Search
K
< Back

Prepare for Go-Live

The onboarding process prepares your organization to go live with Health Gorilla APIs in a secure, validated, and production-ready environment. During onboarding, you will configure authentication, receive and manage credentials, verify tenant provisioning, test data access, and confirm event delivery.

The onboarding process is organized into three parts:

  • Set up authentication and credentials
  • Prepare your tenant and delivery configuration
  • Validate your integration in the sandbox

To set up authentication and credentials

  1. Determine whether your organization will use client credentials or SMART on FHIR.
  2. Contact Health Gorilla to obtain your client_id and client_secret for both sandbox and production environments.
  3. Store your credentials securely in a protected system, such as a key vault.
  4. If you are using client credentials, complete these steps.

a. Request an access token and verify that token exchange is successful in the sandbox environment.

b. Add the access token to the Authorization header using the format Bearer {token}.

c. Review the OAuth scopes assigned to your application and confirm they match your use cases. Contact Health Gorilla if additional scopes are needed.

To prepare your tenant and delivery configuration

  1. Confirm that your tenant is provisioned for the required solutions, such as Patient360, Clinical Alerts, Lab Ordering, and HL7 ADT.
  2. Confirm that tenant metadata (NPI, taxonomy, and contact information) is configured.
  3. Confirm that user groups and access roles are set up.
  4. Assign patients to provider groups using the $members operation, or submit a list to Health Gorilla for bulk enrollment.
  5. Confirm group enrollment by calling GET /Group/{id}.
  6. Register a publicly accessible https:// endpoint to receive webhook notifications, or coordinate with Health Gorilla to configure routing if using HL7 ADT delivery.

To validate your integration in the sandbox

  1. Retrieve test patients using the Patient endpoint.
  2. Access related resources such as Encounter, DocumentReference, Observation, and Condition.
  3. If applicable, confirm that synthetic Clinical Alerts and Patient360 queries return the expected data.
  4. (Optional) Create a test patient and submit clinical resources such as Observation, AllergyIntolerance, or MedicationRequest.
  5. Retrieve submitted resources to confirm roundtrip data flow.
  6. Verify that expected API responses are returned and that your system handles errors and retries correctly.
  7. Monitor webhook or HL7 event delivery to confirm alerts are received and processed.
  8. Confirm that your production environment is enabled.
  9. Re-test key workflows using real patient data in production.
  10. Monitor production activity to ensure readiness for go-live.