Assigned to aaron....@oracle.com by me
Pavan Patidar
Hello,
We are working on a web based application that will be used by multiple clinics that use Cerner EHR. The application will be required to upload attachments to patients' charts on behalf of the doctors and other staff working for the clinics. Also these uploads are to be run in an automated manner(without any manual intervention, like a provider having to login to the an authorization server to complete the oauth flow). After reading the documentation, I think it is possible. Here's how I think this would work. Correct me if I'm wrong
(1) This will require getting a system account as described at https://fhir.cerner.com/authorization/#registering-a-system-account
(2) The application will use the 'Client Credentials' authorization flow described at https://fhir.cerner.com/authorization/authorization-specification/#client-credentials-flow, to get a token that will be used in subsequent API calls. This flow can be carried out from code using some kind of http client library like Apache HttpClient, and does not require a browser(This is important because the automation needs to work without manual intervention).
(3) Use the token obtained in step(2) to make the API calls
Assuming that the above will work, for an application that is multi-tenant SaaS (serving many clinics), will a single system account and the same set of credentials be used for integrating with EHR setups of all our clients, with possibly only the endpoint used for getting the token changing according to the clinic?
