QBOS REST API Documentation (vendor:517090, corporate:506764)
Introduction
This document describes the REST API and resources provided by QBOS. The REST APIs are for developers who want to integrate QBOS into their application and for administrators who want to script interactions with the QBOS server.
QBOS's REST APIs provide access to resources (data entities) via URI paths. To use a REST API, your application will make an HTTP request and parse the response. The request and response formats are JSON. Your methods will be the standard HTTP methods GET, PUT, POST and DELETE.
Because the REST is based on open standards, you can use any web development language to access this API.
Audience
This developer's guide is intended for software developers needing a technical reference for using the QBOS REST API. The information you find in this guide is written by software engineering, and is authoritative on how the API behaves.
Additional resources, information about this guide
Occasionally, we make a mistake in this documentation, or unknowingly break a feature that you depend on. If this has happened to you, we apologize! You can help us fix the issue by contacting us. We appreciate your help.
Getting Started
To place any request in QBOS API application from third party application you need to authenticate user account and set/calculate values for the following request headers: Authorization
, x-api-salt
, x-api-date-utc
.
See detail Authentication
URI patterns can be devided into these categories:
- Standard resource record
https:/.../v1/o/...
- Custom resource record
https:/.../v1/{vendor_id}/...
- Custom resource metadata
https:/.../v1/ads/...
- Complex Data Views
https:/.../v1/views/...
- Billing
https:/.../v1/hmsbill/...
Filtering by query string arguments "$filter" and "$limit"
"$filter": SQL "where" clause."$limit": numeric value as the max number of records to return.
For example
...?$filter=Preferred_Repairman=2 AND status_id=309 AND image is not null AND Initial_Inspection_Score=0&$limit=20
The following URIs support "$filter" as query string argument:
- Custom Resource
GET https:/.../v1/{vendor_id}/{custom_resource}?$filter={SQL where clause}
- Complex Data Views
GET https:/.../v1/views/{view_resource}?$filter={SQL where clause}
*It is required that the value of $filter is URL-encoded.
*For "$filter" to work for a Custom Resource the Custom Resource needs to be re-published on or after 04/20/2015.
CRM Service (2.3 Contact API)
- corporate (note: REST endpoints for 'corporate' resource have not been scheduled for implementation)
Security Service (2.4. Security API)
- corporate(note: REST endpoints for 'corporate' resource have not been scheduled for implementation)
Forms Service (2.5. Forms API)
- corporate (note: REST endpoints for 'corporate' resource have not been scheduled for implementation)
ADS Service (2.7. Object Schema API)
- corporate (note: REST endpoints for 'corporate' resource have not been scheduled for implementation)
BPD Service (2.8. Business Process Design API)
.
Scheduling Service (2.9. Scheduling API)
- corporate (note: REST endpoints for 'corporate' resource have not been scheduled for implementation)
DCMS Service (2.10. DCMS API)
- corporate (note: REST endpoints for 'corporate' resource have not been scheduled for implementation)
Tasks Service (2.11. Tasks API)
.
Alert / Note Service (2.12. Alert / Note API)
- corporate (note: REST endpoints for 'corporate' resource have not been scheduled for implementation)
Process Service (2.13. Process API)
.
ACL Service (2.14. ACL API)
- corporate (note: REST endpoints for 'corporate' resource have not been scheduled for implementation)
Billing Service (2.15. Billing API)
.
Comments Service (2.16. Comments API)
- corporate (note: REST endpoints for 'corporate' resource have not been scheduled for implementation)
Work Item Service (2.17. Work Item API)
- corporate (note: REST endpoints for 'corporate' resource have not been scheduled for implementation)
