Patient Access API
Utah Medicaid's patient access API introduces a secure, client driven, data connection between Medicaid and a client's chosen third-party application. The API conforms to CMS's standards found in HL7® FHIR®, CARIN Blue Button®, and along with Common Payer Consumer Data Set (CPCDS).
Capability Statement
Developers, for the capability statement please reference https://fp.medicaid.utah.gov/ProviderClient/metadata.
The capability statement outlines versions, authorizations, resources, profiles, interactions, search parameters, and end points.
Getting Started
In order to access the API, application owners will need to register their PHR application by completing the form found on the PHR App Registration page.
| Authorize URL Format: |
|---|
Getting Access Token:
| HTTP Method |
| post |
HTTP Headers
| content-type - application/json |
| accept - application/json |
| authorization - Basic base 64({client_id}:{client_secret}) |
HTTP Body
| code - {oauth code} |
| grant_type - authorization_code |
| redirect_uri - {your_redirect_uri} |
Explore API
Resources
The API supports the following resources
Request Headers:
All API resource requests require the following headers:
| content-type | application/json |
| accept | application/json |
| authorization | Bearer {ACCESS_TOKEN} |
Regulatory Information
| CARIN Alliance Code of Conduct | https://www.carinalliance.com/our-work/trust-frameworkand-code-of-conduct/ |
| CMS Best Practices for Payers and App Developers | https://www.cms.gov/files/document/best-practices-payers-and-app-developers.pdf |
| CMS Regulations and Guidelines | https://www.cms.gov/Regulations-andGuidance/Guidance/Interoperability/index |
| Privacy, Security, and HIPAA | https://www.healthit.gov/topic/privacy-security-and-hipaa |
| ONC Model Privacy Notice | https://www.healthit.gov/topic/privacy-security-and-hipaa/model-privacy-notice-mpn |