Thanks for your quick response.
Please find below our requirement and expectation we have based on the same.
By integrating OpenEMR with our patient portal, we are expecting an available REST/SOAP web service which can be used to access the patient information (CCDA different section Informations etc) from OpenEMR and sync with the Patient Portal respective patient account.
So the flow will be the patient should authorize with OpenEMR (via Oauth2 authorization protocol or other recommended authorization protocol available) before accessing their details to ensure HIPAA compliance. Sometimes a representative of patient also can access the data on behalf of the patient, who will be authorized from patient for accessing his/her details. If we keep the patient credentials on both OpenEMR and Patient Portal are same and always in sync between two systems in case of updates to the credentials (shared db table), the authorization we can made through patient credentials. And on successful authorization, a patient identifier will be returned for accessing the patient health information available on OpenEMR.
The API's are in such a way that filtered with dates, so it would be good to fetch the data available within the time range. And should have a mandatory resource name to be passed as form parameter in which only particular section details they can fetch from OpenEMR.
Please let me know your feedback on this and corrections in case if the solution will not work out for all