record API" ] ; fhir:version [ fhir:v "1.0.0.0" ] ] ; # fhir:implementation [ fhir:description [ fhir:v "Health NZ | Te Whatu Ora NZ Shared Digital Health Record API" ] ; fhir:url [ fhir:v "https://fhir.api.digital.health.nz/R4"^^xsd:anyURI ] ] ; # fhir:fhirVersion [ fhir:v "4.0.1"] ; # fhir:format ( [ fhir:v "application/fhir+json"] ) ; # fhir:rest ( [ fhir:mode [ fhir:v "server" ] ; fhir:security [ ( fhir:extension [ ( fhir:extension [ fhir:url [ fhir:v "token"^^xsd:anyURI ] ; fhir:value [ a fhir:uri ; fhir:v "https://ppd.auth.services.health.nz/realms/hnz-integration/protocol/openid-connect/token"^^xsd:anyURI ] ] [ fhir:url [ fhir:v "authorize"^^xsd:anyURI ] ; fhir:value [ a fhir:uri ; fhir:v "https://ppd.auth.services.health.nz/realms/hnz-integration/protocol/openid-connect/authorize"^^xsd:anyURI ] ] ) ; fhir:url [ fhir:v "http://fhir-registry.smarthealthit.org/StructureDefinition/oauth-uris"^^xsd:anyURI ] ] [ fhir:url [ fhir:v "http://fhir-registry.smarthealthit.org/StructureDefinition/capabilities"^^xsd:anyURI ] ; fhir:value [ a fhir:code ; fhir:v "client-confidential-symmetric" ] ] ) ; fhir:cors [ fhir:v true ] ; ( fhir:service [ ( fhir:coding [ fhir:code [ fhir:v "SMART-on-FHIR" ] ] ) ] ) ; fhir:description [ fhir:v "OAuth 2.0 - Client Credential flow.)" ] ] ; ( fhir:resource [ fhir:type [ fhir:v "AllergyIntolerance" ] ; fhir:profile [ fhir:v "https://fhir-ig.digital.health.nz/sdhr/StructureDefinition/SDHRAllergyIntolerance"^^xsd:anyURI ; fhir:link <https://fhir-ig.digital.health.nz/sdhr/StructureDefinition/SDHRAllergyIntolerance> ] ; ( fhir:interaction [ fhir:code [ fhir:v "read" ] ] [ fhir:code [ fhir:v "create" ] ] [ fhir:code [ fhir:v "update" ] ] [ fhir:code [ fhir:v "search-type" ] ] ) ] [ fhir:type [ fhir:v "Condition" ] ; fhir:profile [ fhir:v "https://fhir-ig.digital.health.nz/sdhr/StructureDefinition/SDHRCondition"^^xsd:anyURI ; fhir:link <https://fhir-ig.digital.health.nz/sdhr/StructureDefinition/SDHRCondition> ] ; ( fhir:interaction [ fhir:code [ fhir:v "read" ] ] [ fhir:code [ fhir:v "create" ] ] [ fhir:code [ fhir:v "update" ] ] [ fhir:code [ fhir:v "search-type" ] ] ) ] [ fhir:type [ fhir:v "Encounter" ] ; fhir:profile [ fhir:v "https://fhir-ig.digital.health.nz/sdhr/StructureDefinition/SDHREncounter"^^xsd:anyURI ; fhir:link <https://fhir-ig.digital.health.nz/sdhr/StructureDefinition/SDHREncounter> ] ; ( fhir:interaction [ fhir:code [ fhir:v "read" ] ] [ fhir:code [ fhir:v "create" ] ] [ fhir:code [ fhir:v "update" ] ] [ fhir:code [ fhir:v "search-type" ] ] ) ] [ fhir:type [ fhir:v "Observation" ] ; fhir:profile [ fhir:v "https://fhir-ig.digital.health.nz/sdhr/StructureDefinition/SDHRObservation"^^xsd:anyURI ; fhir:link <https://fhir-ig.digital.health.nz/sdhr/StructureDefinition/SDHRObservation> ] ; ( fhir:interaction [ fhir:code [ fhir:v "read" ] ] [ fhir:code [ fhir:v "create" ] ] [ fhir:code [ fhir:v "update" ] ] [ fhir:code [ fhir:v "search-type" ] ] ) ] ) ; ( fhir:interaction [ fhir:code [ fhir:v "search-system" ] ; fhir:documentation [ fhir:v " ### Request-Context custom header\n\n All screening FHIR API requests must include the HNZ request context *custom header* supplying identifiers for the health user \n and organisation behind the API request.\n\n This context is supplied using the 'Request-Context' custom header in the form of a base64-encoded JSON object.\n\n |**Context property**|**Value**|\n |:------------------|:---------|\n | `userIdentifier` | The userid of the user as authenticated by the PMS/health application (REQUIRED) |\n | `secondaryIdentifier` | The secondary identifier for the user - this **MUST** be the end users Common Person Number (aka HPI Practitioner identifier) of the practitioner using the application (REQUIRED) |\n | `purposeOfUse` | Set to `\"NZSCREEN\"` (REQUIRED) |\n | `userFullName` | Full name of the user of the PMS/health application.