As already explained in the Founda Fundamentals a client represents an application from an Application Provider that needs to interact with (clinical) system(s) in the Provider Organization's infrastructure.
An Application Provider requires at least one configured Client in order to set up Subscriptions and to receive authorizations from Provider Organizations. A Client of an Application Provider must always be authorized by a Provider Organization before the Application Provider can start using the Client and before sending API calls.
The API Gateway functionality in the console enables Application Providers to create (both Test & Production) clients and to get access to the Audit Record Repository. Within an existing Client, Application Providers can create subscriptions to messages from Provider Organizations. This tutorial explains the Application Providers Clients, the creation of subscriptions is explained in the separate Subscriptions tutorial.
An Application Provider can use the Console to:
Create Test Clients: Any form of application, automation, or other technology service that is created by an Application Provider and interacts with a Founda Sandbox is referred to as a Test Client. When a Test Client is created, a sandbox Provider Organization will automatically be created containing all FHIR 4 resources the Founda Health API supports. The Test Client will have unlimited privileges on those resources.
Create Production Clients: Any form of application, automation, or other technology service that is built for production use is referred to as a Production Client. A Production Client is created by the Application Provider and defines the (FHIR) scopes and other interactions the service requires. A Production Client must always be (prior) authorized by a Provider organization before it is allowed to interact with that Provider. When authorizing a Production Client, the Provider Organization accepts the (FHIR) scopes and interactions the Application Provider has defined.
Create Subscriptions: Configuration to receive all messages from the Provider Organization that meet certain conditions.
- Click on the “+ CREATE NEW” button to create a new client.
- Choose between a Production or a Test Client.
- Fill in the “Name” and “Description” field for the Client.
- In case of a Production Client; choose what FHIR Resource Actions are required for this Client (the Provider Organization needs to authorize this). The Client’s list of FHIR Resource Actions that the Client is authorized for is called the Scopes of the Client.
- In case of a Test Client; no FHIR Resource Actions need to be chosen. A Test Client is always authorized for all FHIR resource actions and automatically gets access to a Sandbox Provider Organization.
IHE Profiles organize and leverage the integration capabilities that can be achieved by coordinated implementation of communication standards and provide precise definitions of how standards can be implemented to meet specific clinical needs.
To simplify scope selection we have provided support for the most commonly used IHE profiles. You can simply select the most appropriate profile that meets your application’s clinical needs and we will fetch all the scopes that are required to facilitate the interactions. There’s also an option to create a selection from your custom FHIR resources.
After clicking on the ‘continue’ button, both for a Test Client and a Production Client, the credentials of the Client will be shown. A Client ID and the Client secret are displayed.
The Client secret will only be shown once, when the user creates the Client. Make sure to store this secret somewhere safe. It cannot be retrieved after it disappears from the Client screen.
After the Client is saved, two more functionalities appear within the Client overview. The client needs to request authorization from the provider organization, which is done by clicking on the ‘Request Authorization’ button. The details of the Subscriptions functionality are explained in the seperate Subscriptions part of the Console Manual.
Navigate to the client management tab in the left navigation page. The list of all clients on production and on test environment appear. Select the row for the client you want to request authorization for to move to the client overview page.
Client of an Application Provider must always be authorized by a Provider Organization before the Application Provider can start using the Client and before sending API calls.
Once an authorization request is sent to the provider, the status of the request would be ‘waiting for approval’. Once the provider approves your client’s request, the status would be changed to ‘approved’. The same client can be used to request authorizations for multiple providers.
Within the Client settings, there is also the possibility to delete a Client, this must be confirmed by typing the word DELETE in the text box.