A Capability Statement documents a set of capabilities (behaviors) of a FHIR Server or Client for a particular version of FHIR that may be used as a statement of actual server functionality or a statement of required or desired server implementation.

Applications may implement multiple versions (see Managing Multiple Versions, and the $versions operation). If they do, then a CapabilityStatement describes the system's support for a particular version of FHIR, and the server will have multiple statements, one for each version.

An absolute URI that is used to identify this capability statement when it is referenced in a specification, model, design or an instance; also called its canonical identifier. This SHOULD be globally unique and SHOULD be a literal address at which an authoritative instance of this capability statement is (or will be) published. This URL can be the target of a canonical reference. It SHALL remain the same when the capability statement is stored on different servers.

Allows the capability statement to be referenced by a single globally unique identifier.

Can be a urn:uuid: or a urn:oid: but real http: addresses are preferred. Multiple instances may share the same URL if they have a distinct version.

The determination of when to create a new version of a resource (same url, new version) vs. defining a new artifact is up to the author. Considerations for making this decision are found in Technical and Business Versions.

In some cases, the resource can no longer be found at the stated url, but the url itself cannot change. Implementations can use the meta.source element to indicate where the current master source of the resource can be found.

A formal identifier that is used to identify this CapabilityStatement when it is represented in other formats, or referenced in a specification, model, design or an instance.

Allows externally provided and/or usable business identifiers to be easily associated with the module.

The identifier that is used to identify this version of the capability statement when it is referenced in a specification, model, design or instance. This is an arbitrary value managed by the capability statement author and is not expected to be globally unique. For example, it might be a timestamp (e.g. yyyymmdd) if a managed version is not available. There is also no expectation that versions can be placed in a lexicographical sequence.

There may be different capability statement instances that have the same identifier but different versions. The version can be appended to the url in a reference to allow a reference to a particular business version of the capability statement with the format [url]|[version]. The version SHOULD NOT contain a '#' - see Business Version.

Indicates the mechanism used to compare versions to determine which is more current.

If set as a string, this is a FHIRPath expression that has two additional context variables passed in - %version1 and %version2 and will return a negative number if version1 is newer, a positive number if version2 and a 0 if the version ordering can't be successfully be determined.

A natural language name identifying the capability statement. This name should be usable as an identifier for the module by machine processing applications such as code generation.

Support human navigation and code generation.

The name is not expected to be globally unique. The name should be a simple alphanumeric type name to ensure that it is machine-processing friendly.

A short, descriptive, user-friendly title for the capability statement.

This name does not need to be machine-processing friendly and may contain punctuation, white-space, etc.

The status of this capability statement. Enables tracking the life-cycle of the content.

Allows filtering of capability statements that are appropriate for use versus not.This is not intended for use with actual capability statements, but where capability statements are used to describe possible or desired systems.

See guidance around (not) making local changes to elements here.

A Boolean value to indicate that this capability statement is authored for testing purposes (or education/evaluation/marketing) and is not intended to be used for genuine usage.

Enables experimental content to be developed following the same lifecycle that would be used for a production-level capability statement.

Allows filtering of capability statements that are appropriate for use versus not.

The date (and optionally time) when the capability statement was last significantly changed. The date must change when the business version changes and it must change if the status code changes. In addition, it should change when the substantive content of the capability statement changes.

The date is often not tracked until the resource is published, but may be present on draft content. Note that this is not the same as the resource last-modified-date, since the resource may be a secondary representation of the capability statement. Additional specific dates may be added as extensions or be found by consulting Provenances associated with past versions of the resource.

See guidance around (not) making local changes to elements here.

The name of the organization or individual responsible for the release and ongoing maintenance of the capability statement.

Helps establish the "authority/credibility" of the capability statement. May also allow for contact.

Usually an organization but may be an individual. The publisher (or steward) of the capability statement is the organization or individual primarily responsible for the maintenance and upkeep of the capability statement. This is not necessarily the same individual or organization that developed and initially authored the content. The publisher is the primary point of contact for questions or issues with the capability statement. This item SHOULD be populated unless the information is available from context.

Contact details to assist a user in finding and communicating with the publisher.

May be a web site, an email address, a telephone number, etc.

See guidance around (not) making local changes to elements here.

A free text natural language description of the capability statement from a consumer's perspective. Typically, this is used when the capability statement describes a desired rather than an actual solution, for example as a formal expression of requirements as part of an RFP.

