Patient list api error(isLocalApi)

OpenEMR Development
1

Hello Team,
I am trying to get patientlist using opneemr rest api. I got the token successfully using the following api uri
http://localhost/openemr/oauth2/default/token

image
image852×631 63.5 KB

As I want the patient list, I used this link http://localhost/openemr/apis/default/fhir/Patient api by passing the token that I received in the previous step, but got 401 error.
image
image854×507 29 KB

When I tried to debug and fix the issue I found that isLocalapi() returns false by default under fhirRestRequestSkipSecurityCheck() in src\Common\Http\HttpRestRouteHandler.php.
Then I coded return true to make it work. Please let me know what cause
$restRequest->isLocalApi() is false in default. Should I change any thing in the code to make default value true??
Thanks in advance.

2

Are you trying to use the API as a javascript call inside an existing OpenEMR page? Or are you trying to use this in the context of a SMART on FHIR application?

The isLocalAPI requires that you pass a CSRF token that is created inside the PHP session. You can see this inside /apis/dispatch.php#L162-L180.

If you are doing this as a smart app that does not have access to the OpenEMR php CSRF session token then you should not bypass the local api calls.