From 57eff29dfd5ec8902bae7582e426103ba7aac70d Mon Sep 17 00:00:00 2001 From: Ashley Weaver <134093673+ashley-weaver@users.noreply.github.com> Date: Wed, 9 Oct 2024 09:19:49 -0400 Subject: [PATCH] [DPC-4086] Update IP address instruction for prod (#131) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ## 🎫 Ticket https://jira.cms.gov/browse/DPC-4086 ## 🛠 Changes Adds IP address instructions for prod to DPC static site. ## ℹ️ Context [Website Copy](https://confluence.cms.gov/display/DAPC/Website+Copy) ## 🧪 Validation ![image](https://github.com/user-attachments/assets/112f450d-6fe1-4227-8cda-13f7d092c120) ![image](https://github.com/user-attachments/assets/cac0264b-06fb-41a3-bbc4-1f1950f937a8) ![image](https://github.com/user-attachments/assets/daa1c1ad-9e7c-4be9-8ca8-ff4cc656b679) ![image](https://github.com/user-attachments/assets/63e124bc-4827-43e9-be5a-31a1d050c697) ![image](https://github.com/user-attachments/assets/754459c6-e470-4bc7-af74-a89592bd938b) --- .github/workflows/broken-link-check.yml | 2 +- .github/workflows/ci-workflow.yml | 2 +- _config.yml | 38 +++++++++++++------------ common/docsV1.md | 26 +++++++++++------ 4 files changed, 39 insertions(+), 29 deletions(-) diff --git a/.github/workflows/broken-link-check.yml b/.github/workflows/broken-link-check.yml index 80a45664..3b0e219a 100644 --- a/.github/workflows/broken-link-check.yml +++ b/.github/workflows/broken-link-check.yml @@ -16,7 +16,7 @@ jobs: id: lychee with: jobSummary: true - args: --no-progress --accept '200..=299, 401, 405' . + args: --no-progress --accept '200..=299, 401, 403, 405' . - name: "Send Slack alert" if: env.lychee_exit_code != 0 uses: slackapi/slack-github-action@v1.26.0 diff --git a/.github/workflows/ci-workflow.yml b/.github/workflows/ci-workflow.yml index dbd0ac4f..2e777eae 100644 --- a/.github/workflows/ci-workflow.yml +++ b/.github/workflows/ci-workflow.yml @@ -19,4 +19,4 @@ jobs: with: fail: true jobSummary: true - args: --no-progress --accept '200..=299, 401, 405' . + args: --no-progress --accept '200..=299, 401, 403, 405' . diff --git a/_config.yml b/_config.yml index a262a394..c7a499b7 100644 --- a/_config.yml +++ b/_config.yml @@ -71,21 +71,23 @@ data_nav: id: additional-resources guide1_nav: - - title: Authorization - id: authorization + - title: I. Authorization + id: i-authorization subnav: - - title: Step One: Request Access - id: step-one-request-access - - title: Step Two: Client Tokens - id: step-two-client-tokens - - title: Step Three: Public Keys - id: step-three-public-keys - - title: Step Four: JSON Web Tokens - id: step-four-json-web-tokens - - title: Step Five: Access/Bearer Token - id: step-five-accessbearer-token - - title: Attestation & Attribution - id: attestation--attribution + - title: 1. Request Access + id: 1-request-access + - title: 2. Client Tokens + id: 2-client-tokens + - title: 3. Public Keys + id: 3-public-keys + - title: 4. IP Addresses (production only) + id: 4-ip-addresses + - title: 5. JSON Web Tokens + id: 5-json-web-tokens + - title: 6. Access/Bearer Token + id: 6-accessbearer-token + - title: II. Attestation & Attribution + id: ii-attestation--attribution subnav: - title: Load Sample Data id: load-sample-data @@ -97,8 +99,8 @@ guide1_nav: id: attestation - title: Groups (Attribution) id: groups-attribution - - title: Export Data - id: export-data + - title: III. Export Data + id: iii-export-data subnav: - title: Initiate an Export Job id: initiate-an-export-job @@ -110,8 +112,8 @@ guide1_nav: id: check-status-of-the-export-job - title: Retrieve NDJSON Output id: retrieve-the-ndjson-output-files - - title: Postman Collection - id: postman-collection + - title: IV. Postman Collection + id: iv-postman-collection subnav: - title: Patient/$everything id: