Contact Us

Contact Us

Integrating SMART on FHIR app with Cerner

What is SMART?

SMART(Substitutable Medical Apps, Reusable Technology) is an App Platform for Healthcare. SMART Health IT is an open, standards-based technology platform that enables innovators to create apps that seamlessly and securely run across the healthcare system. Using an electronic health record (EHR) system or data warehouse that supports the SMART standard, patients, doctors, and healthcare practitioners can draw on this library of apps to improve clinical care, research, and public health. In this article, we are integrating SMART on FHIR app with Cerner.

What is SMART on FHIR?

SMART (“Substitutable Medical Applications, Reusable Technologies”) on FHIR is an open, HL7 FHIR standard-based platform that enables developers to create apps that can securely and seamlessly be operational on all the healthcare computer systems. SMART on FHIR is a set of open specifications to integrate apps with Electronic Health Records, portals, Health Information Exchanges, and other Health IT systems.

Integrating SMART app with Cerner

Lets first understand the following two related concepts for Cerner as these are used in the coming sections.

1. App Gallery

App store for Cerner is like Apple or Android, where you can publish your patient or provider facing apps for users. Once the user is interested in your app there are steps needed to integrate that app into Cerner in user premises. So in order to publish an application on Cerner App Gallery developers must submit their apps to Cerner where Cerner will validate their apps and list their apps for Cerner community members to explore and acquire. To submit or view process go to URL

Cerner Validation process

Cerner validation process

Source: Cerner Corp All rights reserved.

2. CernerCare

It’s the place where you register your app with Cerner that can later be deployed to App Gallery. One must have a valid account at CernerCare to register the application with Cerner that can later be published to App Gallery.

You can test your app after registration with CernerCare. While registering with CernerCare you would be required to select your app type (Patient facing/Provider facing) along with your app scope and other information. After registration, you will get a client_id for your application and a launchpad to launch your app. To access go to See the section below “Cerner Launch Sequences” for more details on code.

Here is a picture from CernerCare registration screen:


CernerCare registration screen (Figure: Application registration screen on CernerCare )

Cerner SMART on FHIR Launch Sequences

As per SMART standards, Cerner integration allows to launch an app in two SMART supported contexts:

1. Launch with EHR context – Provider Facing Application

Cerner supports EHR Launch for provider facing applications only. You can deploy your provider facing application at any server and using Cerner LaunchPad you can launch it in the EHR context.Cerner Launch Sequences


Cerner launchpad 2


And in launch.html :

Cerner Launch Sequences

Make sure client_id and redirect_uri given in code are exactly you have on the CernerCare registration screen. See ( Figure: Application registration screen on CernerCare )


Here is what happens when you do it:

  1. Cerner will open your web app’s launch URL with at least two URL parameters:
    • launch contains a SMART on FHIR launch token
    • iss contains Cerner’s base FHIR server URL

Your web application should query Cerner’s FHIR server’s metadata endpoint ( to find Cerner’s OAuth2 authorization and token endpoints.

2. In order to bind your web app’s session with the existing end-users EHR session, your app should redirect the browser to the Cerner OAuth authorization endpoint with the following parameters:

    • response_type = “code”
    • client_id = client_id (defined above)
    • redirect_uri = redirect_url (defined in the above form)
    • launch = the launch token (as passed to your web app’s launch URL)
    • state = <an opaque value used by the client to maintain state between the request and callback.>
    • scope = “launch” (this is necessary to indicate the app is launching from the EMR context to enable single sign-on)

Cerner will then redirect to your provided redirect URL with an authorization code and the state parameter you provided.

3. Your web app should exchange the authorization code for an access token by posting the following parameters to Cerner’s OAuth token service:

    • grant_type = “authorization_code”
    • code = the authorization code your web app received
    • redirect_uri = redirect_url (defined in the above form)
    • client_id = client_id (defined in the above form)

Cerner will return an access_token. (In a production customer environment, a health system may configure additional SMART launch parameters which will be presented to your app during an EHR launch alongside the access_token, just as a user parameter is presented from this internal environment.)

4. Your web app can use the time-limited access token to access Cerner FHIR resources. Include the token as a “Bearer” token in the Authorization HTTP header as part of your RESTful queries.

2. Standalone application launch – Patient Facing Application

Cerner supports Standalone Launch for Patient facing applications only. To test your patient-facing app as standalone launch there is no launchpad like platform. You have to code as per the given guidelines. See image below from launch.html file:

Note: Cerner FHIR sandbox for patient-facing application ( is different from provider facing application FHIR sandbox.

Here are some details about the above code snippet:

  • You have SMART web app created and deployed on some server
  • In your launch.html provide redirect_url, client_id, and FHIR Server URL as shown below. Make sure this redirect_url and client_id is the same that you gave when registering the app on CernerCare. See ( Figure: Application registration screen on CernerCare )
  • The server variable should be set to some public Cerner FHIR server or one that your hospital has set up for you, not a PROD server URL.

Here is what happens when you do it:

  1. As you access your app launch.html in browser it hits the given FHIR server. This FHIR server validates the client_id with Cerner (Cerner knows this as we registered our application via CernerCare).

2. Since we are testing a standalone context and authentication is not yet made; FHIR server redirects you to a patient-facing app as shown below:Cerner FHIR Play

3. On a successful login, it takes you to the authorization page. Clicking Authorize allows Cerner to exchange info with the SMART app as shown below:

Cerner FHIR authorization screen

4. Finally, It redirects to the URL in variable redirect_url configured in the Cerner registration screen and launch.html file. Here is your index.html file, you will have patient context available and a token that you can use to call FHIR APIs to get patient-related data.


These code snippets are from the SMART app Technosoft developed. We have used SMART on FHIR JS client in the application. It handles lots of stuff automatically for you. For example when launching in the EHR context; it automatically gets the parameters passed in query string including FHIR server URL.  After you have the FHIR server URL, it calls conformance API to know authorization endpoints. Then it hits the authorization server sending token to authorize your app. If there is a successful authorization, the server will send the access token back. This access token can be used to call the FHIR APIs to get patient info from the FHIR server.

If you are not using SMART on FHIR JS client then you will need to handle all that stuff yourself. Further info can be found in SMART on FHIR website and Cerner sandbox website, see references below.



The SMART sandbox that mimics a real EHR to test and demonstrate apps for practitioners and patients that use the SMART on FHIR platform to access clinical data.

SMART on FHIR app launcher

FHIR launch context

Cerner sandbox

Cerner FHIR documentation


Starting any Healthcare Integration Project? Get Your questions answered in a Free 30 minutes consultancy!