Complex Data View Service [See usage]
- payers_grid ( - )
- careteam_members_discipline ( - )
- assessment_ca_meds ( - )
- assessment_ca_notes ( - )
- claimrecoupmentdetail ( - )
- idgmeetingpatientsbyteam ( - )
- integrum_assessment_header ( - )
- integrum_patientcarelocation_timezone ( - )
- paymentsplits ( - )
- patient_caregivers ( - )
- employee_contact_info ( - )
- patient_careteam_members ( - )
- hmsbillbilling_run_verification ( - )
- legacy_facility_rates ( - )
- hmsbillbilling_run_verification_errors ( - )
- hmsbillbilling_run_verification_days ( - )
- hospice_contact ( - )
- teampatients ( - )
- default_his_discharge ( - )
- paymentadjustments ( - )
- careteam_members ( - )
- discharge_grid ( - )
- facility_description ( - )
- referral_grid ( - )
- patient_rbrates ( - )
- people ( - &$include=address,phone,email,subtype,hrdetails,humanresource,all)
- careteam_candidates ( - )
- hmsbillbilling_run_summary ( - )
- application_corp (Get corporations by application - )
- physician_contact ( - )
- employee_grid ( - )
- medicare_rates ( - )
- fiscal_year ( - )
- claimstabview ( - )
- careteam_employee_roles ( - )
- idgmeetingpatientbychart ( - )
- facility_patient_count ( - )
- patient_current_location ( - )
- patient_activities_grid ( - )
- apimolecule ( - )
- team_grid ( - )
- team_patients ( - )
- integrum_employee ( - )
- integrum_hrdetails ( - )
- hisadmininfo ( - )
- payerlist ( - )
- basic_patient_info ( - )
- hmsbillpatients ( - )
- patient_charts ( - )
- patient_chart ( - )
- claimpayment ( - )
- employees ( - )
- idg_patient ( - )
- user_corp (Get corporations by user - )
- careteam_employees_withdiscipline ( - )
- patient_search ( - )
- job_roles ( - )
- provider_professionals_grid ( - )
- claimsummary ( - )
- default_his ( - )
- patient_grid ( - )
- idg_grid ( - )
- legacy_payer ( - )
- racodes_by_payer ( - )
- processed_claimsra ( - )
- patient_attending_physicians ( - )
- legacy_facility ( - )
- allpatientsbyteam ( - )
- emp_daily_activity ( - )
- hmsbillbilling_run_verification_lineitems ( - )
- patient ( - )
- facility_patients ( - )
- hmsbillclaim_cycle ( - )
- organizations ( - &$include=address,phone,email,subtype,all)
- patient_his_records ( - )
- physicians ( - )
- patient_brief ( - )
- his_cms_xml ( - )
- patient_visits ( - )
- adjustment_to_prior_claim ( - )
- dalv2 ( - )
- hmsbillclaims_pre_claimcycle ( - )
- activitylog_grid ( - )
- integrum_patient_benefitperiod ( - )
- physician_cert_payer ( - )
- his_compliance_export ( - )
- integrum_dal ( - )
- default_his_admission ( - )
- integrum_patient_caregiver ( - )
- integrum_billing_patient_payer_information ( - )
- integrum_patient_info ( - )
- csinvoice ( - )
- unprocessed_payment_summary ( - )
- provider_facilities ( - )
- hmsbillbilling_run ( - )
- assessment_header ( - )
- processed_claimdetailra ( - )
- careteam_patient ( - )
- adjustments_by_payer ( - )
- facilities ( - )
- corp_branches ( - )
- integrum_patient_chart ( - )
Custom Object Service (2.6. Object Record API)
- VALUELIST - Type 1 - simple [ value | display value ] pairs specifically designed for and as part of a particular object data field. This API supports Get, Post, Put and Delete.
- VALUELIST - Type 2 - simple [ value | display value ] pairs used commonly across multiple objects. This API supports Get, Post, Put and Delete.
- VALUELIST - Type 3 - [ value | display value ] pairs sourced from more complex data sets via a query. This API supports Get.
- Objects not bound to an Application
- Objects by Application
- Applicant Tracking System
- APPLINFO ("Applicant_Information")
- APPLJOBCAND ("Candidacy")
- AVAILJOBS ("Available_Jobs")
- EMPDET ("Employment_Details")
- Applicants
- AOPP ("Application")
- TRSWORKHISTORY ("TRS_Work_History")
- Billing & Collections
- BILLCLM ("Claim_Cycle")
- BILLRUN ("Billing_Runs")
- CAS ("Claim_Adjustment")
- CLAIMFILE ("Claim_File")
- CLAIMITEMADJ ("ClaimItem_Adjustments")
- CSINVADJ ("CS_Invoice_Adjustments")
- CSINVOICE ("CSINVOICE")
- CSINVSPLIT ("CS_Invoice_Splits")