This description can be used to capture details such as comments about misuse, instructions for clinical use and interpretation, literature references, examples from the paper world, etc. It is not a rendering of the capability statement as conveyed in the 'text' field of the resource itself. This item SHOULD be populated unless the information is available from context (e.g. the language of the capability statement is presumed to be the predominant language in the place the capability statement was created).This does not need to be populated if the description is adequately implied by the software or implementation details.

The content was developed with a focus and intent of supporting the contexts that are listed. These contexts may be general categories (gender, age, ...) or may be references to specific programs (insurance plans, studies, ...) and may be used to assist with indexing and searching for appropriate capability statement instances.

Assist in searching for appropriate content.

When multiple useContexts are specified, there is no expectation that all or any of the contexts apply.

A legal or geographic region in which the capability statement is intended to be used.

It may be possible for the capability statement to be used in jurisdictions other than those for which it was originally designed or intended.

DEPRECATION NOTE: For consistency, implementations are encouraged to migrate to using the new 'jurisdiction' code in the useContext element. (I.e. useContext.code indicating http://terminology.hl7.org/CodeSystem/usage-context-type#jurisdiction and useContext.valueCodeableConcept indicating the jurisdiction.)

Explanation of why this capability statement is needed and why it has been designed as it has.

This element does not describe the usage of the capability statement. Instead, it provides traceability of ''why'' the resource is either needed or ''why'' it is defined as it is. This may be used to point to source materials or specifications that drove the structure of this capability statement.

A copyright statement relating to the capability statement and/or its contents. Copyright statements are generally legal restrictions on the use and publishing of the capability statement.

Consumers must be able to determine any legal restrictions on the use of the capability statement and/or its content.

...

A short string (<50 characters), suitable for inclusion in a page footer that identifies the copyright holder, effective period, and optionally whether rights are resctricted. (e.g. 'All rights reserved', 'Some rights reserved').

Defines the content expected to be rendered in all representations of the artifact.

The (c) symbol should NOT be included in this string. It will be added by software when rendering the notation. Full details about licensing, restrictions, warrantees, etc. goes in the more general 'copyright' element.

The way that this statement is intended to be used, to describe an actual running instance of software, a particular product (kind, not instance of software) or a class of implementation (e.g. a desired purchase).

Allow searching the 3 modes.

Reference to a canonical URL of another CapabilityStatement that this software implements. This capability statement is a published API description that corresponds to a business service. The server may actually implement a subset of the capability statement it claims to implement, so the capability statement must specify the full capability details.

HL7 defines the following Services: Terminology Service.

Many Implementation Guides icon define additional services.

Reference to a canonical URL of another CapabilityStatement that this software adds to. The capability statement automatically includes everything in the other statement, and it is not duplicated, though the server may repeat the same resources, interactions and operations to add additional details to them.

the contents of any directly or indirectly imported CapabilityStatements SHALL NOT overlap, i.e. they cannot refer to the same rest/resource, operations/name, searchparam/name, interaction/code, messaging/endpoint, document/mode pair.

A capability statement that imports another CapabilityStatement automatically instantiates it too (though this is often not a very useful statement for the kinds of CapabilityStatements that are suitable for importing).

Software that is covered by this capability statement. It is used when the capability statement describes the capabilities of a particular software version, independent of an installation.

Name the software is known by.

The version identifier for the software covered by this statement.

If possible, a version should be specified, as statements are likely to be different for different versions of software.

Date this version of the software was released.

Identifies a specific implementation instance that is described by the capability statement - i.e. a particular installation, rather than the capabilities of a software program.

Information about the specific installation that this capability statement relates to.

An absolute base URL for the implementation. This forms the base for REST interfaces as well as the mailbox and document interfaces.

The organization responsible for the management of the instance and oversight of the data on the server at the specified URL.

The version of the FHIR specification that this CapabilityStatement describes (which SHALL be the same as the FHIR version of the CapabilityStatement itself). There is no default value.

Servers may implement multiple versions (see Managing Multiple Versions, and the $versions operation). If they do, and the CapabilityStatement is requested from the server, then this fhirVersion will be either the version requested, or the server's default version.

A list of the formats supported by this implementation using their content types.

"xml", "json" and "ttl" are allowed, which describe the simple encodings described in the specification (and imply appropriate bundle support). Otherwise, mime types are legal here.

A list of the patch formats supported by this implementation using their content types.

At present, the patch mime types application/json-patch+json and application/xml-patch+xml are legal. Generally, if a server supports PATCH, it would be expected to support the patch formats and match the formats it supports, but this is not always possible or necessary.

A list of the languages supported by this implementation that are usefully supported in the Accept-Language header.