patienteverything diff --git a/common/docsV1.md b/common/docsV1.md index d5b75ab7..df03264f 100644 --- a/common/docsV1.md +++ b/common/docsV1.md @@ -9,15 +9,15 @@ side_nav_items: guide1_nav Welcome to the Data at the Point of Care (DPC) pilot API program! This documentation covers using the API in the sandbox environment with synthetic data. -# Authorization +# I. Authorization ------------------ -## Step One: Request Access +## 1. Request Access Any Fee-for-Service provider organization or Health IT implementer may request access to the sandbox environment and obtain synthetic data by signing-up for an account through the Sandbox Sign Up / Login page. You will receive a confirmation email from CMS upon account creation. Once your account has been assigned to an organization, you will be notified with a second email, which will include next steps and an invite to join our Google Group community. At this time, you may log in to the DPC Portal at https://dpc.cms.gov to create your first client token and start your journey with the DPC pilot API! -## Step Two: Client Tokens +## 2. Client Tokens Create client token
Create multiple client tokens
@@ -180,7 +180,7 @@ Client_token IDs can be found either at creation or as the result of [listing cl 200 - Token was removed ~~~ -## Step Three: Public Keys +## 3. Public Keys Upload your first public key
Create a public key signature
@@ -370,7 +370,15 @@ The response from the API will include the client_token in the token field. 200 - Key was removed ~~~ -## Step Four: JSON Web Tokens +## 4. IP Addresses + +Note: This step is required only for access to production data. You complete this step in the DPC Portal. + +You'll need to provide a public IP address for your organization. This address is associated with the systems that will be accessing production data. You'll choose a descriptive name for your address and enter it in the Portal in the form XXX.XXX.XX.XX. + +Note: You can use a maximum of 8 IP addresses. Only IPv4 addresses are allowed. DPC doesn't support IP address ranges. + +## 5. JSON Web Tokens Validate a JSON web token for DPC @@ -448,7 +456,7 @@ POST /api/v1/Token/validate #### Response: The response from the API will return with a HTTP 200 if the JWT is valid; otherwise, an error message will be returned. -## Step Five: Access/Bearer Token +## 6. Access/Bearer Token Obtain an access_token
Obtain a bearer_token @@ -596,7 +604,7 @@ fetch('https://sandbox.dpc.cms.gov/api/v1/Token/auth', { Back to Start of Section
Back to Top of Page -# Attestation & Attribution +# II. Attestation & Attribution ------------------ Before accessing patient data, DPC must establish that you have a valid patient-practitioner relationship with CMS Medicare and Medicaid Beneficiaries. This process is referred to as Attestation/Attribution in the DPC API. @@ -1554,7 +1562,7 @@ The response will return a Back to Start of Section
Back to Top of Page -# Export Data +# III. Export Data ------------ The primary interaction with the DPC pilot API is via the FHIR /Group/$export operation. This allows an organization to export Patient, Coverage, and Explanation of Benefit data in an asynchronous and bulk manner. Details on the FHIR bulk data operations can be found in the FHIR Bulk Data Specification. @@ -2060,7 +2068,7 @@ To obtain the exported explanation of benefit data, a GET request is made to the Back to Start of Section
Back to Top of Page -# Postman Collection +# IV. Postman Collection This collection contains example requests to public endpoints for the DPC API. To use this collection, you must have the Postman App downloaded onto your computer. This will include the collection of requests, the sandbox environment, and global variables to be imported into your Postman App.