Lab Network iframe
Version: 1.2 Welcome to Health Gorilla's Developer Portal. Access API documentation for our suite of clinical data APIs.
The Lab Network iFrame allows developers to embed our ordering portal UI into their own products. This functionality enables users (providers or assisting staff) to submit lab orders through Health Gorilla without leaving their product's UI. The Lab Network iFrame supports lab orders only and does not support results delivery. This guide describes the iframe API and contains simple examples of requests to the corresponding endpoints.
Resources
- OAuth 2.0
- JSON-RPC Protocol Specification - http://www.jsonrpc.org/specification
1. Using OAuth 2.0 to Access Health Gorilla Diagnostic Network iframe
OAuth 2.0 protocol is used to secure Health Gorilla's API.
Your application must get an access token to access private data using Health Gorilla's API.
- The place_orders scope is required to be granted to your client application to submit orders via Health Gorilla API.
You must follow OAuth 2.0 guidelines when making calls to Health Gorilla API.
2. Endpoints
Health Gorilla endpoints are accessible only over SSL, and plain text HTTP calls are rejected.
2.1. Lab Network iFrame API Endpoint
This service is based on the JSON-RPC protocol. You should be familiar with JSON-RPC protocol specification to clarify the common rules and error handling.
Health Gorilla healthcare providers endpoint is:
https://api.healthgorilla.com/doctor/api3. API Definition
3.1. Place Order Request
To begin the application makes JSON-RPC call to Lab Network iFrame API Endpoint. You may pass in the patient by lookup, or patient by reference.
3.1.1 Patient By Lookup
Request contains the following fields:
Field | Values | Description |
|---|---|---|
facilityType | One of the facility types available for ordering. | Identifies the type of the order. |
patient | Defines the patient for the order. You may either pass in a patient profile using the patient JSON to look up the patient, or you can pass in a resource ID to directly reference the patient. | |
callbackUrl | The callback URL. It is required to use https scheme for security reasons | Determines where the response will be sent to. You can include some additional parameters to that URL. Any you need to pass to the callback. |
state | Any string. Optional. | A value used by the client to maintain state between the request and callback. |
tz-offset | Optional. | Timezone offset as minutes from UTC |
Supported facility types
| Facility Type | Description |
|---|---|
| DiagnosticLaboratories | Diagnostic Laboratories |
| RadiologyImaging | Radiology Imaging |
| GeneticTesting | Genetic Testing |
| SurgicalCenter | Surgical Centers |
| PhysicalTherapy | Physical Therapy (PT) |
| SkilledNursingFacilities | Skilled Nursing Facilities |
| HomeHealthAgencies | Home Health Agencies (HHA) |
| SleepCenters | Sleep Centers |
| Hospice | Hospices |
| AssistedLivingFacilities | Assisted Living Facilities |
| Specialist | Specialists |
A patient JSON
Contains the following fields (case sensitive)
Field | Values | Description |
|---|---|---|
id2 | Optional | MRN in your system or External ID |
className | Required | Will always be "com.informedika.common.shared.vo.PatientVO" |
firstName | Any string. Required | The given name of the patient. |
middleName | Any string. Optional | The middle name of the patient. |
lastName | Any string. Required. | The surname of the patient. |
title | One of the following constants:
| The desired patient’s title. |
gender | One of the following constants:
| The gender of the guarantor. |
dateOfBirth | Local Date JSON | The date of birth of the patient. |
address | JSON Address | Patient address. |
license | Optional string | License ID |
ssn | Optional string | Social Security Number |
maritalStatus | One of the following constants:
| The marital status of the patient. |
language | One of the following constants:
| Language preference |
needTranslator | True or False | Determines if patient needs a translator services |
races | One or several of the following constants:
| The list of races of the patient. |
ethnicity | One of the following constants:
| |
homePhone | A phone number. | Home phone number. |
mobilePhone | A phone number. | Mobile phone number. |
workPhone | A phone number. | Work phone number. |
workPhoneExt | Any digits. | Work phone extension |
An email address. | The valid email address. | |
contactMethod | One of the following constants:
| Prefered contact method. |
primaryInsurance | An insurance JSON | Primary insurance. |
secondaryInsurance | An insurance JSON | Secondary insurance. |
