PrescribeIT® Specification and Guide Version 5.0

 

This section provides details on the APIs that have been defined for the PrescribeIT® domain. Shared Health domain APIs are included on the Shared Health API Summary page.

The endpoints will vary by environment (e.g. Production, Pre-conformance) and may also be context specific. Implementers should make the endpoints' URLs configurable within their systems as these may be updated in future releases. Vendors should not be storing the organization/practitioner URLs; rather they should build it at runtime using configurable prefix's per environment and the identifier itself. The real URLs will be published to Vendors upon onboarding with PrescribeIT®.

For PrescribeIT® there will be three new HTTP headers that will be required in the Formulary Query, Deferred Query, and Provider Registry Queries. The headers will be for a) Application Instance Identifier, b) Practitioner CPRID, and c) Organization CPRID.

The headers are required so that PrescribeIT® can determine the originator of the query when an application instance is using a hub/routing application. See the table below for conformance rules.

When acknowledging a PrescribeIT® message, a service endpoint behaves in two ways. First, in the context of acknowledging 101, 201, or 305 interactions, no mandatory headers are required. Second, in the context of acknowledgment of a Deferred Query (401) interaction, two mandatory headers (X-SHAREDHEALTH-EXCHANGE-SENDING-APP-INSTANCE-ID and X-SHAREDHEALTH-EXCHANGE-SENDING-ORGANIZATION-ID) must be provided. When a request to acknowledge messages is received, an attempt is made to look up their Bundle IDs in the Inbox (which can contain 101, 201 or 305 messages). If this lookup is unsuccessful, then the service considers this to be a request to acknowledge 401 message(s) and a check is done to ensure that mandatory headers X-SHAREDHEALTH-EXCHANGE-SENDING-APP-INSTANCE-ID and X-SHAREDHEALTH-EXCHANGE-SENDING-ORGANIZATION-ID are present.

HTTP Request Header Conformance Rules Expected Format
X-SHAREDHEALTH-EXCHANGE-SENDING-APP-INSTANCE-ID

Mandatory for Formulary Query (EMR) and Deferred Query (PMS)

Mandatory for acknowledging (ACK) a Deferred Query

X-SHAREDHEALTH-EXCHANGE-SENDING-APP-INSTANCE-ID: urn:oid:1.2.0.9.9.4.0994
X-SHAREDHEALTH-EXCHANGE-SENDING-PRACTITIONER-ID

Not applicable for Deferred Query (PMS) or for PMS-initiated Provider Registry Queries

Optional for Formulary Query (EMR) but should be provided if Practitioner is enrolled and known

X-SHAREDHEALTH-EXCHANGE-SENDING-PRACTITIONER-ID: http://sharedhealth.exchange/fhir/NamingSystem/registry-id-practitioner|190000074
X-SHAREDHEALTH-EXCHANGE-SENDING-ORGANIZATION-ID

Mandatory for Formulary Query (EMR), Deferred Query (PMS), and Provider Registry queries.

Mandatory for acknowledging (ACK) a Deferred Query

X-SHAREDHEALTH-EXCHANGE-SENDING-ORGANIZATION-ID: http://sharedhealth.exchange/fhir/NamingSystem/registry-id-organization|190001234
API Type REST
Verb PUT
Required Request Headers

X-SHX-SDF-Developer-Key: <value>

Note: <value> for X-SHX-SDF-Developer-Key is unique for each caller location. It is a credential which is supplied along with the SDF certificate to each location during its on-boarding.

Accept: application/xml
Content-Type: See PrescribeIT® Clinician Communication

Response Content Type application/xml
Response Headers X-SHX-SDF-TraceId - unique identifier of this transaction generated by the server
Description Service to upload PrescribeIT® (305) attachments, attachment will be uploaded as binary in the HTTP request body
Production Endpoint URL https://api.sharedhealth.exchange/rest/v1/THP/mailbox_vs0/Binary/${AttachmentId}
Pre-Conformance Endpoint URL https://api.sharedhealth.exchange/rest/v1/preconf/THP/mailbox_vs1/Binary/${AttachmentId}
Request Sample
PUT https://api.sharedhealth.exchange/rest/v1/preconf/THP/mailbox_vs1/Binary/60c1242e-017a-4076-961d-2968ef63a81e

Accept: application/xml
Content-Type: text/plain
X-SHX-SDF-Developer-Key: ZTkyM2EyNTktNDQ2OC00ZmNkLThjZjUtMGIzMDc4NTE4MjhhOmY1NjMwYThjZTBkODRkY2I4Mjg3NmZhMjAwZTAzOTJhM2NhMmYxNzJlNipiNDk0ZWE1ZmFkNmI4YmMxYmNkODk=
This is a sample document payload
Response Sample
HTTP response code is 200, payload is empty, headers are as follows:

Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/plain
Date: Thu, 12 Dec 2019 21:04:39 GMT
X-Global-Transaction-ID: b2ba59235df2ab67941a637d
Server: nginx/1.10.2
X-Application-Context: Attachment:precon:8181
accept: application/xml
accept-encoding: gzip
Access-Control-Allow-Headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, CONNECT, PATCH
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3600
ATTACHMENT_CHECK_SUM: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ATTACHMENT_SIZE: 370
authorization: Basic dGVzdDp0ZXN0
breadcrumbId: eeff88c9-db38-4298-bbef-430cb6826ede
guid: 60c1242e-017a-4076-961d-2968ef63a81e
user-agent: Apache-HttpClient/4.5.3 (Java/1.8.0_221)
x-forwarded-for: 172.31.0.162
x-forwarded-host: 198.96.45.111
x-forwarded-server: 198.96.45.111
x-telus-sdf-appid: 1011622
x-telus-sdf-traceid: fd7127bb-e130-4b84-afa3-2359bab2be74
x-telus-sdf-virtualhostid: shx.external.site2
X-SHX-SDF-Site: site2.api.sharedhealth.exchange
X-SHX-SDF-ServerId: sdfxmlfw21
Service Response HTTP Code header and Payload
  • HTTP 200 and empty response payload in case of success
  • HTTP 4xx or HTTP 5xx for any backend errors + payload. Payload format depends on whether the error is coming from the SDF (API gateway) or PrescribeIT® Central Service. In case of the SDF failure, the response is in custom XML format, in case of PrescribeIT® Central Service the response is an OperationOutcome object
API Type REST
Verb GET
Required Request Headers

