Access Data through XEServer Route

To access data through the XEServer route, you can use the FHIR Search component in your route. The following is an example of how you can set up the component to access a patient's data through the API. The FHIR Search component uses the GET HTTP method to receive data and uses the authorization defined in the FHIR service.

1. To retrieve the Explanation of Benefits resource for the patient with the FHIR ID 22, add two URI query parameters (you can add as many parameters as you require):

• _id=22
• _revinclude=ExplanationOfBenefit:patient

2. To get the response in the format that you require, select the required Response Type. For more information on the FHIR Search component, click here.
3. On the Search tab, click View, and then on the Authorization tab, provide the following OAuth 2.0 settings for FHIR service:

• Protocol Flow: Defines the OAuth grant type that is used to conduct the authorization flow. In this sample scenario, Resource Owner Password Credentials Grant is used, and the FHIR service transfers the end user's credentials to the FHIR server.
• Access Token endpoint: The RESTful endpoint of the XEConnect Authorization service that obtains an access token. A call to this endpoint returns a short-lived JWT token that grants access to the FHIR server.
• Scope: The permissions requested from the authorization server. In this sample scenario, scopes are ignored.
• Client Identity / Secret: The Client ID and the Client Secret of the client you have pre-registered in XEConnect Client Management.
• Resource Owner Username / Password: The credentials of the end user (patient's credentials) that are used to log into the FHIR web portal.

For more information on the XEConnect Authorization service, click here.