tertiaryInsurance | An insurance JSON | Tertiary insurance. |
An insurance JSON
Contains the following fields
Field | Values | Description |
|---|---|---|
provider | Any string. Required | The name of the insurance provider. |
policyId | Any string. Required | Policy number/id |
groupNumber | Any string. Optional | Policy group number if available |
providerInfo | A provider JSON Required | Describes the payer for the given insurance plan. |
insured | A guarantor JSON Required | Defines the guarantor. |
An insurance provider JSON
Contains the following fields
Field | Values | Description |
|---|---|---|
name | Any string. Required. | The name of the insurer. |
phone | A phone number. | A valid US phone number. |
address | The claims address of the insurance provider. |
A guarantor JSON
Contains the following fields
Field | Values | Description |
|---|---|---|
firstName | Any string. Mandatory. | Given name of the guarantor. |
lastName | Any string. Mandatory. | Last name of the guarantor. |
gender | One of the following constants:
| Gender of the guarantor. |
dateOfBirth | Local Date JSON | Date of birth of the guarantor. |
employer | Any string. | Company name where the guarantor works if available. |
relationship | One of the following constants:
| Identifies the relationship between the patient and the guarantor. |
phone | A phone number. | Valid US phone number. |
address | JSON Address | Guarantor’s mailing address. |
An address JSON
Contains the following fields
Field | Values | Description |
|---|---|---|
address1 | Any string Required | Address 1 |
address2 | Any string Optional | Address 2 |
city | Any string Required | City name. |
state | A state code Required | Two-letters state code. |
zip | 5-digit ZIP code. Required | Postal ZIP code. |
country | USA Required | Country code. A predefined constant. |
A local date JSON
Contains the following fields
Field | Values | Description |
|---|---|---|
year |
| Year. |
month | 1 - 12 | Month number. |
day | 1 - 31 | Day of the month. |
Below you can find an example of a such request:
POST /doctor/api HTTP/1.1
Authorization: Bearer fb0ecb5f514a02dbe044d54b8dd29cac
Host: api.healthgorilla.com
{
"id": 8,
"jsonrpc": "2.0",
"method": "placeOrder",
"params": [{
"facilityType" : "DiagnosticLaboratories",
"callbackUrl" : "https://yourapp.com/neworder/callback",
"state" : "1",
"patient" : {
"className" : "com.informedika.common.shared.vo.PatientVO",
"firstName" : "Marcy",
"lastName" : "Pop",
"title" : "mrs",
"gender" : "female",
"dateOfBirth" : {
"year" : 1990,
"month" : 12,
"day" : 28
},
"address" : {
"address1" : "555 River Road",
"city" : "Washougal",
"state" : "WA",
"zip" : "98671"
},
"maritalStatus" : "married",
"races" : ["white"],
"email" : "[email protected]",
"homePhone" : "777-777-7777",
"workPhone" : "888-446-7455",
"primaryInsurance" : {
"className" : "com.informedika.common.shared.vo.InsuranceVO",
"provider" : "MediCare",
"policyId" : "123456789",
"providerInfo" : {
"className" : "com.informedika.common.shared.vo.BaseInsurerVO",
"name" : "MediCare",
"address" : {
"address1" : "PO BOX 272855",
"city" : "Chico",
"state" : "CA",
"zip" : "95927"}
},
"insured" : {
"className" : "com.informedika.common.shared.vo.GuarantorVO",
"firstName" : "Jim",
"lastName" : "Pop",
"relationship" : "other",
"employer" : "Health Gorilla Inc.",
"address" : {
"address1" : "555 River Road",
"city" : "Washougal",
"state" : "WA",
"zip" : "98671"
},
"homePhone" : "844-446-7455",
"gender" : "male",
"dateOfBirth" : {
"year" : 1990,
"month" : 10,
"day" : 22}
}
},
"secondaryInsurance" : {
"className" : "com.informedika.common.shared.vo.InsuranceVO",
"provider" : "ANTHEM BLUE CROSS OF CALIFORNIA",
"policyId" : "619A988989",
"groupNumber" : "54545454",
"providerInfo" : {
"className" : "com.informedika.common.shared.vo.BaseInsurerVO",
"name" : "ANTHEM BLUE CROSS OF CALIFORNIA",
"phone" : "877-800-4725",
"address" : {
"address1" : "PO BOX 60007",
"city" : "Los Angeles",
"state" : "CA",
"zip" : "90060"}
},
"insured" : {
"className" : "com.informedika.common.shared.vo.GuarantorVO",
"firstName" : "Jim",
"lastName" : "Pop",
"relationship" : "other",
"employer" : "Health Gorilla Inc.",
"address" : {
"address1" : "555 River Road",
"city" : "Washougal",
"state" : "WA",
"zip" : "98671"
},
"homePhone" : "844-446-7455",
"gender" : "male",
"dateOfBirth" : {
"year" : 1990,
"month" : 10,
"day" : 22}
}
}
}
}]
}3.1.2 Patient By Reference
Alternatively, you may directly reference the patient's resource ID (HG ID) if it is known, which will directly reference the patient as opposed to populating the entire Patient JSON and performing a lookup.