X-SHX-SDF-Developer-Key: <value>

Note: <value> for X-SHX-SDF-Developer-Key is unique for each caller location. It is a credential which is supplied along with the SDF certificate to each location during its on-boarding.

Accept: <value> - one or more Accept headers can be provided. One of the values must match this attachment's content type found in the 305 message

Response Content Type Matches original attachment content type
Description Service to download attachments referenced in FHIR messages with message bundle type 305
Production Endpoint URL https://api.sharedhealth.exchange/rest/v1/THP/mailbox_vs0/Binary/${AttachmentId}
Pre-Conformance Endpoint URL https://api.sharedhealth.exchange/rest/v1/preconf/THP/mailbox_vs1/Binary/${AttachmentId}
Response Headers X-SHX-SDF-TraceId - unique identifier of this transaction generated by the server
Content-Type: <value> - value is matching the original content type
Content-Disposition: attachment; filename="<value>"
Service Response HTTP Code header and Payload
  • HTTP 200 for success + payload
  • HTTP 4xx or HTTP 5xx for any backend errors + payload. Payload format depends on whether the error is coming from the SDF (API gateway) or PrescribeIT® Central Service. In case of the SDF failure, the response is in custom XML format, in case of PrescribeIT® Central Service the response is an OperationOutcome object
API Type REST
Verb POST
Required Request Headers

X-SHX-SDF-Developer-Key: <value>

Note: <value> for X-SHX-SDF-Developer-Key is unique for each caller location. It is a credential which is supplied along with the SDF certificate to each location during its on-boarding.

Accept: application/xml

Content-Type: application/xml

Description Service to issue one time password and send it to user as SMS or through Mobile Authenticator
Production Endpoint URL https://api.sharedhealth.exchange/rest/v1/THP/STS_vs0/api/requestOTP
Pre-Conformance Endpoint URL https://api.sharedhealth.exchange/rest/v1/preconf/THP/STS_vs1/api/requestOTP
Response Headers X-SHX-SDF-TraceId - unique identifier of this transaction generated by the server
Request Schema
<?xml version="1.0" encoding="UTF-8"?>
<xs:schema xmlns="http://www.sharedhealth.exchange/erx/2016/06/STS" xmlns:xs="http://www.w3.org/2001/XMLSchema" targetNamespace="http://www.sharedhealth.exchange/erx/2016/06/STS" elementFormDefault="qualified" attributeFormDefault="unqualified">
	<xs:element name="requestOTP" type="requestOTPType">
		<xs:annotation>
			<xs:documentation>STS OTP Request Message</xs:documentation>
		</xs:annotation>
	</xs:element>
	<xs:complexType name="requestOTPType">
		<xs:sequence>
			<xs:element name="entityBusinessId">
				<xs:simpleType>
					<xs:restriction base="xs:string">
						<xs:maxLength value="100"/>
					</xs:restriction>
				</xs:simpleType>
			</xs:element>
			<xs:element name="appInstanceId">
				<xs:simpleType>
					<xs:restriction base="xs:string">
						<xs:maxLength value="100"/>
					</xs:restriction>
				</xs:simpleType>
			</xs:element>
			<xs:element name="thpsUserId">
				<xs:simpleType>
					<xs:restriction base="xs:string">
						<xs:maxLength value="100"/>
					</xs:restriction>
				</xs:simpleType>
			</xs:element>
			<xs:element name="noPhone" type="xs:boolean"/>
			<xs:element name="debug" type="xs:boolean" minOccurs="0" maxOccurs="1"/>
		</xs:sequence>
	</xs:complexType>
</xs:schema>
Notes:
  • noPhone element is no longer used in the current release of PrescribeIT®, its value should be always sent as false
  • debug element must be always set to false in Production Environment
Request Sample
<ns2:requestOTP xmlns:ns2="http://www.sharedhealth.exchange/erx/2016/06/STS" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.sharedhealth.exchange/erx/2016/06/STS/STS-requestToken.xsd">
	<ns2:entityBusinessId>https://api.preprd.sharedhealth.teluslabs.net/rest/v1/THP/PR_vs1/Organization/190000104</ns2:entityBusinessId>
	<ns2:appInstanceId>urn:oid:1.2.2.3.3.7.7.9003012</ns2:appInstanceId>
	<ns2:thpsUserId>190000126</ns2:thpsUserId>
	<ns2:noPhone>false</ns2:noPhone>
	<ns2:debug>false</ns2:debug>
</ns2:requestOTP>
Response Schema
<?xml version="1.0" encoding="UTF-8"?>
<xs:schema xmlns="http://www.sharedhealth.exchange/erx/2016/06/STS" xmlns:xs="http://www.w3.org/2001/XMLSchema" targetNamespace="http://www.sharedhealth.exchange/erx/2016/06/STS" elementFormDefault="qualified" attributeFormDefault="unqualified">
	<xs:element name="responseStatus" type="responseStatusType">
		<xs:annotation>
			<xs:documentation>Common Response Structure</xs:documentation>
		</xs:annotation>
	</xs:element>
	<xs:complexType name="responseStatusType">
		<xs:sequence>
			<xs:element name="status">
				<xs:simpleType>
					<xs:restriction base="xs:string">
						<xs:enumeration value="Success"/>
						<xs:enumeration value="Fail"/>
					</xs:restriction>
				</xs:simpleType>
			</xs:element>
			<xs:element name="message" minOccurs="0">
				<xs:simpleType>
					<xs:restriction base="xs:string">
						<xs:maxLength value="255"/>
					</xs:restriction>
				</xs:simpleType>
			</xs:element>
			<xs:element name="code" type="xs:int"/>
			<xs:element name="timeStamp" type="customDT"/>
			<xs:element name="X-TELUS-SDF-TraceId">
				<xs:simpleType>
					<xs:restriction base="xs:string">
						<xs:pattern value="[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}"/>
					</xs:restriction>
				</xs:simpleType>
			</xs:element>
		</xs:sequence>
	</xs:complexType>
	<xs:simpleType name="customDT">
		<xs:restriction base="xs:string">
			<xs:pattern value="[0-9]{4}-[01][0-9]-[0-3][0-9] [0-2][0-9]:[0-5][0-9]:[0-6][0-9]\.[0-9]{3}"/>
			<!-- Example: 2009-12-31 00:00:00.123    yyyy-MM-dd HH:mm:ss.SSS -->
		</xs:restriction>
	</xs:simpleType>
</xs:schema>
Response Sample

