Customer
Overview
Each customer is typically allocated 1 dedicated instance for each of their inbound FHIR feeds to PKB, which provides full read/write support for all REST interactions, for all resource types, available in the customer's choice of STU3 or R4. Read/write access to each endpoint is restricted to the customer who owns it, and they are responsible for securely managing the credentials provided for that endpoint.
This endpoint is sometimes refered to as an “upstream” FHIR endpoint, and will be referenced as such in this documentation.
Although a customer can read all data they send to their own upstream endpoint, such data must always go through the aggregated endpoint in order to be made available to other users. Once support for a data type has been added to the aggregated endpoint, other system components (e.g. the web interface, Custom REST API, Facade FHIR endpoint) will be upgraded to read from the aggregated endpoint, so that these will return data added to an upstream endpoint, ensuring that this data is available to users who will not be querying the aggregated endpoint directly. It is therefore mandatory that all customers who wish to use an upstream FHIR endpoint, even if they do not intend to utilise the capabilities of the aggregated endpoint, must ensure their data conforms to the aggregation validation expectations discussed below.
What you can do with this endpoint
Read/write all standard FHIR resources
What you cannot do with this endpoint
Read data from other sources
Capabilities
A Customer FHIR endpoint can be made available in either STU3 or R4 versions of FHIR.
The endpoint supports the full range of REST interactions for all resource types in the corresponding version of FHIR. This includes support for providing resources using a batch/transaction interaction.
The CapabilityStatement on each endpoint details the full capabilities available for use.
Resources will only be available outside of your Customer endpoint (e.g. in the PKB web interface) if the resource type is supported by the Aggregated FHIR endpoint.
Endpoint
Each Customer endpoint will be given a dedicated subdomain URL on the corresponding server environment.
For example, PKB's sandbox environment has a server host address of: https://sandbox.patientsknowbest.com
The corresponding Customer FHIR endpoint for Acme might be: https://acme.fhir-api.sandbox.patientsknowbest.com
Authentication
Customer
OAuth 2.0 System Client Credentials
Callers should obtain an access token by using the OAuth 2.0 Client Credentials workflow.
Note: the token endpoint is different from the one used for the Facade and Messaging FHIR endpoints, and the tokens are not interoperable.
Partner
Pending
App
Customer FHIR endpoints only support system-level access, and consequently user-level access (such as NHS Login) cannot be used to access them.
Validation and business rules
See Customer Interface Requirements for general and resource-specific requirements
Examples
See the Examples page for step-by-step examples of how to send and fetch FHIR data.
Roadmap
Please see the Customer Roadmap page for planned changes to this endpoint.
Patients Know Best Wiki Hub | Deploy | Developer | Trust Centre | Manual | Research | Education | Release Notes
© Patients Know Best, Ltd. Registered in England and Wales Number: 6517382. VAT Number: GB 944 9739 67.
This API specification and design is licensed under a Creative Commons Attribution 4.0 International License.