- CSPLB ("CS_Provider_Adjustments")
- EMCEXCLUDE ("LATE_EMC_EXCLUSIONS")
- FILE277 ("277_File_Report")
- HMSNOE ("Notice_of_Election")
- LATECLAIM ("Late_EMC")
- NHPAYAP ("Nursing_Home_R&B_Payable_Approval")
- PATREBILL ("Patient_Rebill")
- PATSRVDET ("Claim_Items")
- PTVOIDS ("Potential_Voided_Claims")
- REMIT ("Remittance_File")
- REMITBUNDLE ("Remittance_Claim_Bundle")
- REMITCLAIM ("Remittance_Claim")
- REMITLX ("Remittance_Line_Item")
- REMITPLBADJ ("Remit_File_PLB_Adjustments")
- RNBAPITEMS ("Nursing_Home_R&B_Payable_Approval_Items")
- UNCLAIMS ("Unprocessed_Claims")
- UNMEDS ("UnmatchedMedsRecords")
- VCFCHGD ("Record_Fields_Changed")
- VOIDCLAIMS ("VOIDED_CLAIMS")
- VOIDS ("Record_Changes_Captured")
- Billing Configuration
- AUTHSETTINGS ("Authorization_Settings")
- CARCCODES ("CARC_Codes")
- CARCLIST ("CARC_Codes_List")
- CBSAMAP ("CBSA_Mapping")
- CMSSETTINGS ("CMS_Settings")
- CODEMAP ("Payor_Code_Map")
- COMMSETTINGS ("Commercial_Payer_Settings")
- COUNTYCODES ("County_Codes")
- CRCR ("Crossroads_Custom_Reports")
- FACILITYCONTACTEMAIL ("Facility_Contact_Email")
- FACILITYCONTACTPHONE ("Facility_Contact_Phone")
- FACILITYEMAIL ("Facility_Email")
- FACILITYINFO ("Facility_Info")
- FACILITYPHONE ("Facility_Phone_Number")
- FACILITYRATES ("Facility_Rates")
- FACRNB ("Facility_R&B_Rates")
- GLLOCATIONCODES ("General_Ledger_Location_Codes")
- GLSERVICECODES ("General_Ledger_Service_Codes")
- GLVISITCODES ("General_Ledger_Visit_Codes")
- HOSPCP ("Hospice_Control_Panel")
- HSPRATE ("Hospice_Rates")
- LOCATIONCODES ("Location_Codes")
- MEDICAIDRATES ("Medicaid_Rates")
- MEDICAIDSETTINGS ("Medicaid_Payer_Settings")
- MEDICARERATES ("Medicare_Rates")
- MEDICARESETTINGS ("Medicare_Payer_Settings")
- PATVSTRATE ("Patient_Visit_Rates")
- PAYERCONTACT ("Payer_Contact")
- PAYERSETTINGS ("Payer_Settings")
- PYRCLM ("Payor_Settings")
- RAACCEPT ("RA_Code_Acceptance")
- RACODES ("RA_Codes")
- RBAUTHSETTINGS ("RB_Authorization_Settings")
- RBSETTINGS ("Room_and_Board_Settings")
- SERVICECODES ("Service_Codes")
- SERVICERATES ("Service_Rates")
- SFUFPAYERSETTINGS ("Self_and_Unfunded_Payer_Settings")
- STATUSHISTORY ("Status_History")
- UBSETTINGS ("UB_Settings")
- VISITCODES ("Visit_Codes")
- VISITRATES ("Visit_Rates")
- Billing System
- Call Management
- CALLS ("Calls")
- Client Setup
- CLIENT ("Client_Setup")
- CLIENTGROUPGPILISTS ("Client_Groups_GPI_Lists")
- CLIENTGROUPS ("Client_Groups")
- CRPTS ("Client_Reports")
- CLIENTS
- CLINICAL
- ASSESSISSUE ("Assessment_Issue")
- ASSESSMENTNARRATIVES ("AssessmentNarratives_Continuous")
- BEREAVCH ("Beareavement_CH")
- BEREAVPREVAL ("Bereavement_Prevalent_Feelings")
- BEREAVPU ("Bereavement_PU")
- BEREAVSUPP ("Bereavement_Available_Support")
- BOWELTREAT ("Bowel_Treatment")
- CAADLSN ("CA_ADL_SpecialNeeds")
- CAASSESSMENT ("CA_Assessment")
- CAASSESSMENTACTV ("CAAssessment_ACTV2")
- CABEREAV ("CA_Bereavement")
- CACARDIO ("CA_Cardiovascular")
- CADMES ("CA_DMESupplies")
- CAGASTRO ("CA_Gastrointestinal")
- CAGENITO ("CA_Genitourinary")
- CALOC ("CA_LevelofCare")
- CALOCCATEGORY ("CA_LevelofCare_CATEGORIES")
- CALOCSUBCATEGORY ("CA_LevelofCare_SubCategory")
- CAMUSC ("CA_SkinMusculoskeletal")
- CAMUSCISU ("CA_Musculoskeletal_Issues")
- CANEURO ("CA_Neuro")
- CANUTRI ("CA_NutritionMetabolic")
- CAPAIN ("CA_Pain")
- CAQA ("CA_QuestionAnswer")
- CARDIOSYMPTISS ("CardioSymptomsIssues_List")
- CAREPLAN ("Care_Plan")
- CAREPLANVISITNOTE ("Care_Plan_Visit_Note")
- CARESP ("CA_Respiratory")
- CARESP2 ("CA_Respiratory-2")
- CASAFET ("CA_SafetyTeachings")
- CASKINISU ("CA_Skin_Issues")
- CASPIR ("CA_Spiritual")
- CASUPERVISORYVISIT ("CA_Supervisory_Visit")
- CASW ("CA_SocialWork")
- CAT ("Care_Plan_Category_14_Obsolete_2")
- CATNEURO ("Category_1_-_Neurological")
- CATPAIN ("Category_2_-_Pain")
- CAVITALORNT ("CA_Vitals_Orientation")
- CAVITALS ("CA_Vitals")
- CAVOLUN ("CA_Volunteer")
- COMFKIT ("ComfKit")
- COMPASSESS ("Comprehensive_Assessment")
- CPAUDITLOG ("CP_AUDITLOG")
- CPIDGDISCUSSION ("CP_IDG_DISCUSSION")
