This data model allows you to connect to other applications via Redox by securely sharing the login context. This is common for providers launching an integrated application from within the EHR system. With SSO, providers can automatically log in, as well as pass context, like which patient and visit are open. Learn more about how Redox supports SSO.
To do this, the EHR system must be capable of making an outbound SAML request. As with all of our data models, we provide abstraction, standardization, and normalization services to deliver a consistent experience for developers.
If you're interested in launching an app from a patient portal, see our SMART on FHIR® option.
Sign-onSend login context in the body of a POST request.
This event type provides a mapping between existing Redox sources and destinations, as well as the claims in the JSON web token in a Redox data model format.
Request Body Schema
- Metarequired, object
- DataModelrequired, stringReliable
SSO
- EventTyperequired, stringReliable
Sign-on
- EventDateTimestring, nullReliable
DateTime of the event.
ISO 8601 Format - Testboolean, nullReliable
Flag as a test message
- Sourceobject
Where the message originated.
Included in messages from Redox- IDstring, nullReliable
ID of the source.
UUID - Namestring, nullReliable
Name of the source
- SessionIDstring, nullPossible
Session ID to be passed through for 3rd party sessions.
This is used for SMART App Launch and other OAuth/OpenID Connect flows where an access token is provided in addition to the SSO claims. The SessionID can be used on subsequent Redox API requests to fetch data. - SessionBaseURLstring, nullPossible
The Base URL to use when issuing Redox FHIR queries within the SSO session context.
See our docs on SMART via Redox for more details on how to use this field. - DestinationsArray of object
List of destinations to send your message to. All messages must have at least one destination. Queries accept only one destination.
Required when sending data to Redox- IDstring, nullReliable
ID of the destination.
UUID - Namestring, nullReliable
Name of the destination
- FacilityCodestring, nullPossible
Code for the facility related to the message.
Only use this field if a health system indicates you should. The code is specific to the health system's EHR and might not be unique across health systems. In general, the facility fields within the data models (e.g. OrderingFacility) are more reliable and informative.
- Subjectrequired, stringReliable
Subject Identifier. A locally unique and never reassigned identifier for the End-User, which is intended to be consumed by the Client.
TheSubjectvalue is a case sensitive string. - Expirationrequired, stringReliable
Expiration time on or after which the ID Token MUST NOT be accepted for processing. The processing of this parameter requires that the current date/time MUST be before the expiration date/time listed in the value. Its value is a JSON number representing the number of seconds from 1970-01-01T0:0:0Z as measured in UTC until the date/time.
Typically we send date/times in ISO 8601 but this is sent as an epoch to stay compatible with JWT. - IssuedAtrequired, stringReliable
Time at which the JWT was issued. Its value is a JSON number representing the number of seconds from 1970-01-01T0:0:0Z as measured in UTC until the date/time.
Typically we send date/times in ISO 8601 but this is sent as an epoch to stay compatible with JWT. - UserIdstring, nullPossible
End-User's user identification, the logical entity used to identify a user on a software, system, or websites.
- Namestring, nullProbable
End-User's full name in displayable form including all name parts, possibly including titles and suffixes, ordered according to the End-User's locale and preferences.
- FirstNamestring, nullProbable
Given name(s) or first name(s) of the End-User. Note that in some cultures, people can have multiple given names; all can be present, with the names being separated by space characters.
- LastNamestring, nullProbable
Surname(s) or last name(s) of the End-User. Note that in some cultures, people can have multiple family names or no family name; all can be present, with the names being separated by space characters.
- MiddleNamestring, nullProbable
Middle name(s) of the End-User. Note that in some cultures, people can have multiple middle names; all can be present, with the names being separated by space characters. Also note that in some cultures, middle names are not used.
- EmailAddressstring, nullProbable
End-User's preferred e-mail address. Its value MUST conform to the RFC 5322 [RFC5322] addr-spec syntax. This field is not guaranteed to be unique.
- NPIstring, nullProbable
End-User's NPI number. Note that not all providers will have an NPI number.
- ProviderSpecialtystring, nullPossible
The provider specialty. Note that not all providers will have a specialty.
- TimeZonestring, nullProbable
String from IANA time zone database representing the End-User's time zone. For example, Europe/Paris or America/Los_Angeles.
- Localestring, nullProbable
End-User's locale, represented as a BCP47 [RFC5646] language tag. This is typically an ISO 639-1 Alpha-2 [ISO639‑1] language code in lowercase and an ISO 3166-1 Alpha-2 [ISO3166‑1] country code in uppercase, separated by a dash. For example, en-US or fr-CA. As a compatibility note, some implementations have used an underscore as the separator rather than a dash, for example, en_US; Relying Parties MAY choose to accept this locale syntax as well.
- PhoneNumberobject
- Officestring, nullProbable
End-User's preferred telephone number. E.164 [E.164] is RECOMMENDED as the format of this Claim, for example, +1 (425) 555-1212 or +56 (2) 687 2400. If the phone number contains an extension, it is RECOMMENDED that the extension be represented using the RFC 3966 [RFC3966] extension syntax, for example, +1 (604) 555-1234;ext=5678.
- Patientobject
- IdentifiersArray of object
An array of identifiers for the patient.
Not all SSO sessions will have a Patient context attached.- IDstring, nullProbable
The identifier.
- IDTypestring, nullProbable
The type of the identifier.
For example, MRN.
- Demographicsobject
- FirstNamestring, nullProbable
First Name of the Patient
- LastNamestring, nullProbable
Last Name of the Patient
- MiddleNamestring, nullProbable
Middle Name of the Patient
- DOBstring, nullProbable
Date of birth of the Patient
- Sexstring, nullProbable
Patient's Sex
- PhoneNumberobject
- Homestring, nullProbable
Patient's home phone number.
In E. 164 Format. (e.g. +16085551234) - Officestring, nullProbable
Patient's office phone number.
In E. 164 Format. (e.g. +16085551234) - Mobilestring, nullProbable
Patient's mobile phone number.
In E. 164 Format. (e.g. +16085551234)
- Addressobject
Patient's home address
- StreetAddressstring, nullProbable
Street address
- Citystring, nullProbable
City
- Statestring, nullProbable
State
- ZIPstring, nullProbable
ZIP
- Countystring, nullPossible
County
- Countrystring, nullPossibleValue Set
Country
- Visitobject
- VisitNumberstring, nullReliable
Number for the visit
- Locationobject
Location of the visit.
- Typestring, nullProbable
Type of location.
Examples: Clinic, Department, Home, Nursing Unit, Provider's Office, Phone - Facilitystring, nullProbable
Facility.
Example: Community Hospital - FacilityIdentifiersArray of object
List of IDs specific to this facility
- IDstring, nullProbable
An ID specific to this facility
- IDTypestring, nullProbable
The source or system to which this ID pertains.
Could be an OID or a human-readable name
- Departmentstring, nullProbable
Department
- DepartmentIdentifiersArray of object
List of IDs specific to this department
- IDstring, nullProbable
An ID specific to this department
- IDTypestring, nullProbable
The source or system to which this ID pertains.
Could be an OID or a human-readable name
- Roomstring, nullProbable
Room.
Example: 136
- Orderobject
- IDstring, nullPossible
ID of the order assigned by the placing system