Overview
The Sunwave API allows customers to automate the process of loading completed forms from their applications into Sunwave.
This API should only be used to attach documents to N-Forms. When an attachment is made to an N-Form using the API, it will display as a new instance of that form. For example, if I use this to attach a document to my Master Treatment Plan form, it will look like this:
Configuring Sunwave API
The following steps must be completed on the parent realm in order to enable can configure the Sunwave API for ERP Health:
NOTE: These steps must be performed by the Product team. Contact Product Management to request enabling the ERP health API integration for a given realm.
Register the External App
Go to Practice Setup > External Apps.
Click + Create Registry.
Click the refresh button for Client ID.
Click the refresh button for Client Secret.
Copy the generated Client ID and Client Secret, provide these to the Customer for use when calling the API.
Click Save.
Set API Call Limit Per Day
Go to Manage Realms.
Set API Call Limit Per Day to a value of -1. This allows for unlimited API calls.
Enable IP Access
Go to Practice Setup > IP Access.
Click the New Access button (top-right) and configure as follows, then click Save:
Ip Address: *
Clinic id: realm number
Description: Attach Forms (or similar label)
Enable Forms to Allow Attachments via the API
NOTE: You should only add attachments to N-Forms. Do NOT attempt to use the API to make attachments to singular forms like the Face Sheet.
Customers need to provide the form ID(s) that they want to add attachments to using this API.
Provide these form IDs to Engineering so that they can enable attachments via the API on the backend.
Sunwave API for ERP Health
Syntax
POST https://emr.sunwavehealth.com/SunwaveEMR/api/addforminpatientchart
Content-Type: application/json
Authorization: Digest $token
seed = user_id:client_id:dateTimeBase64:clinic_id:unique_transaction_id:Base64Encode(md5Hex(payload))
token = seed:JWT.hmac(seed, privateKey)
Parameters
user_id: Service User account created for use in ERP Health integration:
Example: john.doe@acmehealth.comclient_id: This is the Realm Client Id which will be provided by Engineering upon enabling ERP Health integration. (Practice Setup > External Apps)
privateKey: This is the Realm Private Key which will be provided by Engineering upon enabling ERP Health integration. (Practice Setup > External Apps)
clinic_id: This is the Realm ID, for example ‘236’ for the Training Realm.
unique_transaction_id: Each call to the Sunwave API must have a unique transaction id. See the section below called Generating unique_transaction_id for more information. See Generating unique_transaction_id for more information.
dateTimeBase64: Base64 encoded of the GMT DateTime string formatted as "EEE, d MMM yyyy HH:mm:ss Z"
Example: Thu, 8 Sep 2022 19:34:06 +0000Example code for generating dateTimeBase64:
JavaSimpleDateFormat df = new SimpleDateFormat("EEE, d MMM yyyy HH:mm:ss Z");
df.setTimeZone(TimeZone.getTimeZone("GMT"));
Timestamp now = new Timestamp(new java.util.Date().getTime());
String dateTime = df.format(now);
String dateTimeBase64 = new String(Base64.getEncoder().encode(dateTime.getBytes()));
ApexDateTime dt = System.now();
String formatedDate = dt.formatGMT('EEE, d MMM yyyy HH:mm:ss Z');
String formatedDateBase64 = EncodingUtil.base64Encode(Blob.valueof(formatedDate))
Body
{
"account_id": "string",
"service_date":"string",
"patient_first_name": "string",
"patient_last_name": "string",
"patient_dob": "string",
"form_id": "string",
"pdf_payload": "<base64-pdf>"
}
NOTE: Please limit the size of PDF attachments to 200KB or smaller.
Example Payload
{
"account_id": "133038",
"service_date":"2022-05-11",
"patient_first_name": "Arnold",
"patient_last_name": "Sullivan",
"patient_dob": "1999-01-01",
"form_id": "236",
"pdf_payload": "data:application/pdf;base64,JVBERi0xLjcKCjEgMCBvYmogICUgZW50cnkgcG9pbnQKPDwKICAvVHlwZSAvQ2F0YWxvZwogIC9QYWdlcyAyIDAgUgo+PgplbmRvYmoKCjIgMCBvYmoKPDwKICAvVHlwZSAvUGFnZXMKICAvTWVkaWFCb3ggWyAwIDAgMjAwIDIwMCBdCiAgL0NvdW50IDEKICAvS2lkcyBbIDMgMCBSIF0KPj4KZW5kb2JqCgozIDAgb2JqCjw8CiAgL1R5cGUgL1BhZ2UKICAvUGFyZW50IDIgMCBSCiAgL1Jlc291cmNlcyA8PAogICAgL0ZvbnQgPDwKICAgICAgL0YxIDQgMCBSIAogICAgPj4KICA+PgogIC9Db250ZW50cyA1IDAgUgo+PgplbmRvYmoKCjQgMCBvYmoKPDwKICAvVHlwZSAvRm9udAogIC9TdWJ0eXBlIC9UeXBlMQogIC9CYXNlRm9udCAvVGltZXMtUm9tYW4KPj4KZW5kb2JqCgo1IDAgb2JqICAlIHBhZ2UgY29udGVudAo8PAogIC9MZW5ndGggNDQKPj4Kc3RyZWFtCkJUCjcwIDUwIFRECi9GMSAxMiBUZgooSGVsbG8sIHdvcmxkISkgVGoKRVQKZW5kc3RyZWFtCmVuZG9iagoKeHJlZgowIDYKMDAwMDAwMDAwMCA2NTUzNSBmIAowMDAwMDAwMDEwIDAwMDAwIG4gCjAwMDAwMDAwNzkgMDAwMDAgbiAKMDAwMDAwMDE3MyAwMDAwMCBuIAowMDAwMDAwMzAxIDAwMDAwIG4gCjAwMDAwMDAzODAgMDAwMDAgbiAKdHJhaWxlcgo8PAogIC9TaXplIDYKICAvUm9vdCAxIDAgUgo+PgpzdGFydHhyZWYKNDkyCiUlRU9G"
}
Generating unique_transaction_id
You MUST generate a unique_transaction_id for every call. If you send multiple requests using the same unique_transaction_id, they will be rejected as duplicate transactions.
The following example illustrates how to create a unique_transaction_id using HMAC:
Syntax
hmac(seed, privateKey):
Apex Example
public static String hmac(String message, String privateKey){
String algorithmName = 'hmacSHA512';
Blob hmacData = Crypto.generateMac(algorithmName, Blob.valueOf(message), Blob.valueOf(privateKey));
String output = EncodingUtil.base64Encode(hmacData);
output = output.replace('+', '-');
output = output.replace('/', '_');
return output;
}