- CPIDGNARRATIVES ("CP_IDG_NARRATIVES")
- CPIDGREVIEW ("CP_IDGREVIEW")
- CPIREVIEWSECSTATUS ("CP_IDGReview_SectionStatus")
- CPMENUSTATUS ("CP_MenuStatus")
- CPPOCGOALS ("CP_POC_Goals")
- CPPOCHOMEMAKER ("CP_POC_HOMEMAKER")
- CPPOCHOMEMAKERCATEGORI ("CP_POC_HOMEMAKER_CATEGORIES")
- CPPOCHOMEMAKERNARRATIV ("CP_POC_HOMEMAKER_NARRATIVE")
- CPPOCHOSPICIDE ("CP_POC_HOSPICIDE")
- CPPOCHOSPICIDECATEGORY ("CP_POC_HOSPICIDE_CATEGORY")
- CPPOCHOSPICIDENARATIVE ("CP_POC_HOSPICIDE_NARATIVES")
- CPPOCHOSPICIDENEEDS ("CP_POC_HOSPICIDE_NEEDS")
- CPPOCHOSPICIDERN ("CP_POC_HOSPICIDE_RN")
- CPPOCIDGAPPROVAL ("CP_POC_IDG_APPROVAL")
- CPPOCINTERVENTIONS ("CP_POC_INTERVENTIONS")
- CPPOCISSUE ("CP_POC_Issue")
- CPPOCVISITFREQUENCY ("CP_POC_VISITFREQUENCY")
- CPPOCVOLUNTEERCONTACT ("CP_POC_VOLUNTEER_CONTACT")
- CPPOCVOLUNTEERINSTRUCT ("CP_POC_VOLUNTEER_INSTRUCTIIONS")
- CPPOCVOLUNTEERNARRATIV ("CP_POC_VOLUNTEER_NARRATIVES")
- CPPOCVOLUNTEERNPCACTI ("CP_POC_VOLUNTEER_NPC_ACTIVITIES")
- CPPOCVOLUNTEERPCACTIV ("CP_POC_VOLUNTEER_PC_ACTIVITIES")
- CPVISITISSUES ("CP_VISIT_ISSUES")
- CPVISITS ("CP_VISITS")
- CPVISITSUMMARY ("CP_VISIT_SUMMARY")
- CPVISITSUMMARYNARATIVE ("CP_VISIT_SUMMARY_NARATIVES")
- CPVISITSUMMARYSCDETAIL ("CP_VISIT_SUMMARY_SCDETAILS")
- DMESPU ("DMES_PU")
- DMESUPNOTES ("DME_Supplies_Notes")
- ELIGREV ("EligRev")
- F2FATTESTATION ("F2FAttestation")
- F2FSUMMARYLABANDNARR ("F2FSummaryLabAndNarr")
- FASTPU ("FAST_PU")
- FOODALLERDES ("Food_Allergies_Description")
- GASTROSYMPT ("GastroSymptoms_List")
- GENITOISSUE ("Genitourinary_Issues")
- HISTFAIL ("Heart_History_Failure")
- IDGMEETING ("IDG_Meeting")
- IDGMEETINGPAT ("IDG_Meeting_Patient")
- IDGMEETINGSIGN ("IDG_Meeting_Signature")
- INITCAREPLAN ("Assessment")
- LOCISSUE ("LOC_Issues")
- LOCLIST ("LOC_List")
- LOCRISKF ("LOC_Risk_Factors")
- MEDPU ("Medication_PU")
- MEDPUDOSAGE ("Medication_PU_Dosage")
- MEDPUHISTORY ("Medication_PU_History")
- MMSEPU ("MMSE_PU")
- NEUROSYMPTISS ("Neuro_Symptoms_Issues")
- NOTES ("Notes")
- NUTRIPU ("NutritionIssues_PU")
- NUTRISYMPT ("Nutri_symptoms_issues")
- NUTSUPDESC ("Nutri_Supplements_Description")
- OXYSATCYN ("O2_Saturation_Cyanosis")
- PAINABBEY ("CA_Pain_Abbey_Score")
- PAINFLACC ("CA_Pain_FLACC_Scale_Score")
- PAINNA ("PainNotAssessed_List")
- PAINNOTES ("PainSiteNotes")
- PAINSITEPU ("PainSite_PU")
- POCCATITEM ("Care_Plan_Category_Item")
- POCGOAL ("POC_Goal")
- POCHISTORY ("POC_History")
- POCINTERVENTION ("POC_Intervention")
- POCISSUE ("POC_Issue")
- PPSPU ("PPS_PU")
- RECTHERPU ("RecTherapy_PU")
- RESPHIS ("Respiratory_History")
- RESPIRSYMPT ("RespiratorySymptoms_List")
- RNASSESS ("RNAssess")
- SNPU ("SpecNeed_PU")
- SPDMSEPU ("Specialty_DMSE_PU")
- SPIRACTPU ("SpirAct_PU")
- SSASSESSIDGPOC ("Snapshot_Assess_IDG_POC")
- TEST1 ("test")
- TREATPU ("Treatment_PU")
- TREATPUHISTORY ("Treatment_PU_History")
- TSAFMEDADMIN ("Teaching_Safety_Medication_Admin")
- WOUNDPU ("Wound_PU")
- WOUNDRELTD ("Wound_Related")
- Configuring Change Auditing
- Contact
- Contract Management
- CONTRACTS ("Contracts")
- Contract Management2
- Control Panels
- Customer Management
- Development Management
- CHANGE ("Change_Control")
- DELIVERABLES ("Phase_Deliverables")
- ISSUES ("Issue_Tracker")
- PHASECTRL ("PHASE_CONTROL")
- Discovery
- DISCCR ("Business_Rules_for_Crossroads")
- Employee & Payroll
- ACTV2 ("DAL_Activities")
- ACTV2CHILD ("DAL_Activities_Child")
- CARETEAMS ("Care_Team")
- CONTRACTORDETAILS ("Contractor_Details")
- CRED ("Credential")
- DALV2 ("Daily_Activity_Log_V2")
- DEPT ("Department_Settings")
- EMPACTVT ("Daily_Activity_Log")
- EMPCRED ("Staff_Credentials")
- EMPHIS ("Employment_History")
- EMPJOBROLE ("Employee_Job_Role")
- EMPLREV ("Review")
- HRDETAILS ("HR_Details")
- PAYPERIOD ("Pay_Period")
- PAYROLLCTRL ("Payroll_Mgmt")
- SANC ("Sanction")
- SECONDARYLANGUAGE ("Secondary_Language")
- VCS ("Version_control_systems")
- Financial Export
- Infection Tracking
- Inventory
- Libraries
- ACTDIS ("ActDis_List")
- ADMINBY ("AdminBy_List")