| Field | Values | Description |
|---|---|---|
| patientId | Patient Resource ID (HG ID) | The Patient resource ID or HG ID, i.e. the internal resource ID. |
Below you can find an example of such a payload.
{
"id": 1,
"jsonrpc": "2.0",
"method": "placeOrder",
"params": [
{
"facilityType" : "DiagnosticLaboratories",
"callbackUrl" : "https://yourapp.com/neworder/callback",
"state" : "1",
"patientId" : "59f71f62e8f8cc8cbe17cfd7"
}
]
}Response
A successful response contains the following fields:
| Field | Description |
|---|---|
| callbackUrl | The URL to open the New Order wizard. |
Below you can find an example of such a response:
{
"jsonrpc": "2.0",
"result": [
{
"callbackUrl" : "https://healthgorilla.com/newsession?go=https%3A%2F%healthgorilla%2Fmarketplace%23new%2Forder%2Flab%26processId%3D62631e55e85ee9304c9bad80%26mode%3Dembedded%26patientIds%3Dd03d19550d4e030ad9bea63b"
}
],
"id": 8
}Callback URl is a URL to access Health Gorilla New Order wizard. Your application should take this URL from the response, append OAuth access token (access_token parameter) and then open it in a separate window or in a frame. The URL with the appended access token parameter will look like this:
3.1.1. Example
Below you can see how to call JSON-RPC with curl tool.
curl -X POST -k -H "Content-Type: application/json" -H "Authorization: Bearer b0d14637fa9e47541e3e55c32828c307" --data-binary @path\to\file.json https://api.healthgorilla.com/doctor/apiWhere @path\to\file.json is the the path to the file that contains JSON request.
For example: @C:\tmp\placeOrder.json
Then copy JSON example from 3.1 to the file and execute the command.
Once you get successful response to your call you can use value of callbackUrl response parameter to navigate iframe or new browser window to
3.2. Place Order Callback
Once Place New Order Wizard finishes it will be redirected to the callbackUrl you have provided. It will pass the following parameters:
Parameter | Description |
|---|---|
responseCode | The result of Place New Order Wizard. Possible values are:
|
responseMessage | Optional. Can provide error description in case when responseCode = error |
state | The state parameter, if it was included to the initial request. |
orderId | Optional. Placed order ID in case when responseCode = success for use in Get Order Request. See Chapter 3.3. Get Order Request |
orderIds | Optional. Contains joined string (separated by ‘|’) of placed orders IDs in case if order was split during placement |
Examples:
https://yourapp.com/neworder/callback?responseCode=success&orderId=c0ef7755a39e3e76a91d00ba
https://yourapp.com/neworder/callback?responseCode=error&responseMessage=Failed%20while%20getting%20EMR%20Integration%20data
https://yourapp.com/neworder/callback?youCanHave=yourOwnParameters&responseCode=canceledUpdated 7 days ago