Documentation Index Fetch the complete documentation index at: https://docs.athelas.com/llms.txt
Use this file to discover all available pages before exploring further.
The Commure EHR FHIR API is a FHIR R4B server that exposes patient health data from Air to authorized third-party applications. It is compliant with US Core 6.1.0 profiles and the ONC (g)(10) Standardized API certification criteria (§170.315(g)(10)). All responses are returned in application/fhir+json format.
Service Base URL: https://onc.api.staging-ehr.athelas.comFHIR Version: R4B (4.0.1) · US Core Version: 6.1.0 · Content Type: application/fhir+json
SMART on FHIR Configuration The server publishes its SMART configuration discovery document at:
GET https://onc.api.staging-ehr.athelas.com/.well-known/smart-configuration
This returns the discovery document with all authorization and token endpoint URLs, supported scopes, and capabilities.
The FHIR CapabilityStatement, which lists every supported resource and interaction, is available at:
GET https://onc.api.staging-ehr.athelas.com/metadata
Endpoint URL Authorization https://onc.api.staging-ehr.athelas.com/authorizeToken https://onc.api.staging-ehr.athelas.com/tokenIntrospection https://onc.api.staging-ehr.athelas.com/introspectRevocation https://onc.api.staging-ehr.athelas.com/revokeJWKS URI https://cognito-idp.us-east-2.amazonaws.com/us-east-2_KudjXF579/.well-known/jwks.jsonIssuer https://cognito-idp.us-east-2.amazonaws.com/us-east-2_KudjXF579SMART Style https://onc.api.staging-ehr.athelas.com/smart-style.json
App Registration Client applications must be registered in AWS Cognito before they can obtain tokens. Registration provides the application with a client_id and (for confidential clients) a client_secret.
Self-serve registration is planned for a future release. To register a new application today, contact Commure (d/b/a Athelas) .
When registering, provide:
Organization name and contact
Description of the application and which FHIR resources / scopes are needed
Whether the app is patient-facing or provider-facing
Client type: public (no secret, uses PKCE) or confidential (has secret)Redirect URI
SMART Launch URI (if applicable)
Upon approval, you will receive:
client_id — used in all OAuth flowsclient_secret — for confidential clients only
Authorization The server implements SMART on FHIR v2 (§170.215(a)(3)) using AWS Cognito as the identity provider.
authorization_codeclient_credentialsrefresh_token
Method Use for nonePublic apps (PKCE required) client_secret_postConfidential apps, secret in POST body client_secret_basicConfidential apps, secret in Authorization header private_key_jwtAsymmetric client auth for Backend Services
App redirects the user to GET /authorize with response_type=code, client_id, redirect_uri, scope, state, aud, and PKCE code_challenge.
The server presents a consent page where the user selects which scopes to grant.
After consent, the server redirects to the app’s redirect_uri with an authorization code.
App exchanges the code via POST /token to receive access_token, id_token, and optionally refresh_token.
App includes the access token as Authorization: Bearer <token> on all FHIR API requests.
EHR initiates launch via GET /launch/{patient_id}?app_launch_url=<url> (optionally with encounter_id). This redirects to the app’s launch URL with a launch parameter.
App redirects to GET /authorize including the launch parameter in addition to the standard OAuth params.
The rest of the flow follows the standalone flow. The resulting token includes patient and optionally encounter launch context claims.
For system-level access (e.g., bulk export):
App generates a signed JWT (client_assertion) using its private key registered with Cognito.
App calls POST /token with:
grant_type=client_credentialsclient_assertion=<signed_jwt>client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearerscope=system/*.*
The server returns a bearer access token valid for system-level operations.
Validates an access token and returns its claims.
Request body (form-encoded): token=<access_token>Revokes an access or refresh token.
Request body (form-encoded): token=<token>, client_id=<client_id>, optionally client_secret, token_type_hint.Include grant_type=refresh_token and refresh_token=<token> in the POST /token body.
Note: Refresh tokens are issued only when the offline_access scope is granted. Tokens issued to confidential clients are valid for a minimum of 3 months .Scopes The server supports SMART v2 granular scopes . All resource scopes use the .rs (read-search) action.