Production Environment

<ns:responseStatus xmlns:ns="http://www.sharedhealth.exchange/erx/2016/06/STS">
	<ns:status>Success</ns:status>
	<ns:message/>
	<ns:code>200</ns:code>
	<ns:timeStamp>2018-04-13 13:02:23.955</ns:timeStamp>
	<ns:X-TELUS-SDF-TraceId>8c2e8706-e7d7-4467-8b61-e3d7c49ee093</ns:X-TELUS-SDF-TraceId>
</ns:responseStatus>

Non-Production Environments (e.g. Pre-Conformance)

<ns:responseStatus xmlns:ns="http://www.sharedhealth.exchange/erx/2016/06/STS">
	<ns:status>Success</ns:status>
	<ns:message/>
	<ns:code>200</ns:code>
	<ns:timeStamp>2018-04-13 13:02:23.955</ns:timeStamp>
	<ns:X-TELUS-SDF-TraceId>8c2e8706-e7d7-4467-8b61-e3d7c49ee093</ns:X-TELUS-SDF-TraceId>
</ns:responseStatus>
Service Response Code Headers
  • HTTP 200 for Success
  • HTTP 4xx or HTTP 5xx for any backend errors + payload. Payload format depends on whether the error is coming from the SDF (API gateway) or PrescribeIT® Central Service. In case of the SDF failure, the response is in custom XML format, in case of PrescribeIT® Central Service the response is in XML format compatible with the Response XML schema documented above (in this case, responseStatusType object has status set to Fail and message contains the details of the failure)
API Type REST
Verb POST
Request Content Type application/xml
Response Content Type application/xml
Required Request Headers

X-SHX-SDF-Developer-Key: <value>

Note: <value> for X-SHX-SDF-Developer-Key is unique for each caller location. It is a credential which is supplied along with the SDF certificate to each location during its on-boarding.

Accept: application/xml

Content-Type: application/xml

Description Service to issue SAML Token
Response Header from Service

X-SHAREDHEALTH-EXCHANGE-SAML-EXPIRY - Date and time the returned token is going to expire. This time is always in UTC
X-SHX-SDF-TraceId - unique identifier of this transaction generated by the server

Production Endpoint URL https://api.sharedhealth.exchange/rest/v1/THP/STS_vs0/api/requestToken
Pre-Conformance Endpoint URL https://api.sharedhealth.exchange/rest/v1/preconf/THP/STS_vs1/api/requestToken
Request Schema
  1. Production Environment
    <xs:schema xmlns="http://www.sharedhealth.exchange/erx/2016/06/STS" xmlns:xs="http://www.w3.org/2001/XMLSchema" targetNamespace="http://www.sharedhealth.exchange/erx/2016/06/STS" elementFormDefault="qualified" attributeFormDefault="unqualified">
        <xs:element name="requestToken" type="requestTokenType">
            <xs:annotation>
                <xs:documentation>STS Token Request Message</xs:documentation>
            </xs:annotation>
        </xs:element>
        <xs:complexType name="requestTokenType">
            <xs:sequence>
                <xs:element name="entityBusinessId">
                    <xs:simpleType>
                        <xs:restriction base="xs:string">
                            <xs:maxLength value="100"/>
                        </xs:restriction>
                    </xs:simpleType>
                </xs:element>
                <xs:element name="appInstanceId">
                    <xs:simpleType>
                        <xs:restriction base="xs:string">
                            <xs:maxLength value="100"/>
                        </xs:restriction>
                    </xs:simpleType>
                </xs:element>
                <xs:element name="thpsUserId">
                    <xs:simpleType>
                        <xs:restriction base="xs:string">
                            <xs:maxLength value="100"/>
                        </xs:restriction>
                    </xs:simpleType>
                </xs:element>
                <xs:element name="OTP" minOccurs="0">
                    <xs:simpleType>
                        <xs:restriction base="xs:string">
                            <xs:maxLength value="10"/>
                        </xs:restriction>
                    </xs:simpleType>
                </xs:element>
                <xs:element name="localUserId">
                    <xs:simpleType>
                        <xs:restriction base="xs:string">
                            <xs:maxLength value="100"/>
                        </xs:restriction>
                    </xs:simpleType>
                </xs:element>
                <xs:element name="firstName" minOccurs="0">
                    <xs:simpleType>
                        <xs:restriction base="xs:string">
                            <xs:maxLength value="50"/>
                        </xs:restriction>
                    </xs:simpleType>
                </xs:element>
                <xs:element name="lastName">
                    <xs:simpleType>
                        <xs:restriction base="xs:string">
                            <xs:maxLength value="50"/>
                        </xs:restriction>
                    </xs:simpleType>
                </xs:element>
                <xs:element name="licenseNumber" minOccurs="0">
                    <xs:simpleType>
                        <xs:restriction base="xs:string">
                            <xs:maxLength value="50"/>
                        </xs:restriction>
                    </xs:simpleType>
                </xs:element>
                <xs:element name="licenseIssuer" minOccurs="0">
                    <xs:simpleType>
                        <xs:restriction base="xs:string">
                            <xs:maxLength value="100"/>
                        </xs:restriction>
                    </xs:simpleType>
                </xs:element>
                <xs:element name="roleCode" minOccurs="0">
                    <xs:simpleType>
                        <xs:restriction base="xs:string">
                            <xs:maxLength value="50"/>
                        </xs:restriction>
                    </xs:simpleType>
                </xs:element>
    			<xs:element name="externalToken" minOccurs="0">
                    <xs:simpleType>
                        <xs:restriction base="xs:string">
                            <xs:maxLength value="4000"/>
                        </xs:restriction>
                    </xs:simpleType>
                </xs:element>
            </xs:sequence>
        </xs:complexType>
    </xs:schema>
    
