ETT Scorecard PDF API Endpoint
88 views
Skip to first unread message
Mat Davis
May 10, 2024, 5:51:29 AM5/10/24
to Edge Test Tool (ETT)
Overview
Response Error: "Received an invalid header name: 'max-age=3600'."
Scorecard Documentation: https://site.healthit.gov/scorecard/ > Scorecard API and External Tool Instructions
Details
- When trying to make a POST request, I am getting back the following error
2. Looks like the response header value is being used for the response header name, am I mistaken?
Thanks - Mat
Kim Poletti
May 10, 2024, 11:53:25 AM5/10/24
to Edge Test Tool (ETT)
Hi - Thanks for reaching out. This has been
logged for review and a member of the team will reach out in the near future.
Mat Davis
May 10, 2024, 6:02:49 PM5/10/24
to Kim Poletti, Edge Test Tool (ETT)
Thanks Kim
Here are a few screenshots from Postman as well
--
You received this message because you are subscribed to the Google Groups "Edge Test Tool (ETT)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to edge-test-too...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/edge-test-tool/1710a581-12e9-48c0-b986-bd726e80ee2fn%40googlegroups.com.
Kim Poletti
Jul 25, 2024, 1:51:32 PM7/25/24
to Edge Test Tool (ETT)
Hello Mat,
Scorecard API access is currently not available. If you wish to use the scorecard, you should either use the UI or install a local instance.
Thank you,
Kim
Mat Davis
Jul 27, 2024, 5:35:13 AM7/27/24
to Kim Poletti, Edge Test Tool (ETT)
Thanks Kim for the follow up. I’ll try those options on my end.
To view this discussion on the web visit https://groups.google.com/d/msgid/edge-test-tool/e1961b73-23d7-4a58-a32d-fcb3d581abb7n%40googlegroups.com.
Mat Davis
Dec 13, 2024, 7:57:23 AM12/13/24
to Edge Test Tool (ETT)
Final Testing Update
I took a 2nd stab at this via C#
NOTE: The invalid header name is still an issue and is still occurring
Knowing that, I now focused on a workaround vs trying to resolve the known issue directly
I had to rely on using "Sockets" to avoid the strict HTTP/1.1 validation that the "HttpClient" library uses
This means it can ignore the invalid header name and still produce the streaming bytes which produce the PDF that can be saved to a file
Reviewing some of the source code helped as well
Before - Failing Due To Invalid Header Name
Error: Received an invalid header name: 'max-age=3600'.
After - Success
Thanks - Mat
Dan Brown SITE
Dec 13, 2024, 12:08:16 PM12/13/24
to Edge Test Tool (ETT)
I'm glad you found a workaround, Matt.
The link you provided to the backend code for save report is a good resource. If someone is trying a post call for JSON, they can reference the webapp code in the same scorecard repo at https://github.com/onc-healthit/ccda-scorecard/tree/master/src/main/webapp, or the SITE UI 4 code at https://github.com/onc-healthit/site-ui-4/tree/main/src/components/c-cda/scorecard.
I want to be clear for anyone reading this in the future that, at the time of this post, our APIs are currently (and intentionally as to not risk issues with certification) not available for public use outside of the website (site.healthit.gov) or a local installation.
Mat Davis
Dec 13, 2024, 1:49:21 PM12/13/24
to Edge Test Tool (ETT)
Thanks Dan and thanks for this additional info.
I was testing this usage about 6 months ago but looks like the endpoints have changed based on the documentation.
Let me know if I need to change the endpoint I'm testing with via Postman and C#.
ETT Google Chat History
See here for previous endpoints mentioned
Current Info
Thanks - Mat
Dan Brown SITE
Dec 16, 2024, 1:49:31 PM12/16/24
to Edge Test Tool (ETT)
Those instructions are for the Scorecard batch app which is for running multiple files at once.
*We should really rewrite those instructions or remove the card. The only external API one can use is a local one. So, the only valid endpoints start with localhost. I will add a ticket to rewrite this info properly and/or remove or some combination.
The endpoint for getting back a PDF directly, which is what this thread is about, should be the same (as per the source code). However, as stated, it can only be run locally. Unfortunately, we don't offer the API from our server anymore. It's protected with authorization and has been for a year or so. We do this because we have had abuse in the past, and, we want to protect certification.
*We should really rewrite those instructions or remove the card. The only external API one can use is a local one. So, the only valid endpoints start with localhost. I will add a ticket to rewrite this info properly and/or remove or some combination.
The endpoint for getting back a PDF directly, which is what this thread is about, should be the same (as per the source code). However, as stated, it can only be run locally. Unfortunately, we don't offer the API from our server anymore. It's protected with authorization and has been for a year or so. We do this because we have had abuse in the past, and, we want to protect certification.
Mat Davis
Dec 17, 2024, 10:48:58 AM12/17/24
to Edge Test Tool (ETT)
Thanks for that extra clarity Dan!
What you said makes sense to me - especially the abuse of the API.
What you said makes sense to me - especially the abuse of the API.
I also agree on the documentation being updated for specific mention of which endpoints are now only to be used as local installations.
We'll let you know if any changes are seen on our end and if extra guidance is needed related to the endpoints.
We'll let you know if any changes are seen on our end and if extra guidance is needed related to the endpoints.
Thanks - Mat
Reply all
Reply to author
Forward
This conversation is locked
You cannot reply and perform actions on locked conversations.
0 new messages