The TELUS Collaborative Health Record (CHR) Enterprise Application Programming Interface (API) enables you to create your own integrations for tools you build or purchase from other vendors. For example you may use a third-party appointment booking solution or you may have developed your own patient registration tool.

Using the API, you can access the CHR platform data in a convenient and secure way via a GraphQL endpoint. Your CHR data is exposed as a data graph and is available for you to query. The GraphQL structure enables you, as an API Consumer, to define what data you query, create, or update based on the available data in your CHR. Only the data you request is supplied in the response.

For more information about the CHR API schema, see API reference documentation.

GraphQL is a modern API standard. For more information about this standard and its available tools and libraries, visit https://graphql.org.

API changelog

With each release of the CHR, we improve and make fixes to the API. To learn more, see What's new in the API.

Security of the API

All API queries require valid API credentials, in the form of a Json Web Token (JWT). CHR account owners can view and manage API Consumers and their credentials in the CHR settings.

These API credentials provide an API Consumer with unrestricted access to all of your organization’s CHR data. You can create multiple API Consumers, for example one to support an integration with an appointment booking solution from a vendor, and another for an integration you build with your own client registration solution. If required, you can revoke an API Consumer’s access at any time by deactivating them. You can also easily restore their access by reactivating them. For more information, see Creating API Consumers.

For a JWT to be valid it must meet the following requirements:

  • Signed with an RS512 algorithm, whose public key is configured on an API Consumer, in CHR settings

  • Contain an Issuer (ISS) value, that matches the value configured on an API Consumer, in CHR settings

  • Expire within the next 15 minutes (900 seconds)

  • Provided as a header parameter Authorization: Bearer {json_web_token}, in each request

Audit of API actions

Every action completed via the API is recorded in a CHR audit log. The API Consumer that initiated the action is recorded by their API credentials. Additionally, all API requests and responses are also captured by API Consumer, providing transparency to all requests made and the data that was returned to each API Consumer. For more information, see Viewing API logs.

Using the CHR Enterprise API

The CHR Enterprise API is a paid feature and is currently limited to a select few customers.

To use the CHR Enterprise API, you require:

  • A signed contract and agreement for the CHR Enterprise API

  • That TELUS Health enables the CHR Enterprise API access for your CHR domain

  • Account Owner credentials to your CHR domain

For an overview of CHR Enterprise API onboarding process, see Enterprise API onboarding overview.

Once you have these in place, you can create your CHR API consumers and start making requests to your CHR data. For more information, see Making requests to the CHR Enterprise API.

Updated August 05, 2022

Did this answer your question?