- AMBULIST ("Ambulation_List")
- ASSESSMENTDISCIPLINE ("Assessment_Discipline")
- ASSESSWITH ("AssessWith_List")
- AVSUPP ("AvSupp_List")
- BOWELMOVEMT ("BowelMovemt_List")
- BOWELSOUNDS ("BowelSounds_List")
- CAPILLREF ("CapillaryRefill_List")
- CATHCHBY ("CathChangeBy_List")
- CATHSIZE ("CathSize_List")
- CATHTYPE ("CathType_List")
- COLOILEO ("ColoIleo_List")
- COLOILEOSIZE ("ColoIleoSize_List")
- CONSLVL ("ConsciousLevel_List")
- COUGHTYPE ("CoughType_List")
- COUNT1 ("Count1Increm_List")
- COUNTIES ("Counties")
- CURR ("Current_List")
- DALCNTRL ("Daily_Activites_Control_Panel")
- DALDET ("Daily_Activities")
- DECLINE ("Decline_List")
- DEFER ("Defer")
- DEPMT ("Departments")
- DMELIST ("DME_List")
- DNRLIST ("DNR_List")
- DRUGINTER ("Drug_Interactions")
- EDEMACOUNT ("EdemaCount_List")
- EDEMATYPE ("EdemaType_List")
- EDUCLIST ("Education_List")
- EKIT ("EKIT_List")
- ELIGSUMM ("EligSummary_List")
- EMPFILVALLIST ("Employees_Status_Filter_Val_List")
- ETHNIC ("Ethnic_List")
- ETLIST ("ETank_List")
- FASTLIST ("FAST_List")
- FLACC ("FLACC_Scale_List")
- FREQ ("Frequency_List")
- GASTROTRT ("GastroTreatmt_List")
- GPILISTLIB ("GPI_List_Library")
- GPILISTLIBRARYITEM ("GPI_List_Library_Item")
- HEARTFAIL ("HeartFailure_List")
- HOSPICETALENTLIST ("Hospice_Talent_List")
- IMMLIST ("ImmDeath_List")
- INITCONT ("InitCont_List")
- INTAKE ("Intake_List")
- INTERACT ("Drug_Interaction_Library")
- LEVELS ("Level_List")
- LUNGSOUNDS ("Lung_Sounds_List")
- MEDFREQ ("MedFreq_List")
- MEDLIB ("Medication_Library")
- MEDLIST ("Med_List")
- MEDREG ("MedRegimen_List")
- MEDROUTE ("MedRoute_List")
- MSTRDCP ("MSTR_Care_Plan")
- MSTRDCPG ("MSTR_Care_Plan_Goals")
- MSTRDCPI ("MSTR_Care_Plan_Intervention")
- NHPHRDNG ("NH_PharmD_Note_Template")
- O2CYAN ("O2Cyanosis_List")
- ORIENTATIONLIST ("Orientation_List")
- OTHERSYMPTISS ("OtherSymptomsIssues_List")
- OXYGFREQ ("OxygFreq_List")
- OXYGINTENS ("OxygIntensity_List")
- PAINDURAT ("PainDuration_List")
- PAINFREQ ("PainFreq_List")
- PAINLEVEL ("PainLevel_List")
- PAINONSET ("PainOnset_List")
- PAINQAULITY ("PainQuality_List")
- PAINTYPE ("PainType_List")
- PATIENTLOCTYPELIST ("Patient_Location_Type_List")
- PATREFTYPELIST ("Patient_Referral_Type_List")
- PEKIT ("EKIT")
- PERC10 ("Percent_10Increm_List")
- RESPDELIV ("RespDeliv_List")
- RNASSESSLIST ("RNAssessment_List")
- SAFEMED ("SafeMed_List")
- SELFCARE ("SelfCare_List")
- SKINCOND ("SkinCond_List")
- SKINSYMPT ("SkinSymptomsIssues_List")
- SKINTEMP ("SkinCondTemp_List")
- SKINTOUCH ("SkinCondTouch_List")
- SPECNEED ("SpecNeeds_List")
- SPIRACTIV ("SpirActiv_List")
- STATES ("StateCode_List")
- THERREC ("TherRec_List")
- TIMEPD ("TimePeriod_List")
- TIMEPD ("TimePeriod_List")
- TIMEZONEMAPPING ("Time_Zone_Mapping")
- TUBEFEEDFORM ("TubeFeedFormula_List")
- TUBEFEEDMTHD ("TubeFeedMethod_List")
- URINECLAR ("UrineClarity_List")
- UTS ("UTS_List")
- WALKLIST ("WalkerType_List")
- WCTYPE ("ChairType_List")
- YESNO ("YesNo_List")
- YNNA ("YesNoNA_List")
- YNRLIST ("YesNoRef_List")
- Marketing
- NBW Expense Reporting
- NBW Lead Management
- LEADMGMT ("NBW_Lead_Mgmt")
- New Contract/Patient Referral
- QUALDISC ("Quality_Discussion")
- Old Referral System
- Patient Management
- ADMITCERT ("Billing_Period_Details")
- ATTDRINFO ("Attending_Physician_Info")
- BLDCLM ("Billing_Coverage_Matrix")
- BNFTPRD ("Recert_Benefit_Periods")
- CCDATES ("Continuous_Care_Dates")
- CLAIM ("Patient_Billed_Claims")
- COMMINFO ("Commercial_Payer_Info")
- COTI ("Physician_Certification")
- CPVISITFREQUENCY ("CP_VISITFREQUENCY")
- CURAWSPRD ("CURAWSPRD")
- DIAGNOSISHISTORY ("DIAGNOSIS_HISTORY")
- DISCIPLINEVISITS ("Discipline_Visits")
- DRINFO ("Physician_Info")
- DRLICENSE ("Physician_License")
- FTOF ("Face-To-Face_visits")
- FTOFPRDS ("F2F_Benefit_Periods")
- MEDICAIDINFO ("Medicaid_Payer_Info")
- MEDICAREINFO ("Medicare_Payer_Info")
- MSPQ ("Medicare_Questionnaire")
- NRATES ("Patient_Negotiated_Rates")
- NVISITRATES ("Patient_Negotiated_Visit_Rates")
- PATALLERGY ("Patient_Allergy")