In general, if a server gets a request with an Accept-Language that it doesn't support, it should still reutrn the resource, just in its default language for the resource.

A list of implementation guides that the server does (or should) support in their entirety.

Note: this is primarily only relevant in terms of ImplementationGuides that don't define specific CapabilityStatements declaring the expectation of distinct roles. (E.g. generic IGs that establish privacy policies.) In situations where an ImplementationGuide does define CapabilityStatements, asserting CapabilityStatement.implementationGuide means that the implementation adheres to any Implementation.global definitions present in that IG as well as any textual requirements around security or other general interoperability behaviors. However, it does not make any assertions as to conformance with any of the CapabilityStatements defined in the IG. To assert conformance with CapabilityStatements in a referenced IG, it is necessary to use the CapabilityStatement.instantiates element.

A definition of the restful capabilities of the solution, if any.

Multiple repetitions allow definition of both client and/or server behaviors or possibly behaviors under different configuration settings (for software or requirements statements).

Identifies whether this portion of the statement is describing the ability to initiate or receive restful operations.

Information about the system's restful capabilities that apply across all applications, such as security.

Information about security implementation from an interface perspective - what a client needs to know.

Server adds CORS headers when responding to requests - this enables Javascript applications to use the server.

The easiest CORS headers to add are Access-Control-Allow-Origin: * & Access-Control-Request-Method: GET, POST, PUT, DELETE. All servers SHOULD support CORS.

Types of security services that are supported/required by the system.

General description of how security works.

A specification of the restful capabilities of the solution for a specific resource type.

Max of one repetition per resource type.

A type of resource exposed via the restful interface.

A system-wide profile that is applied across all instances of the resource supported by the system. For example, if declared on Observation, this profile is the "superset" of capabilities for laboratory and vitals and other domains. See further discussion in Using Profiles.

All other profiles for this type that are listed in .rest.resource.supportedProfile must conform to this profile.

A list of profiles representing different use cases the system hosts/produces. A supported profile is a statement about the functionality of the data and services provided by the server (or the client) for supported use cases. For example, a system can define and declare multiple Observation profiles for laboratory observations, vital sign observations, etc. By declaring supported profiles, systems provide a way to determine whether individual resources are conformant. See further discussion in Using Profiles.

Supported profiles must conform to the resource profile in the .rest.resource.profile element if it is present. The resource profile is a system-wide profile applied across all instances of the resource supported by the system. A supported profile is a statement about the functionality of the data and services provided by the server (or used by the client) for a particular set of use cases and will not necessarily apply to all data consumed or exposed by the server.

Additional information about the resource type used by the system.

Identifies a restful operation supported by the solution.

In general, a Resource will only appear in a CapabilityStatement if the server actually has some capabilities - e.g. there is at least one interaction supported. However interactions can be omitted to support summarization (_summary = true).

Coded identifier of the operation, supported by the system resource.

Guidance specific to the implementation of this operation, such as 'delete is a logical delete' or 'updates are only allowed with version id' or 'creates permitted from pre-authorized certificates only'.

REST allows a degree of variability in the implementation of RESTful solutions that is useful for exchange partners to be aware of.

This field is set to no-version to specify that the system does not support (server) or use (client) versioning for this resource type. If this has some other value, the server must at least correctly track and populate the versionId meta-property on resources. If the value is 'versioned-update', then the server supports all the versioning features, including using e-tags for version integrity in the API.

If a server supports versionIds correctly, it SHOULD support vread too, but is not required to do so.

A flag for whether the server is able to return past versions as part of the vRead operation.

It is useful to support the vRead operation for current operations, even if past versions aren't available.

A flag to indicate that the server allows or needs to allow the client to create new identities on the server (that is, the client PUTs to a location where there is no existing resource). Allowing this operation means that the server allows the client to create new identities on the server.

Allowing the clients to create new identities on the server means that the system administrator needs to have confidence that the clients do not create clashing identities between them. Obviously, if there is only one client, this won't happen. While creating identities on the client means that the clients need to be managed, it's much more convenient for many scenarios if such management can be put in place.

A flag that indicates that the server supports conditional create.

Conditional Create is mainly appropriate for interface engine scripts converting from other formats, such as v2.

A code that indicates how the server supports conditional read.

Conditional Read is mainly appropriate for interface engine scripts converting from other formats, such as v2.

A flag that indicates that the server supports conditional update.

Conditional Update is mainly appropriate for interface engine scripts converting from other formats, such as v2.

A flag that indicates that the server supports conditional patch.

Conditional Patch is mainly appropriate for interface engine scripts converting from other formats, such as v2.