` (REQUIRED) |\n | `userRole` | Role of the user of the PMS/health application. Set to `\"PROV\" (REQUIRED) |\n | `orgIdentifier` | The HPI Organisation Number (aka HPI Organisation identifier) for the organisation in which the API consumer application is deployed (REQUIRED) |\n | `facilityIdentifier` | HPI identifier for the facility where the user is located (REQUIRED) |\n\n A schema definition and examples for `Request-Context` can be [found here](https://github.com/tewhatuora/schemas/blob/main/json-schema/Request-Context.json)\n\n #### Example Request-Context Header Payload\n **Base64 Encoded**\n ```\n eyJ1c2VySWRlbnRpZmllciI6InBhdCIsInVzZXJSb2xlIjoiUFJPViIsInNlY29uZGFyeUlkZW50aWZpZXIiOnsidXNlIjoib2ZmaWNpYWwiLCJzeXN0ZW0iOiJodHRwczovL3N0YW5kYXJkcy5kaWdpdGFsLmhlYWx0aC5uei9ucy9ocGktcGVyc29uLWlkIiwidmFsdWUiOiI5OVpaWlMifSwicHVycG9zZU9mVXNlIjpbIlBST1YiXSwidXNlckZ1bGxOYW1lIjoiQmV2ZXJseSBDcnVzaGVyIiwib3JnSWRlbnRpZmllciI6IkcwMDAwMS1HIiwiZmFjaWxpdHlJZGVudGlmaWVyIjoiRlpaOTk5LUIifQ\n ```\n **Decoded JSON**\n ```json\n {\n \"userIdentifier\": \"pat\",\n \"userRole\": \"PROV\",\n \"secondaryIdentifier\": {\n \"use\": \"official\",\n \"system\": \"https://standards.digital.health.nz/ns/hpi-person-id\",\n \"value\": \"99ZZZS\"\n },\n \"purposeOfUse\": [\n \"NZSCREEN\"\n ],\n \"userFullName\": \"Beverly Crusher\",\n \"orgIdentifier\": \"G00001-G\",\n \"facilityIdentifier\": \"FZZ999-B\"\n}\n```\n\n ### Error status codes\n\n #### Read (GET) Operation Statuses\n\n |**Code**|**Meaning**|**Description**|\n |:--:|:-----------------|:--|\n |200|OK |The request was successful, and the response body contains the representation requested|\n |302|FOUND |A common redirect response; you can GET the representation at the URI in the Location response header|\n |304|NOT MODIFIED |Your client's cached version of the representation is still up to date|\n |400|BAD REQUEST |Missing or bad `Recurity-Context` custom header; FHIR request payload does not validate against Implementation Guide|\n |401|UNAUTHORIZED |The supplied credentials, if any, are not sufficient to access the resource|\n |403|FORBIDDEN |Insufficient privilege to access the requested FHIR resource/operation|\n |404|NOT FOUND |The requested representation was not found. Retrying this request is unlikely to be successful|\n |429|TOO MANY REQUESTS |Your application is sending too many simultaneous requests|\n |500|SERVER ERROR |An internal server error prevented return of the representation response|\n |503|SERVICE UNAVAILABLE|We are temporarily unable to return the representation. Please wait and try again later|\n\n #### Search (GET) Operation Statuses\n\n |**Code**|**Meaning** |**OperationOutcome** in response?|**Description**|\n |:--:|:-----------------|:----------------------------------|:----------------------------------|\n |200|OK |Yes, When there are additional messages about a match result|The request was successful, and the response body contains the representation requested|\n |302|FOUND |No |A common redirect response; you can GET the representation at the URI in the Location response header|\n |400|BAD REQUEST |Yes|Missing or bad `Recurity-Context` custom header;<br>FHIR request payload does not validate against Implementation Guide|\n |401|UNAUTHORIZED |Yes|The supplied credentials, if any, are not sufficient to access the resource|\n |403|FORBIDDEN |Yes|Insufficient privilege to access the requested FHIR resource/operation. See [OperationOutcome-APIError-Unauthorised](./OperationOutcome-APIError-Unauthorised.html)|\n |429|TOO MANY REQUESTS |No |Your application is sending too many simultaneous requests|\n |500|SERVER ERROR |No |An internal server error prevented return of the representation response|\n |503|SERVICE UNAVAILABLE|No |The server is temporarily unable to return the representation. Please wait and try again later|\n\n ### Non existent API endpoints\n\n When a consumer attempts to call a non-existent API end point, respond\n with a **501 Not Implemented** status code." ] ] ) ] ) . #
IG © 2025+ Health New Zealand. Package tewhatuora.fhir.nz-shared-digital-health-record#0.3.0 based on FHIR 4.0.1. Generated 2025-03-10
Links: Table of Contents |
QA Report