Application Platform
OctoFHIR provides an Application Platform for managing and extending FHIR server functionality through custom applications.
Overview
Section titled “Overview”Applications in OctoFHIR are FHIR resources that define:
- Custom operations and endpoints
- Event-driven workflows
- Integration with external systems
- UI components and widgets
App Resource Structure
Section titled “App Resource Structure”Apps are defined using a custom FHIR App resource type:
{ "resourceType": "App", "id": "my-custom-app", "name": "My Custom Application", "description": "Example application for custom workflows", "status": "active", "version": "1.0.0", "operations": [ { "name": "custom-operation", "type": "read", "resourceType": "Patient", "handler": { "type": "http", "url": "https://my-service.example.com/handler" } } ], "subscriptions": [ { "resourceType": "Observation", "events": ["create", "update"], "handler": { "type": "webhook", "url": "https://my-service.example.com/webhook" } } ]}Custom Operations
Section titled “Custom Operations”Apps can define custom FHIR operations that extend the server’s functionality:
Operation Types
Section titled “Operation Types”read- Custom read operations (e.g., computed views, aggregations)write- Custom create/update operations with validationsearch- Custom search implementationsexecute- Named operations (e.g.,$custom-operation)
Handler Types
Section titled “Handler Types”- HTTP Handler - Forward requests to external HTTP service
- JavaScript Handler - Execute JavaScript code in QuickJS sandbox
- Internal Handler - Built-in Rust implementation
Example HTTP handler operation:
{ "name": "risk-score", "type": "execute", "resourceType": "Patient", "handler": { "type": "http", "url": "https://analytics.example.com/risk-score", "method": "POST", "headers": { "X-API-Key": "secret-key" } }}Invoke the operation:
POST /Patient/123/$risk-scoreAuthorization: Bearer <token>
{ "parameters": { "algorithm": "framingham" }}Event Subscriptions
Section titled “Event Subscriptions”Apps can subscribe to FHIR resource events for real-time workflows:
Supported Events
Section titled “Supported Events”create- Resource createdupdate- Resource updateddelete- Resource deletedvread- Resource version accessed
Subscription Handlers
Section titled “Subscription Handlers”{ "resourceType": "Observation", "events": ["create"], "filter": { "code": "85354-9", // Blood pressure "valueQuantity.value": { "gt": 140 } }, "handler": { "type": "webhook", "url": "https://alerts.example.com/high-bp", "retryPolicy": { "maxRetries": 3, "backoffSeconds": [10, 30, 60] } }}App Management API
Section titled “App Management API”Create App
Section titled “Create App”POST /AppAuthorization: Bearer <admin-token>Content-Type: application/fhir+json
{ "resourceType": "App", "name": "My App", ...}List Apps
Section titled “List Apps”GET /App?status=activeAuthorization: Bearer <admin-token>Update App
Section titled “Update App”PUT /App/my-appAuthorization: Bearer <admin-token>
{ "resourceType": "App", "id": "my-app", "status": "inactive", ...}Delete App
Section titled “Delete App”DELETE /App/my-appAuthorization: Bearer <admin-token>App Status
Section titled “App Status”Apps can have the following statuses:
draft- Under development, not activeactive- Deployed and processing requestsinactive- Temporarily disabledretired- Permanently removed
Security & Permissions
Section titled “Security & Permissions”App Authentication
Section titled “App Authentication”Apps can authenticate using:
- Client credentials - OAuth 2.0 machine-to-machine
- Service accounts - Dedicated user with system scopes
- API keys - Simple token-based auth (for internal services)
Operation Authorization
Section titled “Operation Authorization”Operations inherit the user’s access token and scopes. The app can:
- Pass-through auth - Use the caller’s token as-is
- Elevation - Request additional scopes (requires consent)
- Service context - Execute with app’s own credentials
Audit Logging
Section titled “Audit Logging”All app operations are logged to FHIR AuditEvent resources:
{ "resourceType": "AuditEvent", "action": "E", // Execute "recorded": "2026-01-03T14:00:00Z", "outcome": "0", // Success "agent": [ { "who": { "reference": "User/admin" } }, { "who": { "reference": "App/my-app" }, "requestor": false } ], "entity": [ { "what": { "reference": "Patient/123" }, "role": "4" // Domain resource } ]}Best Practices
Section titled “Best Practices”- Version your apps - Use semantic versioning and test changes
- Handle failures gracefully - Implement retry logic and error handling
- Monitor performance - Track operation latency and throughput
- Validate inputs - Don’t trust external data
- Use FHIR resources - Store app configuration as FHIR resources when possible
Configuration
Section titled “Configuration”App platform settings in octofhir.toml:
[apps]enabled = truemax_operations_per_app = 100operation_timeout_seconds = 30webhook_timeout_seconds = 10webhook_max_retries = 3
[apps.sandbox]enabled = truemax_memory_mb = 128max_execution_ms = 5000Examples
Section titled “Examples”Patient Portal Integration
Section titled “Patient Portal Integration”{ "resourceType": "App", "name": "Patient Portal", "operations": [ { "name": "portal-dashboard", "type": "read", "resourceType": "Patient", "handler": { "type": "javascript", "code": "function(patient) { return { summary: computeSummary(patient) } }" } } ]}Clinical Decision Support
Section titled “Clinical Decision Support”{ "resourceType": "App", "name": "Drug Interaction Checker", "subscriptions": [ { "resourceType": "MedicationRequest", "events": ["create"], "handler": { "type": "http", "url": "https://cds.example.com/check-interactions" } } ]}