Request Sample

Request using practitioner’s license number and license issuer

<requestToken xsi:schemaLocation="http://www.sharedhealth.exchange/erx/2016/06/STS/STS-requestToken.xsd" xmlns="http://www.sharedhealth.exchange/erx/2016/06/STS" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
	<entityBusinessId>https://api.sharedhealth.exchange/rest/v1/THP/TPR_vs0/Organization/200328629</entityBusinessId>
	<appInstanceId> urn:oid:2.16.840.1.113883.3.1467.1014915</appInstanceId>
	<thpsUserId>200328635</thpsUserId>
	<OTP>8upwh</OTP>
	<localUserId>10179</localUserId>
	<lastName>Wang</lastName>
	<licenseNumber>35981</licenseNumber>
	<licenseIssuer>urn:oid:2.16.840.1.113883.4.44</licenseIssuer>
</requestToken>

Request With External Token

This is to be used only by vendors who have been instructed and approved by Infoway to supply this additional piece of data in order to complete the 2FA process.

<requestToken xsi:schemaLocation="http://www.sharedhealth.exchange/erx/2016/06/STS STS-requestToken.xsd" xmlns="http://www.sharedhealth.exchange/erx/2016/06/STS" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
               <entityBusinessId>https://api.preprd.sharedhealth.teluslabs.net/rest/v1/THP/TPR_vs0/Organization/200146119</entityBusinessId>
               <appInstanceId>urn:oid:1.2.2.3.3.7.7.10007939</appInstanceId>
               <thpsUserId>200146121</thpsUserId>
               <localUserId>PractThomas Pots</localUserId>
               <lastName>Pots</lastName>
               <licenseNumber>23423</licenseNumber>
               <licenseIssuer>urn:oid:2.16.840.1.113883.3.7752</licenseIssuer>
               <externalToken>eyJraWQiOiJpajJWZjlTOEhDb21UWVU3NGJhc0VPY0VMSFYybG9aYm5SVWZ0NlZCTDc4IiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiIwMHV2a284YTVsdVhyUkJyNTBoNyIsIm5hbWUiOiJNaXlhIFdoZWF0bGV5IiwidmVyIjoxLCJpc3MiOiJodHRwczovL29rdGEtZC5xaHJ0ZWNoLmNvbS9vYXV0aDIvZGVmYXVsdCIsImF1ZCI6IjBvYXZrbDNxa3dtbVpaa21FMGg3IiwiaWF0IjoxNjA5ODYxMjkwLCJleHAiOjE2MDk4NjQ4OTAsImp0aSI6IklELnNoRkN3cDZXNXdVc3RSNVVDWTdjVUZHc2Y5TXdDOXlhd3hDdmppUjgybUEiLCJhbXIiOlsicHdkIl0sImlkcCI6IjAwb2tydDI0ZWdMd1hFVnQ0MGg3IiwicHJlZmVycmVkX3VzZXJuYW1lIjoibWl5YS53aGVhdGxleUBwcmVzY3JpYmVpdC5jYSIsImF1dGhfdGltZSI6MTYwOTg2MTI5MCwiYXRfaGFzaCI6InhYZGlEalJEeWtVR1RsWlUzSWhpV0EiLCJsaWNlbnNlX2lzcyI6InVybjpvaWQ6Mi4xNi44NDAuMS4xMTM4ODMuNC43NTYiLCJsaWNlbnNlX251bSI6IjIzNDIzIiwiZ3JvdXBzIjpbIkV2ZXJ5b25lIiwiUHJvdmlkZXIgVXNlcnMiLCJGZWRlcmF0ZWQgVXNlcnMiXSwic3F1aWQiOiJlZGU0MTFiNS01YzE4LTQ4ZWItOTg2My01MzY1YmRmMjhkODkifQ.UvZB6PoVnzbHVdpTLCc1mrVL__Gr6h5xMjBjslPqmATI7SFEI53N72pz95NhROiFR5qHfxZ1uipm9lVYZoCpZ-v338BFN3Pswah0GM8nrZ96Tyhose8Nq1_zAk1MfyeNpg575LT_g_LW1owxCMmbd8uQ6pyfWBXDaShfkIWj6mIi0s1j_BHkRXzOz2inA6T7YliZBE-8L-gVSa2xjC3xUAUHcNqjYtJXoGQrXattku1LDhPD5N1d266DTB7xF9KZp4STmDJFjsDNO3IA6fhgeztSHYUJUhVR6g7RzSIS1p9lNFTSRTN2Ntdo3oXVo_EQlx7Il0wo40ug7AYzNV2mQQ</externalToken>
</requestToken>
Response Schema

