Source Integration

HealthJibe Connect makes integrating your consumer health information service to a range of consumer selected health management services as easy as connecting an eCommerce application to the payment card networks.

HealthJibe leverages OAuth and  requires the use of an OAuth Consumer (an open source OAuth library for your development platform is likely to be available).  The OAuth authorization process is used to establish the initial connection between the source and the user’s HealthJibe account. Here’s how it works:

  • Implement an OAuth Consumer capability that adheres to the OAuth core authorization protocol.
  • The HealthJibe authorization and configuration process for your service and its associated website is done in five steps when the user clicks on the Connect with HealthJibe button:
    1. Your website obtains an unauthorized Request Token (Endpoint: https://www.razcode.net/request-token.ashx)
    2. Your website redirects the user to the HealthJibe authorization page where the user authorizes the Request Token by simply entering their HealthJibe email address and password (Endpoint: https://www.healthjibe.net/jibe/authorize)
    3. Your website exchanges the Request Token for an Access Token that should be stored with the user  information on your website (Endpoint: https://www.razcode.net/access-token.ashx) and is used to sign future data transfer requests as discussed below.
    4. Your website redirects the user to the HealthJibe  Configuration endpoint URL (https://www.healthjibe.net/jibe/configure) where the user is able to choose one or more destination health management services for the health data sent from your service. This request must contain a callback URL parameter (raz_callback) that HealthJibe will use to redirect the user back to your website.
    5. HealthJibe redirects the user back to your website at the completion of the configuration process, providing a seamless user experience for the user. In addition to the oauth_token query string parameter and the oauth_verifier parameter, HealthJibe will append a query string parameter to the callback request (raz_notification_status) that indicates if health information should continue to be sent for this user (false = no longer send health information).
  • Once the initial connection is made using the OAuth process described above, health information is sent as  an OAuth signed request (URL: https://www.razcode.net/gateway/sourcenotification)
    • The health data is sent in the body of the request as a parameter (her)  and is formatted as a Continuity of Care (CCR) XML document. For a POST request, the content type of the request must be set to: “application/x-www-form-urlencoded”
  • Your website or application can redirect the user to the HealthJibe Configuration endpoint URL whenever the user wishes to modify the source configuration from your website. This OAuth signed request must contain a callback URL query string parameter (raz_callback) so that the user can be returned to your website at the completion of the configuration process.
    • Please remember that you do not  implement the entire OAuth authorization process as described above on subsequent calls to the Configuration endpoint. The OAuth authorization process is completed only once. Subsequent calls to the Configuration endpoint are used to allow the user to modify the connection he or she has made between your service and HealthJibe. Simply use the access token you have stored for this user to make the OAuth request.
    • In addition to the oauth_token query string parameter and the oauth_verifier parameter, HealthJibe will append a query string parameter to the callback request (raz_notification_status) that indicates  if future device notifications should continue to be sent for this user/device (false = no longer send notifications).

Your service can also read data from any health management service the user linked to your service. Because the user may have multiple HMS connections, this is a two-step process:

  1. Your application or website sends a signed OAuth request to the  HMSList endpoint (URL:  https://www.razcode.net/gateway/hmslist) using the access token for the user.
  2. HealthJibe returns a JSON array containing the names for each HMS linked to your service (e.g. ["hms1","hms2","hms3"]).
  3. Your application or website must display this list to the user in order for he or she to select the HMS they would like to read via your service.
  4. Your application or website makes a signed OAuth request to the HMSRead endpoint on the RAZCODE Gateway (URL:  https://www.razcode.net/gateway/hmsread) with a required query string parameter (hms) set to the name of the HMS selected by the user (e.g.  hms=hms1). In addition there are two optional parameters, startdate (format: mmddyyyy) and enddate (format: mmddyyyy) that allows the user to read data within a specific time period (note: your application was prompt the user for the start and end dates). If both startdate and enddate are missing or empty, all data is retrieved.
  5. HealthJibe will return an XML document formatted according to the Continuity-of-Care Record (CCR) in the body of the response.

Contact us for more information or visit the RAZCODE Connected Health Platform website to register your service. We will support your integration effort every step of the way.