Uploading QRDA Cat I via API

popHealth allows for the upload of QRDA Category I files through a HTTP POST. The endpoint for this request is at /api/patients (See a list of patient APIs and others at http://pophealth-demo.osehra.org/apipie). The load patient API expects the QRDA Category I document to be the POST body. The endpoint is protected by HTTP Basic Authentication.

As an example, here is how you could upload a QRDA Category I file using cURL:

curl -X POST -u USERNAME:PASSWORD -H "Content-Type: multipart/form-data" -F 'file=@QRDA_FILE.xml' http://localhost:3000/api/patients

In this example, replace USERNAME and PASSWORD with the username and password you have created in your instance of popHealth. QRDA_FILE should be replaced with the path to the QRDA Category I file that you want to upload. You may also change the host name and port in the URL provided if you are uploading to a host that is different from the machine you are using.

Please note: the popHealth API interface has a bug. You will receive a "Can't verify CSRF token authenticity" error when issuing the above command. Please make the following change to line 4 of the source file - https://github.com/OSEHRA/popHealth/blob/master/app/controllers/application_controller.rb

#protect_from_forgery :with => :exception
protect_from_forgery unless: -> { request.format.json? }

This will allow you to run the API. This is a temporary fix until we develop the correct fix.