STSResponseStatus.xsd

<xs:schema xmlns="http://www.sharedhealth.exchange/erx/2016/06/STS" xmlns:xs="http://www.w3.org/2001/XMLSchema" targetNamespace="http://www.sharedhealth.exchange/erx/2016/06/STS" elementFormDefault="qualified" attributeFormDefault="unqualified">
	<xs:element name="responseStatus" type="responseStatusType">
		<xs:annotation>
			<xs:documentation>Common Response Structure</xs:documentation>
		</xs:annotation>
	</xs:element>
	<xs:complexType name="responseStatusType">
		<xs:sequence>
			<xs:element name="status">
				<xs:simpleType>
					<xs:restriction base="xs:string">
						<xs:enumeration value="Success"/>
						<xs:enumeration value="Fail"/>
					</xs:restriction>
				</xs:simpleType>
			</xs:element>
			<xs:element name="message" minOccurs="0">
				<xs:simpleType>
					<xs:restriction base="xs:string">
						<xs:maxLength value="1000"/>
					</xs:restriction>
				</xs:simpleType>
			</xs:element>
			<xs:element name="code" type="xs:int"/>
			<xs:element name="timeStamp" type="customDT"/>
			<xs:element name="X-TELUS-SDF-TraceId">
				<xs:simpleType>
					<xs:restriction base="xs:string">
						<xs:pattern value="[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}"/>
					</xs:restriction>
				</xs:simpleType>
			</xs:element>
		</xs:sequence>
	</xs:complexType>
	<xs:simpleType name="customDT">
		<xs:restriction base="xs:string">
			<xs:pattern value="[0-9]{4}-[01][0-9]-[0-3][0-9] [0-2][0-9]:[0-5][0-9]:[0-6][0-9]\.[0-9]{3}"/>
			<!-- Example: 2009-12-31 00:00:00.123    yyyy-MM-dd HH:mm:ss.SSS -->
		</xs:restriction>
	</xs:simpleType>
</xs:schema>
Response + response header sample

