Checking for EHR vendor in Conformance Statement

55 views
Skip to first unread message

Tony Jin

unread,
Apr 8, 2019, 7:58:04 PM4/8/19
to cerner-fhir...@googlegroups.com
Hello,

Does anyone know whether the "publisher" and "name" fields in the Conformance Statement will remain the same across most/all of Cerner's FHIR endpoints?

I'm looking for a way for my app to determine whether it is interfacing with a Cerner (vs. Epic, AllScripts, etc.) endpoint.

Any insights or suggestions would be much appreciated.

Thank you.
Tony

Benjamin Eichhorn (Cerner)

unread,
Apr 9, 2019, 9:20:13 AM4/9/19
to Cerner FHIR Developers
Hi Tony,

We have no plans to change those fields and they should remain consistent across domains for DSTU2.

Thanks,
Ben (Cerner)

Jenni Syed (Cerner)

unread,
Apr 15, 2019, 12:16:27 PM4/15/19
to Cerner FHIR Developers
Hi Tony,

One other recommendation (without much background on how your app works): make sure you whitelist the FHIR endpoints that the app trusts or can connect with. This avoids your app getting launched against an untrusted FHIR server and sending bearer tokens and other security information there.

Regards
~ Jenni


Tony Jin

unread,
Apr 18, 2019, 11:01:50 AM4/18/19
to cerner-fhir...@googlegroups.com
Ben and Jenni, thank you for the helpful responses.

The app whose code I'm editing was first developed against Epic's FHIR API and uses some Epic-specific features, such as the launch context token %EPICUSERID% (useable in the launch URI) and the ability to grant offline refresh tokens for provider apps.

As such, we wanted to have the app identify the whether it's launched against Epic or Cerner and adjust its authorization request / routines accordingly.
Reply all
Reply to author
Forward
0 new messages