- PATCG ("PAT_CARE_GIVER")
- PATCOMORBIDS ("Patient_CoMorbids")
- PATIDGVISIT ("Patient_IDG_VISITS")
- PATIENTCARE ("Patient_Level_of_Care")
- PATIENTCHARTNOTES ("PatientChart_Notes")
- PATIENTGIPADMISSIONREASON ("Patient_GIPAdmission_Reasons")
- PATIENTSYMPTOMSREASONS ("Patient_Symptoms_Reasons")
- PATINFO ("Patient_Chart")
- PATMED ("Patient_Medication")
- PATPAYINFO ("Patient_Payer_Info")
- PATREFAWARE ("Patient_Ref_Aware")
- PAYAUTH ("Payer_Authorization")
- PAYSRC ("Payor_Information")
- PCPAYER ("Physician_Certification_Payer")
- PERSONETHNICITY ("Person_Ethnicity")
- PHARM ("PharmScript")
- RNBSRVPRD ("Room_and_Board_Service_Period")
- SPENDDOWN ("Medicaid_Spend_Down")
- SRVPRD ("Service_Periods")
- VOLCONTVISITS ("Volunteer_Visit_Type")
- VOLLANG ("Volunteer_Lang")
- VOLTALENTS ("Volunteer_Talents")
- VOLUNTEER ("Volunteer")
- PDC Patient Record
- Pharmacy
- Post Sale
- Quality Discussions
- REFERRER Managment
- NEWVARS ("New_REFERRER")
- Remittances
- Reports
- HISADMISSION ("HIS_Admission_Info")
- HISADMISSIONADIAGNOSIS ("HIS_Admission_Active_Diagnosis")
- HISADMISSIONHEALTH ("HIS_Admission_Health_Condition")
- HISADMISSIONMEDICATIONS ("HIS_Admission_Medications")
- HISADMISSIONPAININCLUDES ("HIS_Admission_Pain_Includes")
- HISADMISSIONPREFERENCES ("HIS_Admission_Preferences")
- HISADMISSIONSOB ("HIS_Admission_SOB_Treatment")
- HISDISCHARGEINFO ("HIS_Discharge_Info")
- HISDISCHARGESUMMARY ("HIS_Discharge_Summary")
- HISREPORT ("HIS_Reporting")
- Sales and Opportunity
- Sales Pipeline
- Temporary Tools
- CMCLIST ("Client_Migrate_Checklist")
- test
- TEST BED FOR NEW APPLETS
- TESTPLAT ("TEST_PLATFORM")
- TestApplication
- Vendor Management
- VEND ("Vendor")
- Applicant Tracking System
Authentication
Authentication to the Qbos API is granted through the use of a shared-value hash to populate HTTP headers. The hash is used to authenticate the request provenance as well as the message timing, thus limiting the value of replay attempts. (For greater security, the API may implement a "use server salt" option, in which the API server generates and returns valid random salt to the client, which are then expired when used or after timeout.)
Definitions
- USER_ID - is the alphanumeric ID used to identify the shared-value hash key. It has no semantic meaning other than identifying the shared key, which is then linked to the underlying user in a many-to-one relation.
- SHARED_KEY - is the alphanumeric hash key known only to the client and the API server.
- HTTP_METHOD - is one of the HTTP verbs defined in RFCs 2616, 5789, 3744, and 2518, in UTF-8 uppercase.
- URI - is the REST URI used to identify the requested resource or collection of resources, in UTF-8.
- SALT - is an arbitrary alphanumeric string, chosen by the client, from 1...255 characters.
- ACTION_BODY - is the request payload (usually JSON, but may be an empty string).
- HASH_TYPE - is 'v1-sha256'
- CANONICAL_DATE - is the current date/time in UTC in the format CCYYmmDD-HHMMSS-f Example: 20140410-123456-743209
- CANONICAL_ACTION - is the request details in the format USER_ID|HTTP_METHOD|URI|SALT Example: jsmith@domain.com|GET|qbos-rest/rest/v1/o/person/8788120|ABCDEF12345
- CANONICAL_HASH_ID is in the format qbos-HASH_TYPE Example qbos-v1-sha256
Hash Rounds
- Hash_1 = SHA256(CANONICAL_DATE, SHARED_KEY)
- Hash_2 = SHA256 (CANONICAL_ACTION, Hash_1)
- Hash_3 = SHA256 (ACTION_BODY, USER_ID)
- Hash_4 = SHA256 (Hash_3, Hash_2)
- Hash_5 = SHA256 (CANONICAL_HASH_ID, Hash_4)
Method
The client calculates the above values and sends the following authentication headers to the API server:
- x-api-salt: SALT
- x-api-date-utc: CANONICAL_DATE
- Authorization: Basic Hash_5
The server will calculate the hash for the request, using the shared hash key, and authenticate based on the timestamp and authentication hash. The server reserves the right to return an HTTP 401 to indicate a failed authentication attempt based on either a failed hash or an expiration of the timeout period.
