FHIR Directory API

Provider Directory Interoperability with FHIR API Usage

As mandated by the Centers for Medicare and Medicaid Services, the CDPHP FHIR Directory API meets the specification as outlined in the Da Vinci PDEX Plan-Net Implementation Guide and conforms to the technical standard for data exchange via secure API.

Instructions below are provided as a courtesy for you to get started. This is meant for developers who are familiar with HL7 APIs and assumes understanding of how APIs work.

Additional specific API documentation is available on the HealthSparq Developer Hub.

  1. Obtain a public token from our token service at https://cdphpfhir.healthsparq.com/api/healthsparq-public-login-service/v1/token. Make sure to include the required meta data and header information to the endpoint. This specifies which of our directories you are attempting to query. Each requested token will expire after 15 minutes. No authentication is required because this is a public token. This is a deviation from the JOT methodology because we don't use a client and secret; it's simply passing a public token request. There is no need to pass the token as an authenticated bearer token. It needs to be passed as a subject token inside the header section of your call.

    curl --location --request POST 'https://cdphpfhir.healthsparq.com/api/healthsparq-public-login-service/v1/token' \
          --header 'Content-Type: application/json' \
          --data-raw '{

    Use the token below to make calls to the FHIR provider directory API

    Auth Token Target: https://cdphpfhir.healthsparq.com/api/healthsparq-public-login-service/v1/token

  2. Include the following required FHIR Provider Call Required Headers:

        --header 'Accept: application/json' \
         --header 'Content-Type: application/json' \
         --header 'Subject-Token: (FYI - public token to be passed with this header)'

    Endpoint: https://cdphpfhir.healthsparq.com/api/provider-fhir-service

  3. In accordance with Da Vinci PDEX Plan-Net Implementation Guide, we recommend querying the metadata endpoint first to generate a capability statement for our API before querying any other data.

Note: The mandate requires this information to be publicly available. If you have questions, please refer to the Da Vinci PDEX Plan-Net Implementation Guide, as our organization cannot support developer specific questions.