RESTful API
FHIR is described as a "RESTful" specification based on common industry-level use of the term REST.
Each "resource type" has the same set of interactions defined that can be used to manage the resources in a highly granular fashion, i.e., CRUD (create, read, update and delete).
Note that in this RESTful framework, transactions are performed directly on the server resource using an HTTP request/response. The API does not directly address authentication, authorization, and audit collection. All the interactions are described for synchronous use, and an asynchronous use pattern is also defined.
The API describes the FHIR resources as a set of operations (known as "interactions") on resources where individual resource instances are managed in collections by their type. Kodjin FHIR Server provides a Capability Statement that specifies which interactions, resources, and their profiles are supported.
| Interactions | |
|---|---|
| Instance Level Interactions | |
read |
Read the current state of the resource |
vread |
Read the state of a specific version of the resource |
update |
Update an existing resource by its id (or create it if it is new) |
patch |
Update an existing resource by posting a set of changes to it |
delete |
Delete a resource |
history |
Retrieve the change history for a particular resource |
| Type Level Interactions | |
create |
Create a new resource with a server assigned id |
search |
Search the resource type based on some filter criteria |
history |
Retrieve the change history for a particular resource type |
| Whole System Interactions | |
capabilities |
Get a capability statement for the system |
batch/transaction |
Update, create or delete a set of resources in a single interaction |
history |
Retrieve the change history for all resources |
search |
Search across all resource types based on some filter criteria |
In addition to these interactions, there is an operations framework, which includes endpoints for validation, messaging and Documents.
Create
The create interaction creates a new resource in a server-assigned location. The create interaction is performed by an HTTP POST command as shown below:
POST [base]/[type]
The request body SHALL be a FHIR Resource of the named type. The resource needs to have an ID element (this is different from official FHIR specification where the ID is server generated). Client generated GUIDs as ids are preferable. If the request body includes a meta, the server ignores the passed versionId and lastUpdated values. Instead the server populates the meta.versionId and meta.lastUpdated with the new correct values.
The server returns a 201 Created HTTP status code, and also returns a Location header which contains the new Logical ID and Version ID of the created resource version:
Location: [base]/[type]/[id]/_history/[vid]
Read
The read interaction accesses the current contents of a resource. The interaction is performed by an HTTP GET command as shown below:
GET [base]/[type]/[id]
This returns a single instance with the content specified for the resource type. Server returns an ETag header with the versionId of the resource (if versioning is supported) and a Last-Modified header.
Update
The update interaction creates a new current version for an existing resource. The update interaction is performed by an HTTP PUT command as shown:
PUT [base]/[type]/[id]
The request body SHALL be a Resource of the named type with an ID element that has an identical value to the [ID] in the URL. If no ID element is provided, or the ID doesn't match with the ID in the URL, the server responds with an HTTP 400 error code. If the request body includes a meta, the server SHALL ignore the provided versionId and lastUpdated values. It populates the meta.versionId and meta.lastUpdated with the new correct values.
If the interaction is successful and the resource was updated, the server returns a 200 OK HTTP status code. The server also returns a Location header which contains the new Logical ID and Version ID of the created resource version:
Location: [base]/[type]/[id]/_history/[vid]
where [id] and [vid] are the existing or newly created ID and version ID for the resource version.
The server returns an ETag header with the versionId and a Last-Modified header. The body of the response is the resource being updated.
Kodjin supports create as update operation, meaning that a client can PUT a resource to a location that does not yet exist on the server. In this case the server will return 201 Created status code and Location header.
Patch
As an alternative to updating an entire resource, clients can perform a patch interaction. This can be useful when a client is seeking to minimize its bandwidth utilization or in scenarios where a client has only partial access or support for a resource. The patch interaction is performed by an HTTP PATCH command as shown below:
PATCH [base]/[type]/[id]
The body of a PATCH interaction SHALL be a JSON patch document with a content type of application/json-patch+json.
Example - Patch
curl --location --request PATCH 'https://demo.kodjin.com/fhir/Patient/ac5b5b83-8c6a-43c9-98cd-0ce842b888ad' \
--header 'content-type: application/json-patch+json' \
--data-raw '[
{ "op": "add", "path": "/address", "value":[]},
{ "op": "add", "path": "/address/0", "value":
{
"use" : "home",
"line" : ["23 thule st","avon"],
"city" : "Springfield",
"country" : "USA",
"text":"23 thule st"
}
}
]'
Version read
The vread interaction performs a version specific read of the resource. The interaction is performed by an HTTP GET command as shown below:
This returns a single instance with the content specified for the resource type for that version of the resource. The returned resource SHALL have an ID element with a value that is the [id], and a meta.versionId element with a value of [vid]. Servers returns an ETag header with the versionId and a Last-Modified header.
The Version ID ("vid") is an opaque identifier that conforms to the same format requirements as a Logical ID. The ID may have been found by performing a history interaction (see below), by recording the version ID from a content location returned from a read, or from a version specific reference in a content model.
The versioning feature works only if it’s enabled in the FHIR Server. This feature requires additional server resources.
Delete
The delete interaction removes an existing resource. The interaction is performed by an HTTP DELETE command as shown below:
DELETE [base]/[type]/[id]
A delete interaction means that the resource is no longer found through a search interaction. Subsequent non-version specific reads of the resource return a 404 Not found HTTP status code when the server wishes to indicate that the resource is deleted. Upon successful deletion, or if the resource does not exist at all, the server should return a 204 No Content with no response payload.
Many resources have a status element that overlaps with the idea of deletion. Each resource type defines what the semantics of the deletion interactions are. If no documentation is provided, the deletion interaction should be understood as deleting the record of the resource, with nothing about the state of the real-world corresponding resource implied.
For servers that maintain a version history, the delete interaction does not remove a resource's version history. From a version history respect, deleting a resource is the equivalent of creating a special kind of history entry that has no content and is marked as deleted.
Conditional update
The conditional update interaction allows a client to update an existing resource based on some identification criteria, rather than by logical ID. To accomplish this, the client issues a PUT as shown:
PUT [base]/[type]?[search parameters]
When the server processes this update, it performs a search using its standard search facilities for the resource type, with the goal of resolving a single logical ID for this request. The action it takes depends on how many matches are found:
- No matches, ID provided and doesn't already exist: The server treats the interaction as an Update as Create interaction
- No matches, ID provided and already exist: The server rejects the update with a 422 error
- One Match: The server performs the update against the matching resource
- Multiple matches: The server returns a 412 Precondition Failed error indicating the client's criteria were not selective enough
Conditional delete
The conditional delete interaction allows a client to delete an existing resource based on some selection criteria, rather than by a specific logical ID. To accomplish this, the client issues an HTTP DELETE as shown:
DELETE [base]/[type]?[search parameters]
When the server processes this delete, it performs a search as specified using the standard search facilities for the resource type. The action it takes depends on how many matches are found:
- No matches or one match: The server performs an ordinary delete on the matching resource.
- Multiple matches: A server returns a 412 Precondition Failed error indicating the client's criteria were not selective enough.