URI patterns
Definitions
- Corporate - QBOS system license owner
- Standard resource - QBOS system provides a number of standard resources. (person,organization,address,phone,...)
- Custom resource - QBOS system may be extended by custom resources: QBOS Applets
- Vendor Id - Applies to custom resource. Corporate id of a QBOS Applet provider
- Parent Type - Parent resource type. Type of a standard resource or type of a custom resource in alphabetic or numeric form
- Parent Id - Parent resource id. Numeric id of a standard resource or numeric id of a custom resource
- Type - Resource type. Type of a standard resource or type of a custom resource in alphabetic or numeric form
- Id - Resource id. Numeric id of a standard resource or numeric id of a custom resource
- Query String - URI query string. Supports filtering, paging, inclusion and sorting arguments where applicable: $filter,$offset,$limit,$sort,$include
Standard Resource URI patterns. https://.../v1/o/...
parent
type parent
id
type Id
JSON
payload query
string
description
POST /v1/o/
R R
R
R
Create a resource
GET /v1/o/
R R
Read a resource by id
GET /v1/o/
R R
links
R
O
Read resources by parent
PUT /v1/o/
R R
R
Update a resource
DELETE /v1/o/
O O
R R
O
Delete a resource
R=Required, O=optional, Blank=not applicable
Custom Resource URI patterns. https://.../v1/{vendor_id}/...
vendor
id
parent
relation
id parent
id
type id
JSON
payload query
string
description
POST /v1/ R
R
R
Create a resource
GET /v1/ R
R R
Read a resource by id
GET /v1/ R
R R
links
R
O
Read resources by parent
GET /v1/ R
R
O
Read resources by filter
PUT /v1/ R
R R
R
Update a resource
DELETE /v1/ R
O O
R R
O
Delete a resource
POST /v1/ R
R R
links
R R
Link a resource of type
and id
with a parent resource
DELETE /v1/ R
R R
links
R R
Unlink a resource of type
and id
from a parent resource
R=Required, O=optional, Blank=not applicable
Custom Resource Metadata URI patterns. https://.../v1/ads/...
parent
type parent
id
type Id
JSON
payload query
string
description
POST /v1/ads/
R R
R
R
Create a resource
GET /v1/ads/
R R
Read a resource by id
GET /v1/ads/
R R
links
R
O
Read resources by parent
PUT /v1/ads/
R R
R
Update a resource
DELETE /v1/ads/
O O
R R
O
Delete a resource
R=Required, O=optional, Blank=not applicable
Complex Data View URI patterns. https://.../v1/views/...
type
query
string
description
GET /v1/views/
R
[See types]
R
The value of query string argument {$filter} provides the WHERE predicate for the SQL executed by the request. Any property of the view can be used in {$filter}. The value of {$filter} has to be URL-encoded. If {$filter} in not provided then 1 random record is returned from the view as an example record.
R=Required, O=optional, Blank=not applicable
Error handling
Error Response
- "status" (number) - The HTTP status code ([RFC7231], Section 6) generated by the origin server for this occurrence of the problem.
- "title" (string) - A short, human-readable summary of the problem type. It SHOULD NOT change from occurrence to occurrence of the problem, except for purposes of localisation.
- "detail" (string) - An human readable explanation specific to this occurrence of the problem.
- "type" (string) - For future use. - An absolute URI [RFC3986] that identifies the problem type. When dereferenced, it SHOULD provide human-readable documentation for the problem type (e.g., using HTML [W3C.REC-html401-19991224]). When this member is not present, its value is assumed to be "about:blank".
- "instance" (string) - For future use. - An absolute URI that identifies the specific occurrence of the problem. It may or may not yield further information if dereferenced.
Example
{
"title":"Not found",
"status":"404",
"detail":"Resource of type xxxx ...",
"type": "about:blank",
"instance": ""
}
Further development of Error Response is based on: Problem Details for HTTP APIs
Authentication to the Qbos API is granted through the use of a shared-value hash to populate HTTP headers. The hash is used to authenticate the request provenance as well as the message timing, thus limiting the value of replay attempts. (For greater security, the API may implement a "use server salt" option, in which the API server generates and returns valid random salt to the client, which are then expired when used or after timeout.)
Definitions
- USER_ID - is the alphanumeric ID used to identify the shared-value hash key. It has no semantic meaning other than identifying the shared key, which is then linked to the underlying user in a many-to-one relation.
- SHARED_KEY - is the alphanumeric hash key known only to the client and the API server.
- HTTP_METHOD - is one of the HTTP verbs defined in RFCs 2616, 5789, 3744, and 2518, in UTF-8 uppercase.
- URI - is the REST URI used to identify the requested resource or collection of resources, in UTF-8.
- SALT - is an arbitrary alphanumeric string, chosen by the client, from 1...255 characters.
- ACTION_BODY - is the request payload (usually JSON, but may be an empty string).