Context Scopes Scope Purpose openidOpenID Connect profileUser profile fhirUserResolves the current user as a FHIR resource offline_accessIssue a refresh token launchEHR launch context
Patient-Level Resource Scopes Scope Resource Access Granted patient/AllergyIntolerance.rsAllergy and intolerance records patient/CarePlan.rsCare plans patient/CareTeam.rsCare team members patient/Condition.rsAll conditions (problems, diagnoses, health concerns) patient/Coverage.rsInsurance coverage patient/Device.rsImplantable devices patient/DiagnosticReport.rsDiagnostic reports (lab, notes) patient/DocumentReference.rsClinical documents and chart notes patient/Encounter.rsEncounters and visits patient/Goal.rsHealth goals patient/Immunization.rsImmunization records patient/Location.rsPractice locations patient/MedicationDispense.rsMedication dispense records patient/MedicationRequest.rsMedication requests and prescriptions patient/Observation.rsAll observations (vitals, labs, surveys, SDOH) patient/Organization.rsOrganizations patient/Patient.rsPatient demographics patient/Practitioner.rsPractitioners patient/PractitionerRole.rsPractitioner roles patient/Procedure.rsProcedures patient/Provenance.rsProvenance records patient/RelatedPerson.rsRelated persons (family, guardians) patient/ServiceRequest.rsService and referral requests patient/Specimen.rsSpecimens
Granular Scopes For Condition and Observation , category-level granular scopes are supported:
patient/Condition.rs?category=http://terminology.hl7.org/CodeSystem/condition-category|encounter-diagnosis patient/Condition.rs?category=http://terminology.hl7.org/CodeSystem/condition-category|problem-list-item patient/Condition.rs?category=http://hl7.org/fhir/us/core/CodeSystem/condition-category|health-concern patient/Observation.rs?category=http://terminology.hl7.org/CodeSystem/observation-category|vital-signs patient/Observation.rs?category=http://terminology.hl7.org/CodeSystem/observation-category|laboratory patient/Observation.rs?category=http://terminology.hl7.org/CodeSystem/observation-category|social-history patient/Observation.rs?category=http://terminology.hl7.org/CodeSystem/observation-category|survey patient/Observation.rs?category=http://hl7.org/fhir/us/core/CodeSystem/us-core-category|sdoh
If a granular scope is granted, the server restricts search results to only that category . For example, a token with patient/Condition.rs?category=encounter-diagnosis cannot read problem-list or health-concern conditions.
USCDI v1 → FHIR Resource Mapping USCDI Data Element US Core Profile FHIR Resource Patient Demographics US Core Patient Profile Patient Assessment and Plan of Treatment US Core CarePlan Profile CarePlan Care Team Members US Core CareTeam Profile CareTeam Clinical Notes (Consultation, Discharge, Progress)US Core DocumentReference Profile DocumentReference Goals: Patient Goals US Core Goal Profile Goal Health Concerns US Core Condition Profile Condition Immunizations US Core Immunization Profile Immunization Lab Tests and Results US Core Lab Result Observation Profile, US Core DiagnosticReport for Lab Observation, DiagnosticReport Medications US Core MedicationRequest Profile MedicationRequest, MedicationDispense Medication Allergies US Core AllergyIntolerance Profile AllergyIntolerance Problems US Core Condition Profile Condition Procedures US Core Procedure Profile Procedure Provenance US Core Provenance Profile Provenance Smoking Status US Core Smoking Status Observation Profile Observation Unique Device Identifiers (Implantable)US Core Implantable Device Profile Device Vital Signs FHIR Core Vital Signs Profiles, US Core Pulse Oximetry Observation Encounters US Core Encounter Profile Encounter Insurance Coverage US Core Coverage Profile Coverage Service Requests / Referrals US Core ServiceRequest Profile ServiceRequest Specimens US Core Specimen Profile Specimen Related Persons US Core RelatedPerson Profile RelatedPerson
Resource Endpoints All resource endpoints require a valid Bearer token with the appropriate scope. Searches return a FHIR Bundle of type searchset; single-resource reads return the resource directly.
Date parameters support FHIR comparator prefixes: eq, ne, gt, lt, ge, le.All search endpoints support both GET (query parameters) and POST /_search (form-encoded body) forms.
