CorEMR Web Services

CorEMR Web Services (CWS) allows a finer-grained interaction with CorEMR and any other compliant client. CWS offers:

  • Ability to add, update, and create a variety of records within the system.
  • Secure public/private key authorization and signatures.
  • No rate limits.


As your install of CorEMR updates, the version of the CWS will also change. Please make sure you're updating your requests and payloads to match the new information. Most endpoints will be backwards compatible, but changes to our structure may require modifications to your code.

CorEMR Version CWS Version
6.2.0+ Version 2
5.5.11+ Version 1

Access Control

CWS does not allow any outside access without an authorized key. The list of allowed keys and usernames is maintained by the CorEMR install itself. If the installation does not want webservice access, none is permitted.

CWS itself does not accept or reply with encrypted message bodies; this should be handled by a modern TLS-based server setup. CWS merely goes along with the existing security in place.

For technical information on how to securely talk with CWS, see the Security page. For a step by step guide to talking to CWS, see the Security Walkthroughs page.


  • Refer to Datatypes for information detailing the type of data in fields.
  • Facility is a unique string code for each facility inside the CorEMR install.
  • Fields with a checkbox under "Add" are required when adding to the system.
  • Fields with a checkbox under "Read" are read-only and cannot be modified.


All payloads are in JSON format with a content type of "application/json".

Response Codes

CWS will return various HTTP response codes indicating the status of the request.

Successful Responses

These responses indicate the requested operation was successful.

Code Meaning Description
200 OK The request resource was retrieved.
201 Created The operation created a new resource. The new resource will be returned.
204 No Content The operation succeeded, but no content will be returned.

Error Responses

These responses will include an error inside the response indicating the specific issue.

Code Meaning Description
400 Bad Request Required information to complete the request was not included.
401 Unauthorized User authorization was not given.
403 Forbidden The operation cannot be completed.
404 Not Found The requested resource was not found.
409 Conflict A conflict ocurred with data sent vs what is in the system.
422 Unprocessable Entity The request contains data that is invalid (ie, wrong datatype, number too large, string too long, etc.)
500 Internal Server Error An error inside the CorEMR system itself has ocurred.