X-SHAREDHEALTH-EXCHANGE-SAML-EXPIRY: 2020-10-28 01:11:13.521

X-SHX-SDF-TraceId: 578834ee-b176-45de-a26f-3fcc8e35324f

<ns:responseStatus xmlns:ns="http://www.sharedhealth.exchange/erx/2016/06/STS">
	<ns:status>Success</ns:status>
	<ns:message>PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4KPHNhbWwyOkFzc2VydGlvbiBJRD0iN2M2Mzg3M2YtM2NhMS00YWE5LWE3YzctY2RhODMxZGQwOWY5IiBJc3N1ZUluc3RhbnQ9IjIwMjAtMTAtMjdUMTM6MTE6MTMuNTIxWiIgVmVyc2lvbj0iMi4wIiB4bWxuczpzYW1sMj0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIj48c2FtbDI6SXNzdWVyPmh0dHBzOi8vYXBpLnNoYXJlZGhlYWx0aC5leGNoYW5nZS9yZXN0L3YxL1RIUC9TVFNfdnMwPC9zYW1sMjpJc3N1ZXI+PGRzOlNpZ25hdHVyZSB4bWxuczpkcz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnIyI+PGRzOlNpZ25lZEluZm8+PGRzOkNhbm9uaWNhbGl6YXRpb25NZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz48ZHM6U2lnbmF0dXJlTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3JzYS1zaGExIi8+PGRzOlJlZmVyZW5jZSBVUkk9IiM3YzYzODczZi0zY2ExLTRhYTktYTdjNy1jZGE4MzFkZDA5ZjkiPjxkczpUcmFuc2Zvcm1zPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjZW52ZWxvcGVkLXNpZ25hdHVyZSIvPjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiPjxlYzpJbmNsdXNpdmVOYW1lc3BhY2VzIFByZWZpeExpc3Q9InhzIiB4bWxuczplYz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+PC9kczpUcmFuc2Zvcm0+PC9kczpUcmFuc2Zvcm1zPjxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSIvPjxkczpEaWdlc3RWYWx1ZT5NTWlRY3ZoNUNkMkI4SkJDRTBpdGpUdVhXeXM9PC9kczpEaWdlc3RWYWx1ZT48L2RzOlJlZmVyZW5jZT48L2RzOlNpZ25lZEluZm8+PGRzOlNpZ25hdHVyZVZhbHVlPmZTT2I4NXhBRjJrazVGYUN0OE5BUTloZ1l4V3BpZU1zU3I1NEZYOWVQdkIxM2xpb3NlVVhTZEJ4aUZwbS9kTnJRT0VwQ25wMkxvNTE5MzdIMXFaTE9zd2pSWGpwZS9uL1Z5eFQ2MnArKzBCUSsrQSs0M0UwdFNWOEdaWmpNZS9wRlNSNzB1aEhBeDRKK2ZOL1VoZnRERElOc2Z2MjVUb2trSWRVcHIwc0lJUWFYYW5RY1FoL3A5MjJPYmVXM1cxNkNqVlltT2VzR1B3dDY2Znl2SFN0S0cxczNnMVVzY0Z1eC9OVmxlcEw3OEhwWjBiODNXVFBMSElYeXUrcC9YUk1rbndpRUlCV1BDcEtxaEpTby9mbEZIR25Mb3ZTa2Y2bW9PZnd0ODlKakIwamdEUlpvL3lIR0NiRmVIZDdxeFN5ODdVQzkrNlU3bkZ4Yk1sdWVCZSttZz09PC9kczpTaWduYXR1cmVWYWx1ZT48ZHM6S2V5SW5mbz48ZHM6WDUwOURhdGE+PGRzOlg1MDlDZXJ0aWZpY2F0ZT5NSUlHcmpDQ0JaYWdBd0lCQWdJUUtJOFhEN294VEhJQUFBQUFVUVhDQ3pBTkJna3Foa2lHOXcwQkFRc0ZBRENCdWpFTE1Ba0dBMVVFCkJoTUNWVk14RmpBVUJnTlZCQW9URFVWdWRISjFjM1FzSUVsdVl5NHhLREFtQmdOVkJBc1RIMU5sWlNCM2QzY3VaVzUwY25WemRDNXUKWlhRdmJHVm5ZV3d0ZEdWeWJYTXhPVEEzQmdOVkJBc1RNQ2hqS1NBeU1ERXlJRVZ1ZEhKMWMzUXNJRWx1WXk0Z0xTQm1iM0lnWVhWMAphRzl5YVhwbFpDQjFjMlVnYjI1c2VURXVNQ3dHQTFVRUF4TWxSVzUwY25WemRDQkRaWEowYVdacFkyRjBhVzl1SUVGMWRHaHZjbWwwCmVTQXRJRXd4U3pBZUZ3MHlNREEyTURVeE9ESTFNRGxhRncweU1UQTNNVGd4T0RVMU1EbGFNR294Q3pBSkJnTlZCQVlUQWtOQk1ROHcKRFFZRFZRUUlFd1pSZFdWaVpXTXhFVEFQQmdOVkJBY1RDRTF2Ym5SeVpXRnNNUjR3SEFZRFZRUUtFeFZEWVc1aFpHRWdTR1ZoYkhSbwpJRWx1Wm05M1lYa3hGekFWQmdOVkJBTVREbkJ5WlhOamNtbGlaV2wwTG1OaE1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBCk1JSUJDZ0tDQVFFQW9VVWdHajJLNXc0a3hPa2szc3lkdE1rcExRRlUvdkEwSTJIYnd6SmJqelpIUXZVWHAxUWUwRW43VVNza2dMd2wKQ202SXFsVXRrOUlJRSswbzNIc1hYUzllcXM3VU5qbFVvVW1xcnNheUZwaWZ2c2VSTEx3aXZkQTdvMTUyTjVyT2NKZzdiaWtwVm9YUAphVys1bHlrWFVHeVVvUmtnOVZORDV5dnJTR0hJQnhFK1VjRFpqR1VwVTJ4VW5wa1k4dm56ZlY4YTNQVERzTlYyK1AwUFJNTnhHalJ3ClpWTXRMdUx5bU84aHp3M2ZndGQ3SDZUb0RqaEY1WjUrM2psYVo0VTRYYmttTlBRTHloNURrSm4rRW8rN0crbjI4d3FDTFlkY1YxdDUKSmt1b281aTkvS0c2bmY3a3B1ckxkR0ZrTmx0N2U3UGg0UGg5WHdMWjhNR0lCT09ycFFJREFRQUJvNElDL1RDQ0F2a3dHUVlEVlIwUgpCQkl3RUlJT2NISmxjMk55YVdKbGFYUXVZMkV3Z2dGK0Jnb3JCZ0VFQWRaNUFnUUNCSUlCYmdTQ0FXb0JhQUIxQUZXQjFNSVdrRFlCClN1b0xtMWM4VS9EQTVEaDRjQ1VJRnkranFoMEhFOU1NQUFBQmNvWFdQVXdBQUFRREFFWXdSQUlnQTR1YTB6WGgzWFVUYmcvYTIwQzgKc2djdEpHNEdvN1hwZmdDNjBPdnJ1UVFDSUhQVWM5TWxkUW9tVmpRL25MbUM1WFJ3YmUwcEgvK1RlRnVGQVRoN0Z3N1lBSGNBVmhRRwptaS9Yd3V6VDllRzlSTEkreDBaMnVieVpFVnpBNzVTWVZkYUowTjBBQUFGeWhkWTlaQUFBQkFNQVNEQkdBaUVBaU9sSlBGZzBMSzZoCkdaRXpXbUwreG9wdExjRmdyenlPUVVzYkZmb2U0YWtDSVFEeVF3Y0hNVXovQzYzSjExMUFWUW9HajhiOE90OG9MU0ZHaVpuSzJFNkgKSkFCMkFQWmNsQy9SZHpBaUZGUVlDRENVVm83alRSTVpNNy9mREM4Z0M4eE84V1RqQUFBQmNvWFdQWEVBQUFRREFFY3dSUUloQUtYawp5K0YzZ3hBQXViVW53UDV5N3dUYmM5ZTNGSlpjd3g3QURhZm5uYUx0QWlCSGE5L1F6dWp3ZlJNQUllUTZNRWI3MmtUdSswTStiemdRCjRZR3NldERqNXpBT0JnTlZIUThCQWY4RUJBTUNCYUF3RXdZRFZSMGxCQXd3Q2dZSUt3WUJCUVVIQXdFd013WURWUjBmQkN3d0tqQW8Kb0NhZ0pJWWlhSFIwY0RvdkwyTnliQzVsYm5SeWRYTjBMbTVsZEM5c1pYWmxiREZyTG1OeWJEQkxCZ05WSFNBRVJEQkNNRFlHQ21DRwpTQUdHK213S0FRVXdLREFtQmdnckJnRUZCUWNDQVJZYWFIUjBjRG92TDNkM2R5NWxiblJ5ZFhOMExtNWxkQzl5Y0dFd0NBWUdaNEVNCkFRSUNNR2dHQ0NzR0FRVUZCd0VCQkZ3d1dqQWpCZ2dyQmdFRkJRY3dBWVlYYUhSMGNEb3ZMMjlqYzNBdVpXNTBjblZ6ZEM1dVpYUXcKTXdZSUt3WUJCUVVITUFLR0oyaDBkSEE2THk5aGFXRXVaVzUwY25WemRDNXVaWFF2YkRGckxXTm9ZV2x1TWpVMkxtTmxjakFmQmdOVgpIU01FR0RBV2dCU0NvbkIwM2J4VFA4OTcxUGZOZjZkZ3hncE12ekFkQmdOVkhRNEVGZ1FVMFdyY24ycThsUUNmS3JLUEkreHhvSU84CmhnOHdDUVlEVlIwVEJBSXdBREFOQmdrcWhraUc5dzBCQVFzRkFBT0NBUUVBalI5Q0RnRmVBLzVSSzA1Y3o2THVsZTlSQVZqdkdnU2UKdHM3Y2dDaUtrUU5yVHBrcmRsTHNsRExicE1VUkVseVhMTFlqc3RVeVNXR0dOakhpZkJFMnNsb0MrRGdXYTVLcDZ2Sm90eVh1SlJKMAozeWpYdTB5K0NZTndSK0V5enBWS2JHWUtOYWhuUlFaNVc0S3FoY1hkV3paN2JhYVJUNmgzVTJqOWl3OGwvVURBK0Q3SVhFL0Izb2RPCmtJS0h2N1p1bU1yaGNVRElST0JHS0xDMnRpbERENk5QZ1NLY2RyZnJlNDZncStZSGhBa3JyNmRxWmwwRnQ1Ukt3RGhsbXAwa0dZTFkKMlJacU5oMUl1b1JSRTVSaWZLOFAvU2RwaktPS2xnNlZPN1VBbjVBbVVxN0w4R2tUUkdRYzYxVVJJZXFNeXljbEtPTzZ3d0dsS2xIZQplRUVHZUE9PTwvZHM6WDUwOUNlcnRpZmljYXRlPjwvZHM6WDUwOURhdGE+PC9kczpLZXlJbmZvPjwvZHM6U2lnbmF0dXJlPjxzYW1sMjpTdWJqZWN0PjxzYW1sMjpOYW1lSUQgRm9ybWF0PSJUZWx1c2hlYWx0aC5jb20iIE5hbWVRdWFsaWZpZXI9IlRlbHVzaGVhbHRoLmNvbSI+MjAwMDAwMDI2PC9zYW1sMjpOYW1lSUQ+PHNhbWwyOlN1YmplY3RDb25maXJtYXRpb24gTWV0aG9kPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6Y206YmVhcmVyIj48c2FtbDI6U3ViamVjdENvbmZpcm1hdGlvbkRhdGEgTm90T25PckFmdGVyPSIyMDIwLTEwLTI4VDAxOjExOjEzLjUyMVoiLz48L3NhbWwyOlN1YmplY3RDb25maXJtYXRpb24+PC9zYW1sMjpTdWJqZWN0PjxzYW1sMjpDb25kaXRpb25zIE5vdEJlZm9yZT0iMjAyMC0xMC0yN1QxMzowNjoxMy41MjFaIiBOb3RPbk9yQWZ0ZXI9IjIwMjAtMTAtMjhUMDE6MTE6MTMuNTIxWiIvPjxzYW1sMjpBdXRoblN0YXRlbWVudCBBdXRobkluc3RhbnQ9IjIwMjAtMTAtMjhUMDE6MTE6MTMuNTIxWiI+PHNhbWwyOkF1dGhuQ29udGV4dD48c2FtbDI6QXV0aG5Db250ZXh0Q2xhc3NSZWY+dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFjOmNsYXNzZXM6U2VjdXJlUmVtb3RlUGFzc3dvcmQ8L3NhbWwyOkF1dGhuQ29udGV4dENsYXNzUmVmPjwvc2FtbDI6QXV0aG5Db250ZXh0Pjwvc2FtbDI6QXV0aG5TdGF0ZW1lbnQ+PHNhbWwyOkF0dHJpYnV0ZVN0YXRlbWVudD48c2FtbDI6QXR0cmlidXRlIE5hbWU9Imh0dHA6Ly9zY2hlbWFzLnRlbHVzaGVhbHRoLmNvbS8yMDE2LzA1L2lkZW50aXR5L2NsYWltcy9MaWNlbnNlIj48c2FtbDI6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+dXJuOm9pZDoyLjE2Ljg0MC4xLjExMzg4My40LjM0NzpPTjUwMDAyNjwvc2FtbDI6QXR0cmlidXRlVmFsdWU+PC9zYW1sMjpBdHRyaWJ1dGU+PHNhbWwyOkF0dHJpYnV0ZSBOYW1lPSJodHRwOi8vc2NoZW1hcy50ZWx1c2hlYWx0aC5jb20vMjAxNi8wNS9pZGVudGl0eS9jbGFpbXMvUm9sZUNvZGUiPjxzYW1sMjpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj5odHRwOi8vaGw3Lm9yZy9maGlyL3ByYWN0aXRpb25lci1yb2xlfGRvY3Rvcjwvc2FtbDI6QXR0cmlidXRlVmFsdWU+PC9zYW1sMjpBdHRyaWJ1dGU+PHNhbWwyOkF0dHJpYnV0ZSBOYW1lPSJodHRwOi8vc2NoZW1hcy50ZWx1c2hlYWx0aC5jb20vMjAxNi8wNS9pZGVudGl0eS9jbGFpbXMvU2VydmljZUxvY2F0aW9uRW50aXR5SUQiPjxzYW1sMjpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj5odHRwczovL3dlYnNlcnZpY2VzLnRlbHVzLmNvbS9yZXN0L3YxL1RIUC9UUFJfdnMwL09yZ2FuaXphdGlvbi8yMDAwMDAwMjg8L3NhbWwyOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDI6QXR0cmlidXRlPjxzYW1sMjpBdHRyaWJ1dGUgTmFtZT0iaHR0cDovL3NjaGVtYXMudGVsdXNoZWFsdGguY29tLzIwMTYvMDUvaWRlbnRpdHkvY2xhaW1zL0xhc3ROYW1lIj48c2FtbDI6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+V2FuZzwvc2FtbDI6QXR0cmlidXRlVmFsdWU+PC9zYW1sMjpBdHRyaWJ1dGU+PHNhbWwyOkF0dHJpYnV0ZSBOYW1lPSJodHRwOi8vc2NoZW1hcy50ZWx1c2hlYWx0aC5jb20vMjAxNi8wNS9pZGVudGl0eS9jbGFpbXMvTG9jYWxVc2VySUQiPjxzYW1sMjpBdHRyaWJ1dGVWYWx1ZSB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ieHM6c3RyaW5nIj5Db2xvbWJhIERlQW5nZWxpcyBNRDwvc2FtbDI6QXR0cmlidXRlVmFsdWU+PC9zYW1sMjpBdHRyaWJ1dGU+PHNhbWwyOkF0dHJpYnV0ZSBOYW1lPSJodHRwOi8vc2NoZW1hcy50ZWx1c2hlYWx0aC5jb20vMjAxNi8wNS9pZGVudGl0eS9jbGFpbXMvRmlyc3ROYW1lIj48c2FtbDI6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+QmluaHVhPC9zYW1sMjpBdHRyaWJ1dGVWYWx1ZT48L3NhbWwyOkF0dHJpYnV0ZT48c2FtbDI6QXR0cmlidXRlIE5hbWU9Imh0dHA6Ly9zY2hlbWFzLnRlbHVzaGVhbHRoLmNvbS8yMDE2LzA1L2lkZW50aXR5L2NsYWltcy9BcHBJbnN0YW5jZUlEIj48c2FtbDI6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+dXJuOm9pZDowLjAuMC4wLjAuMC4yMDAwMDAwMjg8L3NhbWwyOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDI6QXR0cmlidXRlPjwvc2FtbDI6QXR0cmlidXRlU3RhdGVtZW50Pjwvc2FtbDI6QXNzZXJ0aW9uPg==</ns:message>
	<ns:code>200</ns:code>
	<ns:timeStamp>2020-10-27 09:11:13.528</ns:timeStamp>
	<ns:X-TELUS-SDF-TraceId>578834ee-b176-45de-a26f-3fcc8e35324f</ns:X-TELUS-SDF-TraceId>
</ns:responseStatus>
  • X-SHAREDHEALTH-EXCHANGE-SAML-EXPIRY: 2018-09-25 02:54:28.136
  • X-TELUS-ERX-SAML-EXPIRY: 2018-09-25 02:54:28.136
  • X-SHX-SDF-TraceId: a1ba12a0-19d1-456a-a831-c877d3ae21ed
  • X-SHX-SDF-Site: site1.api.sharedhealth.exchange
  • X-SHX-SDF-ServerId: sdfxmlfw1
Service Response Code Headers
  • HTTP 200 for Success
  • HTTP 4xx or HTTP 5xx for any backend errors + payload. Payload format depends on whether the error is coming from the SDF (API gateway) or PrescribeIT® Central Service. In case of the SDF failure, the response is in custom XML format, in case of PrescribeIT® Central Service the response is in XML format compatible with the Response XML schema documented above (in this case, responseStatusType object has status set to Fail and message contains the details of the failure)
API Type REST
Verb GET
Required Request Headers