Required scope: patient/Patient.rsInteraction Endpoint Read GET /Patient/{id}Search (GET) GET /PatientSearch (POST) POST /Patient/_search
Search Parameters: _id, identifier, name, birthdate, gender, _count (default 50, max 200), _revincludeSupported combination searches: birthdate + name, gender + nameRequired scope: patient/AllergyIntolerance.rsInteraction Endpoint Read GET /AllergyIntolerance/{id}Search (GET) GET /AllergyIntoleranceSearch (POST) POST /AllergyIntolerance/_search
Search Parameters: _id, patient, clinical-status, _count, _revincludeRequired scope: patient/CarePlan.rsInteraction Endpoint Read GET /CarePlan/{id}Search (GET) GET /CarePlanSearch (POST) POST /CarePlan/_search
Search Parameters: _id, patient, category, identifier, _count, _revincludeRequired scope: patient/CareTeam.rsInteraction Endpoint Read GET /CareTeam/{id}Search (GET) GET /CareTeamSearch (POST) POST /CareTeam/_search
Search Parameters: patient, status, _include, _revincludeRequired scope: patient/Condition.rs (or a granular category scope)Granular scopes are enforced. If the token only has patient/Condition.rs?category=encounter-diagnosis, results are restricted to that category.
Interaction Endpoint Read GET /Condition/{id}Search (GET) GET /ConditionSearch (POST) POST /Condition/_search
Search Parameters: _id, patient, category, clinical-status, code, identifier, _count, _revincludeRequired scope: patient/Coverage.rsInteraction Endpoint Read GET /Coverage/{id}Search (GET) GET /CoverageSearch (POST) POST /Coverage/_search
Search Parameters: _id, patient, identifier, _count, _revincludeRequired scope: patient/Device.rsInteraction Endpoint Read GET /Device/{id}Search (GET) GET /DeviceSearch (POST) POST /Device/_search
Search Parameters: _id, patient, type, _count, _revincludeRequired scope: patient/DiagnosticReport.rsInteraction Endpoint Read GET /DiagnosticReport/{id}Search (GET) GET /DiagnosticReportSearch (POST) POST /DiagnosticReport/_search
Search Parameters: _id, patient, category, type, code, status, date, _count, _revincludeRequired scope: patient/DocumentReference.rsCovers clinical documents and chart notes (consultation notes, progress notes, discharge summaries, etc.).
Interaction Endpoint Read GET /DocumentReference/{id}Search (GET) GET /DocumentReferenceSearch (POST) POST /DocumentReference/_search
Search Parameters: _id, patient, category, type, status, date, _count, _revincludeRequired scope: patient/Encounter.rsInteraction Endpoint Read GET /Encounter/{id}Search (GET) GET /EncounterSearch (POST) POST /Encounter/_search
Search Parameters: _id, patient, date, identifier, _count, _revincludeRequired scope: patient/Goal.rsInteraction Endpoint Read GET /Goal/{id}Search (GET) GET /GoalSearch (POST) POST /Goal/_search
Search Parameters: _id, patient, lifecycle-status, target-date, _count, _revincludeRequired scope: patient/Immunization.rsInteraction Endpoint Read GET /Immunization/{id}Search (GET) GET /ImmunizationSearch (POST) POST /Immunization/_search
Search Parameters: _id, patient, date, status, vaccine-code, lot-number, manufacturer, identifier, _count, _revincludeRequired scope: patient/Location.rsInteraction Endpoint Search (GET) GET /Location
Required scope: patient/MedicationDispense.rsInteraction Endpoint Read GET /MedicationDispense/{id}Search (GET) GET /MedicationDispenseSearch (POST) POST /MedicationDispense/_search
Search Parameters: _id, patient, whenhandedover, status, medication, identifier, _count, _revincludeRequired scope: patient/MedicationRequest.rsInteraction Endpoint Read GET /MedicationRequest/{id}Search (GET) GET /MedicationRequestSearch (POST) POST /MedicationRequest/_search
Search Parameters: _id, patient, authoredon, status, intent, encounter, medication, identifier, _count, _revincludeRequired scope: patient/Observation.rs (or a granular category scope)Granular scopes are enforced. If the token only has patient/Observation.rs?category=vital-signs, results are filtered to vital-signs observations only.
