Health Gorilla supports access to clinical data using the HL7® FHIR® (Fast Healthcare Interoperability Resources) standard. Our platform implements both FHIR R4 and FHIR STU3, depending on the product and use case.
- FHIR R4 is used for real-time, synchronous access to patient data and supports direct interaction with normalized FHIR resources.
- FHIR STU3 is used for asynchronous workflows, including Patient360 record retrieval and legacy document aggregation.
Locate the R4 or STU3 section on the left for more information about individual resources, operations, and authentication requirements.
Not sure which version you're using? Start with your integration method or API base URL. FHIR R4 endpoints begin with
/fhir/R4, while STU3 endpoints use/fhir/3.0.
RESTful Architecture
The Health Gorilla API follows standard FHIR REST conventions. Resources are accessed using standard HTTP methods:
| Method | Action |
|---|---|
GET | Read or search |
POST | Create |
PUT | Update |
DELETE | Remove (where supported) |
All requests are constructed using predictable RESTful URLs, for example: GET /fhir/R4/Patient/{id}
Resource paths follow the pattern: https://api.healthgorilla.com/fhir/R4/{ResourceType}/{id}
For example, to retrieve a specific patient record: GET https://api.healthgorilla.com/fhir/R4/Patient/123456
Capability Statement (/metadata)
/metadata)To discover available resources, search parameters, and operations, query the server’s CapabilityStatement: GET /fhir/metadata
Example: GET https://api.healthgorilla.com/fhir/metadata
The CapabilityStatement describes supported resource types, profiles, interaction types, and security models.
Transport Security
All API access must use TLS 1.2 or higher. Plain HTTP requests are rejected.
- Accepted:
https://api.healthgorilla.com/... - Rejected:
http://api.healthgorilla.com/...
Versioning
FHIR versioning is expressed directly in the API path:
- R4:
/fhir/R4/{ResourceType} - STU3:
/fhir/{ResourceType}
The version associated with your tenant is pinned by default. You may override this by:
- Specifying a version during OAuth token issuance (if supported)
- Requesting an upgrade through Health Gorilla Support
For more information, go to: OAuth 2.0 Authentication
Resource References
FHIR resources commonly reference each other using literal or logical identifiers.
Literal Reference
A relative reference using the resource type and internal FHIR ID:
{
"reference": "Patient/d5da4352b3f978a445475a22",
"display": "Tom Sower"
}
Logical Reference
Uses external identifiers such as MRNs, SSNs, or NPIs to locate related resources.
Medical Record Number (MRN)
{
"identifier": {
"type": {
"coding": [
{
"system": "http://terminology.hl7.org/CodeSystem/v2-0203",
"code": "MR"
}
]
},
"system": "https://www.healthgorilla.com",
"value": "d5da4352b3f978a445475a22"
}
}
Social Security Number (SSN)
{
"identifier": {
"type": {
"coding": [
{
"system": "http://terminology.hl7.org/CodeSystem/v2-0203",
"code": "SB"
}
]
},
"system": "http://hl7.org/fhir/sid/us-ssn",
"value": "001-01-0001"
}
}
National Provider Identifier (NPI)
{
"identifier": {
"system": "http://hl7.org/fhir/sid/us-npi",
"value": "1234567893"
}
}