SMART On FHIR App Connection

This guide will help you through the steps of connecting your SMART on FHIR application to 1upHealth. This guide will cover the process of creating an application with 1upHealth and how to use Oauth with the 1upHealth Authorization Server.

Step 1: Create an Account

  1. Create An Account or simply sign in to our developer console.
  2. Once you have created an account, please Create An Application and save the credentials. Important: When you create the account, you will be asked to enter your redirect_uri. Make sure that you get this correct or you will need to create a new application (you can not edit the redirect_uri directly in the developer console).

Step 2: Metadata Endpoint

To determine which authorize and token endpoints to use, you should make a GET request to the metadata endpoint:

curl -X GET 'https://api.1up.health/fhir/${fhir_version}/metadata' \
  --header 'Accept: application/json' 

The current options for fhir_version are: dstu2, stu3 and r4.

Step 3: Your Application Requests A Code

Your application will use a stand_alone launch and directly hit our authorization server at https://1up.health/auth/heart.com/authorize. When you hit this endpoint, you will need to include the following query string parameters.

  • response_type: This must contain the value code.
  • client_id: This must contain the client_id of the application you previously registered in the 1upHealth developer console.
  • redirect_uri: This must contain the redirect_uri you registered with your application.
  • state: If you choose to pass a state with the request, the authorization server will simply return it as a querystring parameter when redirecting to your application. This parameter is not required but it is recommended that it is used to confirm the validity of a session. See more here.

Here is a sample request with variables that you need to fill in:

https://1up.health/auth/heart.com/authorize?response_type=code&aud=https://api.1up.health/fhir/r4&client_id={client_id}
&state=${state}&redirect_uri=${app_redirect_uri}

When you arrive at the authorization page, you will need to enter the username and password for a user. We recommend you use one of our test users that is already populated with synthetic r4 data:

username: 1up
password: iscool
username: john_doe
password: temp1234

You can also create your own using the user sign up form and load data into it using our Patient Application. For more information on SMART on FHIR please visit: http://www.hl7.org/fhir/smart-app-launch/

Unsupported Features

user management api: This authorization flow does not support users created using this api because they do not have a username or password that is hosted by 1upHealth.
clientid and clientsecret auth: We do not support this authorization flow currently but we will be rolling out its support in the future.

Questions or problems?

Reach out to our support team: support@1up.health