Interaction Endpoint Read GET /Observation/{id}Search (GET) GET /ObservationSearch (POST) POST /Observation/_search
Search Parameters: _id, patient, category, code, date, _count, _revincludeSupported category values: http://terminology.hl7.org/CodeSystem/observation-category|vital-signs http://terminology.hl7.org/CodeSystem/observation-category|laboratory http://terminology.hl7.org/CodeSystem/observation-category|social-history http://terminology.hl7.org/CodeSystem/observation-category|survey http://hl7.org/fhir/us/core/CodeSystem/us-core-category|sdoh
Required scope: patient/Organization.rsInteraction Endpoint Read GET /Organization/{id}Search (GET) GET /Organization
Required scope: patient/Practitioner.rsInteraction Endpoint Read GET /Practitioner/{id}Search (GET) GET /Practitioner
Search Parameters: _id, name, family, given, telecom, address, address-city, address-state, address-postalcode, identifier, _countRequired scope: patient/Procedure.rsInteraction Endpoint Read GET /Procedure/{id}Search (GET) GET /ProcedureSearch (POST) POST /Procedure/_search
Search Parameters: _id, patient, date, code, status, category, performer, identifier, _count, _revincludeRequired scope: valid Bearer token (JWT)Provenance resources are returned inline via _revinclude=Provenance:target on any resource search. They can also be read directly by ID.
Interaction Endpoint Read GET /Provenance/{id}
Note: To include Provenance in a search response, add _revinclude=Provenance:target to any resource search. Provenance entries appear in the Bundle with search.mode = include.Required scope: patient/RelatedPerson.rsInteraction Endpoint Read GET /RelatedPerson/{id}Search (GET) GET /RelatedPerson
Search Parameters: _id, patientRequired scope: patient/ServiceRequest.rsInteraction Endpoint Read GET /ServiceRequest/{id}Search (GET) GET /ServiceRequestSearch (POST) POST /ServiceRequest/_search
Search Parameters: _id, patient, category, code, authored, status, intent, identifier, _count, _revincludeRequired scope: patient/Specimen.rsInteraction Endpoint Read GET /Specimen/{id}Search (GET) GET /Specimen
Bulk Data API The server implements the HL7 FHIR Bulk Data Access (Flat FHIR) v2.0 specification.
Export Type Endpoint Description Group Export GET /Group/{group_id}/$exportExport data for all patients in a specific group Patient Export GET /Patient/$exportExport data for all patients the client has access to System Export GET /$exportSystem-level export of all resources
All export requests require the Prefer: respond-async202 Accepted with a Content-Location header pointing to the status endpoint.
Optional query parameters: _outputFormat, _sinceOperation Endpoint Description Check Status GET /bulk-status/{job_id}Poll job status; returns 202 while in progress, 200 with manifest when complete Cancel Job DELETE /bulk-status/{job_id}Cancel an in-progress export job Download File GET /bulk_files/{filename}Download an exported NDJSON file
Status responses:
202 AcceptedX-Progress header — job in progress200 OKoutput[] URLs for each resource type500OperationOutcome — job failed
Exported files are in application/fhir+ndjson format, one resource per line.
Operation Endpoint List Groups GET /GroupRead Group GET /Group/{id}
Responses and Error Handling Successful Responses Status Meaning 200 OKRequest succeeded; body contains FHIR resource or Bundle 202 AcceptedBulk export accepted; polling in progress
Error Responses All error responses return a JSON body with a detail field (non-FHIR endpoints) or a FHIR OperationOutcome resource (bulk data endpoints).
Status Meaning 400 Bad RequestInvalid request parameters or malformed token 401 UnauthorizedMissing or invalid Bearer token 403 ForbiddenToken valid but insufficient scope for the requested resource 404 Not FoundResource with the given ID does not exist 500 Internal Server ErrorUnexpected server error
Additional Notes
Read-only API: All resource interactions are read (search-type, read) only. Write operations are not supported. Provenance via _revinclude: To retrieve Provenance alongside any resource, append _revinclude=Provenance:target to any search query.FHIR Version: FHIR R4B (4.0.1)US Core Version: 6.1.0Content Type: All responses use application/fhir+jsonConnections: TLS 1.2 or higher required ; connections below 1.2 are rejected.
Service Base URL The published Service Base URL directory (FHIR Endpoint Bundle) for the Commure EHR FHIR API is available at:
https://onc.api.staging-ehr.athelas.com/onc/base.json 