Skip to main content

2 posts tagged with "auth"

View All Tags

Vanya for Browsing Data on Medplum's FHIR Server

· 2 min read
Cody Ebberson
Medplum Core Team

Darren Devitt, a respected FHIR expert, has recently released an alpha version of a new tool called Vanya. Similar to how Postman functions for API requests, Vanya is designed specifically for browsing data on FHIR servers.

I've taken some time to test Vanya with Medplum's FHIR server, and I want to share the setup process, some tricks I've found useful, and a brief overview of my experience.

Setting Up Vanya with Medplum's FHIR Server

If you've decided to give Vanya a try, here's what you need to know to get it running with Medplum's FHIR server:


You'll need to input the FHIR base URL, not just the server base URL. Remember to include the "fhir/R4" path. For example, when using the Medplum Staging server, I used the full URL "".


Vanya requires authentication as an HTTP header. For my testing, I used a "Basic" auth header created using the client ID and client secret.

You can use a tool such as DebugBear to generate a Basic auth header from a client ID and client secret.

Or, if you prefer, you can use the OAuth2 client_credentials flow with the client ID and client secret to get an access token. See our guide on Client Credentials for step-by-step instructions.

Once you have a Basic auth token or a Bearer token, add it to the Vanya HTTP headers:

Enter Vanya auth header

Using Vanya

Once you've set up these parameters, you can start using Vanya to browse through different types of FHIR data on the Medplum server.

Vanya client screenshot

Wrapping Up

Vanya is still in its alpha stage, and there's a lot to look forward to as it continues to develop. However, even now, it offers a useful tool for browsing FHIR data. I'll be keeping an eye on the tool's progress, and I'll share any important updates here.

Give Vanya a try and let us know about your experience. If you have any questions or need help with the setup, please join our Discord!

24/7 Pediatrician Access - Summer Health Case Study

· 3 min read
Reshma Khilnani
Medplum Core Team

(2 minute demo)


Summer Health is an innovator in direct-to-patient pediatrics, with a focus on messaging and mobile access for parents via SMS. Their fast growing practice is available nationwide and is known for excellent patient engagement.

Medplum Solutions Used

  • Custom EHR - The Summer Health custom EHR allows providers to respond to patient messages, enables task management and automation, and has AI-assisted encounter documentation.
  • Patient Portal - The patient experience includes the ability to reach pediatricians via messaging, and to view information across web and mobile devices.
  • FHIR API - with all data being natively stored as FHIR, enabling synchronization through a FHIR API to Google BigQuery allows robust analytics and visibility into operations.

Challenges Faced

The unique nature of the Summer Health offering necessitated custom software development, specifically:

  • Messaging-based workflows are convenient for users, but require aggregation, careful data extraction and synthesis to be actionable for providers.
  • Pediatrics requires complex access control patterns because patients are children and multiple caregivers are creating and accessing data on their behalf.
  • Timeliness and tasking are crucial and providers and staff respond in a timely manner to patient inquiries.
  • Mobile access with single sign on for clinicians who primarily administer care through mobile devices. This was a key pain point with other solutions.

Why Medplum?

Medplum stood out for the following reasons:

  • Complete control over the user experience, reducing burden for the providers.
  • Identity management and access control allows caregivers to access records.
  • Unlimited and flexible integrations, and ability to build them as needed without restriction, including streamlined incorporation of cutting edge technologies like LLMs.

The team completed their initial build in 16 weeks.

Features Used

The following Medplum features were used to build this product.

  • Integrations - notably Medplum's integration framework and tools made it easy to integrate BigQuery and LLMs.
  • Google Authentication and External authentication - Summer Health uses multiple identity providers for practitioners and patients respectively.
  • Access policies - Patients are children, so parametrized access policies support parent and caregiver access.
  • Subscriptions - integrations to data warehousing and other applications are powered by event driven notifications
  • FHIR Datastore, specifically family relationships and GraphQL allow for medical records that incorporate sibling and family member context
  • Charting and Task Management - encounter documentation and tasks are featured in the application and major drivers of the workflow.
  • Bulk FHIR API to support reporting and interoperability with other systems.