- HASH_TYPE - is 'v1-sha256'
- CANONICAL_DATE - is the current date/time in UTC in the format CCYYmmDD-HHMMSS-f Example: 20140410-123456-743209
- CANONICAL_ACTION - is the request details in the format USER_ID|HTTP_METHOD|URI|SALT Example: jsmith@domain.com|GET|qbos-rest/rest/v1/o/person/8788120|ABCDEF12345
- CANONICAL_HASH_ID is in the format qbos-HASH_TYPE Example qbos-v1-sha256
Hash Rounds
- Hash_1 = SHA256(CANONICAL_DATE, SHARED_KEY)
- Hash_2 = SHA256 (CANONICAL_ACTION, Hash_1)
- Hash_3 = SHA256 (ACTION_BODY, USER_ID)
- Hash_4 = SHA256 (Hash_3, Hash_2)
- Hash_5 = SHA256 (CANONICAL_HASH_ID, Hash_4)
Method
The client calculates the above values and sends the following authentication headers to the API server:
- x-api-salt: SALT
- x-api-date-utc: CANONICAL_DATE
- Authorization: Basic Hash_5
The server will calculate the hash for the request, using the shared hash key, and authenticate based on the timestamp and authentication hash. The server reserves the right to return an HTTP 401 to indicate a failed authentication attempt based on either a failed hash or an expiration of the timeout period.
Definitions
- Corporate - QBOS system license owner
- Standard resource - QBOS system provides a number of standard resources. (person,organization,address,phone,...)
- Custom resource - QBOS system may be extended by custom resources: QBOS Applets
- Vendor Id - Applies to custom resource. Corporate id of a QBOS Applet provider
- Parent Type - Parent resource type. Type of a standard resource or type of a custom resource in alphabetic or numeric form
- Parent Id - Parent resource id. Numeric id of a standard resource or numeric id of a custom resource
- Type - Resource type. Type of a standard resource or type of a custom resource in alphabetic or numeric form
- Id - Resource id. Numeric id of a standard resource or numeric id of a custom resource
- Query String - URI query string. Supports filtering, paging, inclusion and sorting arguments where applicable: $filter,$offset,$limit,$sort,$include
Standard Resource URI patterns. https://.../v1/o/...
parent type | parent id |
type | Id | JSON payload | query string |
description | ||
---|---|---|---|---|---|---|---|---|
POST /v1/o/ | R | R | R | R | Create a resource | |||
GET /v1/o/ | R | R | Read a resource by id | |||||
GET /v1/o/ | R | R | links | R | O | Read resources by parent | ||
PUT /v1/o/ | R | R | R | Update a resource | ||||
DELETE /v1/o/ | O | O | R | R | O | Delete a resource |
Custom Resource URI patterns. https://.../v1/{vendor_id}/...
vendor id |
parent relation id | parent id |
type | id | JSON payload | query string |
description | ||
---|---|---|---|---|---|---|---|---|---|
POST /v1/ | R | R | R | Create a resource | |||||
GET /v1/ | R | R | R | Read a resource by id | |||||
GET /v1/ | R | R | R | links | R | O | Read resources by parent | ||
GET /v1/ | R | R | O | Read resources by filter | |||||
PUT /v1/ | R | R | R | R | Update a resource | ||||
DELETE /v1/ | R | O | O | R | R | O | Delete a resource | ||
POST /v1/ | R | R | R | links | R | R | Link a resource of type and id with a parent resource |
||
DELETE /v1/ | R | R | R | links | R | R | Unlink a resource of type and id from a parent resource |
Custom Resource Metadata URI patterns. https://.../v1/ads/...
parent type | parent id |
type | Id | JSON payload | query string |
description | ||
---|---|---|---|---|---|---|---|---|
POST /v1/ads/ | R | R | R | R | Create a resource | |||
GET /v1/ads/ | R | R | Read a resource by id | |||||
GET /v1/ads/ | R | R | links | R | O | Read resources by parent | ||
PUT /v1/ads/ | R | R | R | Update a resource | ||||
DELETE /v1/ads/ | O | O | R | R | O | Delete a resource |
Complex Data View URI patterns. https://.../v1/views/...
type | query string |
description | |
---|---|---|---|
GET /v1/views/ | R [See types] |
R | The value of query string argument {$filter} provides the WHERE predicate for the SQL executed by the request. Any property of the view can be used in {$filter}. The value of {$filter} has to be URL-encoded. If {$filter} in not provided then 1 random record is returned from the view as an example record. |
Error handling
Error Response
- "status" (number) - The HTTP status code ([RFC7231], Section 6) generated by the origin server for this occurrence of the problem.
- "title" (string) - A short, human-readable summary of the problem type. It SHOULD NOT change from occurrence to occurrence of the problem, except for purposes of localisation.
- "detail" (string) - An human readable explanation specific to this occurrence of the problem.
- "type" (string) - For future use. - An absolute URI [RFC3986] that identifies the problem type. When dereferenced, it SHOULD provide human-readable documentation for the problem type (e.g., using HTML [W3C.REC-html401-19991224]). When this member is not present, its value is assumed to be "about:blank".
- "instance" (string) - For future use. - An absolute URI that identifies the specific occurrence of the problem. It may or may not yield further information if dereferenced.
Example
{
"title":"Not found",
"status":"404",
"detail":"Resource of type xxxx ...",
"type": "about:blank",
"instance": ""
}
Further development of Error Response is based on: Problem Details for HTTP APIs