X-SHX-SDF-Developer-Key: <value>

Note: <value> for X-SHX-SDF-Developer-Key is unique for each caller location. It is a credential which is supplied along with the SDF certificate to each location during its on-boarding.

Accept: application/xml+fhir
X-SHAREDHEALTH-EXCHANGE-SENDING-APP-INSTANCE-ID: <value>

X-SHAREDHEALTH-EXCHANGE-SENDING-ORGANIZATION-ID: http://sharedhealth.exchange/fhir/NamingSystem/registry-id-organization|<value>

Response Content Type application/xml+fhir
Description Query to the formulary service
Production Endpoint URL https://api.sharedhealth.exchange/rest/v1/THP/mailbox_vs0/$formulary">https://api.sharedhealth.exchange/rest/v1/THP/mailbox_vs0/$formulary
Pre-Conformance Endpoint URL https://api.sharedhealth.exchange/rest/v1/preconf/THP/mailbox_vs1/$formulary">https://api.sharedhealth.exchange/rest/v1/preconf/THP/mailbox_vs1/$formulary
Response Headers X-SHX-SDF-TraceId - unique identifier of this transaction generated by the server
Content-Type: application/xml+fhir
Service Response HTTP Code header and Payload
  • HTTP 200 for success + payload
  • HTTP 4xx or HTTP 5xx for any backend errors + payload. Payload format depends on whether the error is coming from the SDF (API gateway) or PrescribeIT® Central Service. In case of the SDF failure, the response is in custom XML format, in case of PrescribeIT® Central Service the response is an OperationOutcome object
Sample query
								
							

The API summary for Shared Health can be found here.