Questions? Give as a call at (800) 995-6997

API SYNTAX AND RESOURCES DOCUMENTATION

Our API service is powered by EMR Direct’s Interoperability Engine v1.1.2 and implements the following FHIR API standards:

To access our API resources, your application should be capable of connecting to and retrieving data from our FHIR servers. If you are developing a client application that will query HL7 FHIR® data sources enabled by EMR Direct’s Interoperability Engine, please refer to the following resources for detailed information about the technical requirements:

SANDBOX
FHIR Base URL
FHIR Base OAuth URL
PRODUCTION
FHIR Base URL
FHIR Base OAuth URL
ENDPOINTS
Metadata
{fhirBaseUrl}/metadata
Authorization
{fhirBaseOauthUrl}/authz
Token
{fhirBaseOauthUrl}/token
Registration
{fhirBaseOauthUrl}/register
Token revocation
{fhirBaseOauthUrl}/manage

We leverage EMR Direct’s Interoperability Engine Open API to power Zoobook EHR’s FHIR API capabilities. See the Interoperability Engine Terms Of Use.

REGISTRATION PROCESS REQUIREMENTS

If you already have such application, you will need to follow our registration process below:

1. Single Patient API Access

  • This will enable your FHIR-enabled application to query FHIR API Resources using the authorization code flow. If this is what you are looking for, you can go to our Single Patient Registration.
    • If your application is capable of storing a client secret, make sure to tick the checkbox This client application is a confidential client capable of storing a client secret to get your auto-generated client secret upon registration.
    • If your application is a native application capable of securing a refresh token, make sure to tick the checkbox This client application is a native application capable of securing a refresh token for your application to be authorized to request refresh tokens when offline_access scope is granted (subject to approval by the end-user during the sign in and authorization process).
  • If your application is capable of the EHR Launch feature (launching your application in our EHR with patient context), we will need the following information to allow an end-user to launch your application in our EHR:
    • App Name – Human-readable application name
    • Launch Endpoint – Redirect URI of your application for EHR Launch
  • End users can use their existing Zoobook EHR credentials during the sign in and authorization process.
  • Only authorized Patients of the end-user in our EHR will be shared to your application.

2. Multi-Patient API Access (Bulk Data)

  • If you wish to have an organization-level integration with our API that allows your application to perform bulk data requests (multiple patients) using the client credentials flow, we will need to register your application in our authorized list. You will need to provide us the following information for your application to be authorized:
    • App Name – Human-readable application name
    • Contact Email – An email address where the app developer may be contacted
    • Public Keys (JWKS Url) – URL to retrieve the public keys used by your application in JWKS format
  • This will not require an end-user interaction (sign-in and authorization process) used in Single Patient API Access because it uses the client credentials flow.
  • After our registration, your application will be able to query FHIR API Resources for Bulk Data requests.
  • Only authorized Patients of your application in our EHR will be shared.

You may also contact us at support@zoobooksystems.com if you have questions or need assistance regarding the registration.

Setting up an authorized API account with Zoobook allows you to connect to our API servers and retrieve all patient health information hosted by us that you are legally allowed to access. Zoobook charges base on the number of API request you will make in a day along with the size of data downloaded per request.

We offer downloads of anything less than 1 MB per transaction at no additional cost. Data amounting to more than 1 MB per request would incur additional charges. We charge based on rounding off to the next MB ceiling hence a 1.4 MB of download consumed by a request for instance would be charged as a 2 MB download.

You may contact us at support@zoobooksystems.com and we will assist in finding the best pricing for you.

The patient health information the API user requests to access would be subject to review to determine its legality and to confirm consent of all the relevant individuals involved.

Zoobook reserves the right to restrict access to specific sets of data if Zoobook deems that the API user does not possess the necessary rights to obtain the requested information.

The amount of data that can be retrieved is based on the resources mandated to be accesible by the ONC. For specific details on the USCDI Data Classes, US Core Profiles, FHIR Resources, and USCDI Data Elements that ought to be available from the API, see the following certification criteria links:

If legally accessible information is needed beyond the required data as stated above, you can contact us and we will work with you in building additional clinical data access points tailored to your specific needs.

As part of the CURES act mandate to avoid information blocking, we allow authorized API users to retrieve every legally accessible information they require with no restriction.

Once the API user is added to our authorized list, there is no additional step required when accessing the information outside the usual token authorization steps when connecting to our API server. We will disseminate such information over secure and encrypted channels using the FHIR® API infrastructure.

Zoobook System Background