Table of Contents
The Validation Service is responsible for validating FHIR resources according to the HL7 FHIR specification, based on predefined FHIR profiles, provided from RKI (Robert Koch Institute). These profiles are loaded from the file system during the service startup phase. Please note that the profiles are not part of this repository. In a Kubernetes environment, the FHIR profiles are mounted to the service's file system from a dedicated OCI container image.
This service is a Spring Boot-based application that processes HTTP requests and leverages appropriate HAPI FHIR library methods to perform the following tasks:
- Message Parsing
- Validation
- Response Serialization
See ReleaseNotes for all information regarding the (newest) releases.
The application requires the DEMIS FHIR Profiles. This image is maintained in DockerHub: demis-profile-snapshots.
The profiles are require to execute the integration profile tests included in this repository. With -PskipProfileTests
you can skip these tests if you don't have profiles locally.
At runtime execution the profile files must be available in a folder and this folder must be specified through the
environment variable FHIR_PROFILES_BASEPATH.
mvn clean verifyThe Project can be built with the following command:
mvn -e clean install -DskipTests=truebuild with docker image:
docker build -t validation-service:latest .
The Docker Image associated to the service can be built alternatively with the extra profile docker:
mvn -e clean install -Pdocker
or if you don't have the profiles
mvn -e clean install -PskipProfileTests -Pdocker
The application can be started as Docker container with the following commands assuming that the profile snapshots are located in directory /profiles/5.2.0/Fhir
docker run --rm --name validation-service \
-v $(pwd)/profiles:/profiles \
-p 8080:8080 \
-e FHIR_PROFILES_BASEPATH=/profiles \
-e FHIR_PROFILES_VERSIONS=5.2.0 \
validation-service:latestaus IntelliJ als SpringBoot Application starten
Start the spring boot server with: mvn clean spring-boot:run
Check the server with: curl -v localhost:8080/actuator/health
aus IntelliJ als SpringBoot Application starten
| Property | Default Value | Environment Variable | Environment Variable Description |
|---|---|---|---|
| demis.validation-service.profiles.basepath | FHIR_PROFILES_BASEPATH | Path to base directory with all profiles versions | |
| demis.validation-service.profiles.fhirpath | Fhir | Path inside of a profiles versions directory to the resources. | |
| demis.validation-service.profiles.versions | FHIR_PROFILES_VERSIONS | List of versions. Must match the directory names under the base path. | |
| demis.validation-service.locale | en_US |
Locale for the HAPI-FHIR context and validator. The language of diagnostics of the outcome is dependent on this locale. | |
| demis.validation-service.minSeverityOutcome | information |
Minimal severity that will not be filtered out in the Outcome. Possible values:information, warning, error, fatal. |
| Feature Flag | Description |
|---|---|
| feature.flag.format.validation.enabled | allow json only as valid format |
| feature.flag.common.code.system.terminology.enabled | adds terminology support to validator |
| feature.flag.filtered.validation.errors.disabled | removes validation results so some errors are not shown to the users. if this is true, feature.flag.filtered.errors.as.warnings.disabled cannot be true |
| feature.flag.filtered.errors.as.warnings.disabled | changes error validation results to warnings. if this is true feature.flag.filtered.validation.errors.disabled cannot be true |
Start the spring boot server with: mvn clean spring-boot:run
Check the server with: curl -v localhost:8080/actuator/health
| Endpoint | Description |
|---|---|
/status |
GET endpoint for status notifications. Currently minimally implemented. |
/$validate |
POST endpoint for validating messages. Returns validation results from the HAPI Validator. |
/actuator/health/ |
Standard endpoint from Actuator. |
/actuator/health/liveness |
Standard endpoint from Actuator. |
/actuator/health/readiness |
Standard endpoint from Actuator. |
If you want to see the security policy, please check our SECURITY.md.
If you want to contribute, please check our CONTRIBUTING.md.
Copyright 2022-2025 gematik GmbH
EUROPEAN UNION PUBLIC LICENCE v. 1.2
EUPL © the European Union 2007, 2016
See the LICENSE for the specific language governing permissions and limitations under the License
- Copyright notice: Each published work result is accompanied by an explicit statement of the license conditions for use. These are regularly typical conditions in connection with open source or free software. Programs described/provided/linked here are free software, unless otherwise stated.
- Permission notice: Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
- The copyright notice (Item 1) and the permission notice (Item 2) shall be included in all copies or substantial portions of the Software.
- The software is provided "as is" without warranty of any kind, either express or implied, including, but not limited to, the warranties of fitness for a particular purpose, merchantability, and/or non-infringement. The authors or copyright holders shall not be liable in any manner whatsoever for any damages or other claims arising from, out of or in connection with the software or the use or other dealings with the software, whether in an action of contract, tort, or otherwise.
- We take open source license compliance very seriously. We are always striving to achieve compliance at all times and to improve our processes. If you find any issues or have any suggestions or comments, or if you see any other ways in which we can improve, please reach out to: ospo@gematik.de
- Please note: Parts of this code may have been generated using AI-supported technology. Please take this into account, especially when troubleshooting, for security analyses and possible adjustments.
E-Mail to DEMIS Entwicklung