From 6cbb8370d9b29e4dae1450180623df216e1c87d7 Mon Sep 17 00:00:00 2001 From: Ashley Weaver Date: Mon, 7 Oct 2024 12:40:26 -0400 Subject: [PATCH] Update IP address instruction for prod --- _config.yml | 10 ++++++---- common/docsV1.md | 26 +++++++++++++++++--------- 2 files changed, 23 insertions(+), 13 deletions(-) diff --git a/_config.yml b/_config.yml index a262a394..d75b71da 100644 --- a/_config.yml +++ b/_config.yml @@ -80,10 +80,12 @@ guide1_nav: id: step-two-client-tokens - title: Step Three: Public Keys id: step-three-public-keys - - title: Step Four: JSON Web Tokens - id: step-four-json-web-tokens - - title: Step Five: Access/Bearer Token - id: step-five-accessbearer-token + - title: Step Four: IP Addresses (production only) + id: step-four-ip-addresses-prod + - title: Step Five: JSON Web Tokens + id: step-five-json-web-tokens + - title: Step Six: Access/Bearer Token + id: step-six-accessbearer-token - title: Attestation & Attribution id: attestation--attribution subnav: diff --git a/common/docsV1.md b/common/docsV1.md index d5b75ab7..6b65cce1 100644 --- a/common/docsV1.md +++ b/common/docsV1.md @@ -9,15 +9,15 @@ side_nav_items: guide1_nav Welcome to the Data at the Point of Care (DPC) pilot API program! This documentation covers using the API in the sandbox environment with synthetic data. -# Authorization +# I: Authorization ------------------ -## Step One: Request Access +## 1: Request Access Any Fee-for-Service provider organization or Health IT implementer may request access to the sandbox environment and obtain synthetic data by signing-up for an account through the Sandbox Sign Up / Login page. You will receive a confirmation email from CMS upon account creation. Once your account has been assigned to an organization, you will be notified with a second email, which will include next steps and an invite to join our Google Group community. At this time, you may log in to the DPC Portal at https://dpc.cms.gov to create your first client token and start your journey with the DPC pilot API! -## Step Two: Client Tokens +## 2: Client Tokens Create client token
Create multiple client tokens
@@ -180,7 +180,7 @@ Client_token IDs can be found either at creation or as the result of [listing cl 200 - Token was removed ~~~ -## Step Three: Public Keys +## 3: Public Keys Upload your first public key
Create a public key signature
@@ -370,7 +370,15 @@ The response from the API will include the client_token in the token field. 200 - Key was removed ~~~ -## Step Four: JSON Web Tokens +## 4: IP Addresses + +Note: This step is required only for access to production data. You complete this step in the DPC Portal. + +You'll need to provide a public IP address for your organization. This address is associated with the systems that will be accessing production data. You'll choose a descriptive name for your address and enter it in the Portal in the form XXX.XXX.XX.XX. + +Note: You can use a maximum of 8 IP addresses. Only IPv4 addresses are allowed. DPC doesn't support IP address ranges. + +## 5: JSON Web Tokens Validate a JSON web token for DPC @@ -448,7 +456,7 @@ POST /api/v1/Token/validate #### Response: The response from the API will return with a HTTP 200 if the JWT is valid; otherwise, an error message will be returned. -## Step Five: Access/Bearer Token +## 6: Access/Bearer Token Obtain an access_token
Obtain a bearer_token @@ -596,7 +604,7 @@ fetch('https://sandbox.dpc.cms.gov/api/v1/Token/auth', { Back to Start of Section
Back to Top of Page -# Attestation & Attribution +# II. Attestation & Attribution ------------------ Before accessing patient data, DPC must establish that you have a valid patient-practitioner relationship with CMS Medicare and Medicaid Beneficiaries. This process is referred to as Attestation/Attribution in the DPC API. @@ -1554,7 +1562,7 @@ The response will return a Back to Start of Section
Back to Top of Page -# Export Data +# III. Export Data ------------ The primary interaction with the DPC pilot API is via the FHIR /Group/$export operation. This allows an organization to export Patient, Coverage, and Explanation of Benefit data in an asynchronous and bulk manner. Details on the FHIR bulk data operations can be found in the FHIR Bulk Data Specification. @@ -2060,7 +2068,7 @@ To obtain the exported explanation of benefit data, a GET request is made to the Back to Start of Section
Back to Top of Page -# Postman Collection +# IV. Postman Collection This collection contains example requests to public endpoints for the DPC API. To use this collection, you must have the Postman App downloaded onto your computer. This will include the collection of requests, the sandbox environment, and global variables to be imported into your Postman App.