Member App (Patient Access API)
SMART App Launch
Story: A 👤 member/patient installs a third-party app, picks their payer, and grants consent. The app uses SMART on FHIR with OpenID Connect to obtain a token, then calls the payer’s Patient Access API to retrieve data the payer maintains (claims, encounters, clinical, coverage) plus prior authorization info by 2027.
OAuth 2.0 / SMART on FHIR
OpenID Connect
FHIR R4 (R4.0.1)
USCDI v1/v3
Click Authorize with Payer to simulate app authorization and token issuance.
Endpoints (Patient Access API) – Common reads this app will perform once authorized:
GET /Patient/{id}GET /Coverage?beneficiary={id}GET /Encounter?patient={id}&_since=...GET /ExplanationOfBenefit?patient={id}&_since=...GET /ClaimResponse?patient={id}&_since=...prior auth decisions
Data Viewer & Prior Authorization (2027)
Patient-facing views
Compliance callouts (for demo):
- By Jan 1, 2027, Patient Access API must include prior authorization requests & decisions (excluding drugs), with decision date, items/services approved, and reason for any denial.
- APIs use FHIR R4, SMART App Launch, OpenID Connect, and support USCDI data classes.
- 2026: Payers begin reporting Patient Access API usage metrics to CMS (first report due Mar 31, 2026).
Prior Auth Timeline
Metrics Dashboard
0
Tokens Issued
0
FHIR Reads
0
Prior Auths Shown
0
Errors
| Endpoint | Reads | Last Status |
|---|---|---|
| Patient | 0 | — |
| Coverage | 0 | — |
| Encounter | 0 | — |
| EOB | 0 | — |
| Prior Auth | 0 | — |
Error Simulator
Pick a mode in OAuth card
Ready.