$everything or $validate, or resource types not yet simplified by ClinikAPI. The FHIR passthrough lets you do this without losing tenant isolation or authentication.
How it works
All requests to/v1/fhir/:resourceType and /v1/fhir/:resourceType/:id are proxied directly to the ClinikAPI FHIR R4 gateway. Your tenant context is automatically applied on every request:
- Creates: your tenant tag is injected into
meta.tagautomatically. - Searches: a
_tagfilter scoped to your tenant is appended to every query. - Reads, updates, and deletes: resource ownership is verified against your tenant before the operation proceeds.
When to use passthrough
| Use case | Recommended approach |
|---|---|
| Standard CRUD operations | Use the simplified SDK methods (e.g. clinik.notes, clinik.patients) |
| Custom FHIR search parameters | Use GET /v1/fhir/:resourceType?... |
FHIR operations ($everything, $validate) | Use POST /v1/fhir/:resourceType/$operation |
| Resource types not in the simplified SDK | Use the passthrough endpoints |
| Complex chained FHIR queries | Use GET /v1/fhir/:resourceType?... |
Response format
The passthrough returns raw FHIR R4 resources, not the simplified envelope format used by other ClinikAPI endpoints. You work directly with FHIR resource structures —resourceType, id, meta, and resource-specific fields.
Capability statement
The/v1/metadata endpoint returns a FHIR R4 CapabilityStatement describing all supported resource types, search parameters, and operations. No authentication is required:
Available passthrough operations
| Operation | Endpoint |
|---|---|
| Read a resource | GET /v1/fhir/:resourceType/:id |
| Create a resource | POST /v1/fhir/:resourceType |
| Update a resource | PATCH /v1/fhir/:resourceType/:id |
| Delete a resource | DELETE /v1/fhir/:resourceType/:id |
| Search resources | GET /v1/fhir/:resourceType?... |