AJ FHIR Immunisation App
v1.0.0 · Spring Boot 3.3 · HAPI FHIR 7.4 · Java 21 · Port 8084 · Apache 2.0
A dedicated SMART on FHIR application for vaccination management. Unlike the general-purpose SMART Client, this app focuses entirely on immunization: vaccination history, WHO schedule forecasting, and printable WHO VDS-NC digital certificates with QR codes.
What it does
Auth Server :9000 Immunisation App :8084 HAPI FHIR :8080
│ │ │
│◄── GET /.well-known/ ─────────│ │
│ smart-configuration │ │
│──► authorization_endpoint ────│ │
│ │── GET /oauth2/authorize ────►│
│ │── POST /oauth2/token ───────►│
│◄── access_token │ (patient + Immunization │
│ patient=P/ePatient-xxx ─── │ scopes granted) │
│ need_patient_banner=true │ │
│ │── GET Immunization?patient──►│
│ │◄── vaccination history ──────│
│ │── GET ImmunizationRec... ──►│
│ │◄── forecast / due dates ─────│
│ │── GET Patient/{id} ─────────►│
│ │◄── demographics ─────────────│
│ │ │
│ Dashboard, History, Schedule, Certificate │
Key features
| Feature | Detail |
|---|---|
| Vaccination history | Full Immunization record — vaccine, date, dose number, lot number, series, administering facility, route, site |
| WHO schedule forecast | ImmunizationRecommendation — overdue, due, immune status with due dates |
| VDS-NC digital certificate | WHO-compliant QR code payload (ICAO Doc 9303 structure), printable vaccination card |
| Caffeine cache | FHIR queries cached 5 minutes per patient — no repeated HAPI calls during navigation |
| SMART v2.2 full handshake | PKCE S256, dynamic discovery, RS256 id_token validation, proactive token refresh |
| Separate registered client | Own client_id, own scopes — consent is scoped to patient/Immunization.rs only |
SMART scopes
launch
openid
fhirUser
patient/Patient.rs
patient/Immunization.rs
patient/ImmunizationRecommendation.rs
Three patient scopes only — the minimum needed. Consent is granted specifically for immunization data, not for general clinical access.
Platform port map
| Port | Service |
|---|---|
| 8080 | HAPI FHIR JPA |
| 8081 | SMART Client (general) |
| 8082 | Consent Manager |
| 8083 | Referral Module |
| 8084 | This app |
| 9000 | Auth Server |
Why a dedicated app
The existing SMART Client reads Patient, Condition, and Medication — it is a general clinical record viewer. Immunization workflows are clinically distinct:
- School nurses need vaccination status without seeing diagnoses or medications
- Travel health clinics need a focused certificate generator, not a full record viewer
- Public health practitioners need population-level vaccination coverage views
- Consent is narrower — a patient can consent to share vaccination records without sharing conditions or medications
Separate registration means separate scope grants and separate consent records in the Consent Manager.
Next: Quick Start →