A code that indicates how the server supports conditional delete.

Conditional Delete is mainly appropriate for interface engine scripts converting from other formats, such as v2.

A set of flags that defines how references are supported.

A list of _include values supported by the server.

Documenting _include icon support helps set conformance expectations for the desired system. Still, it is a level of detail that might not be exposed by production servers or clients when using CapabilityStatement to describe an actual implementation. If this list is empty, the server does not support includes. Support for iterative (a.k.a., recursive) _include is communicated by listing the iterative includes values supported by the server in the searchInclude element of the "root" resource type. For example, to support the following search:

GET [base]/CarePlan?_include=CarePlan:activity-reference:DeviceRequest&_include:iterate=DeviceRequest:device

These values would be listed as part of capabilities for "CarePlan":

"searchInclude" : ["CarePlan:activity-reference:DeviceRequest","DeviceRequest:device"],

A list of _revinclude (reverse include) values supported by the server.

See CapabilityStatement.rest.resource.searchInclude comments.

Search parameters for implementations to support and/or make use of - either references to ones defined in the specification, or additional ones defined for/by the implementation.

The search parameters should include the control search parameters such as _sort, _count, etc. that also apply to this resource (though many will be listed at CapabilityStatement.rest.searchParam). The behavior of some search parameters may be further described by other code or extension elements, or narrative within the capability statement or linked SearchParameter definitions.

The label used for the search parameter in this particular system's API - i.e. the 'name' portion of the name-value pair that will appear as part of the search URL. This SHOULD be the same as the SearchParameter.code of the defining SearchParameter. However, it can sometimes differ if necessary to disambiguate when a server supports multiple SearchParameters that happen to share the same code.

Parameter names cannot overlap with standard parameter names, and standard parameters cannot be redefined. There is no correspondence whatsoever between CapabilityStatement's searchParam.name and SearchParameter.name - the latter is used as a class name when generating code for the search parameter.

An absolute URI that is a formal reference to where this parameter was first defined, so that a client can be confident of the meaning of the search parameter (a reference to SearchParameter.url). This element SHALL be populated if the search parameter refers to a SearchParameter defined by the FHIR core specification or externally defined IGs.

This SHOULD be present, and matches refers to a SearchParameter by its canonical URL. If systems wish to document their support for modifiers, comparators, target resource types, and chained parameters, they should do using a search parameter resource. This element SHALL be populated if the search parameter refers to a SearchParameter defined by the FHIR core specification or externally defined IGs.

The type of value a search parameter refers to, and how the content is interpreted.

While this can be looked up from the definition, it is included here as a convenience for systems that autogenerate a query interface based on the server capability statement. It SHALL be the same as the type in the search parameter definition.

This allows documentation of any distinct behaviors about how the search parameter is used. For example, text matching algorithms.

Definition of an operation or a named query together with its parameters and their meaning and type. Consult the definition of the operation for details about how to invoke the operation, and the parameters.

Operations linked from CapabilityStatement.rest.resource.operation must have OperationDefinition.type = true or OperationDefinition.instance = true.

If an operation that is listed in multiple CapabilityStatement.rest.resource.operation (e.g. for different resource types), then clients should understand that the operation is only supported on the specified resource types, and that may be a subset of those listed in OperationDefinition.resource.

The name of the operation or query. For an operation, this name is prefixed with $ and used in the URL. For a query, this is the name used in the _query parameter when the query is called. This SHOULD be the same as the OperationDefinition.code of the defining OperationDefinition. However, it can sometimes differ if necessary to disambiguate when a server supports multiple OperationDefinition that happen to share the same code.

The name here SHOULD be the same as the OperationDefinition.code in the referenced OperationDefinition, unless there is a name clash and the OperationDefinition.code cannot be used. The name does not include the "$" portion that is always included in the URL. There is no correspondence whatsoever between CapabilityStatement's operation.name and OperationDefinition.name - the latter is used as a class name when generating code for the operation. HL7 will never define operations that have conflicting names.

Where the formal definition can be found. If a server references the base definition of an Operation (i.e. from the specification itself such as http://hl7.org/fhir/OperationDefinition/ValueSet-expand), that means it supports the full capabilities of the operation - e.g. both GET and POST invocation. If it only supports a subset, it must define its own custom OperationDefinition with a 'base' of the original OperationDefinition. The custom definition would describe the specific subset of functionality supported.

This can be used to build an HTML form to invoke the operation, for instance.

Documentation that describes anything special about the operation behavior, possibly detailing different behavior for system, type and instance-level invocation of the operation.

A specification of restful operations supported by the system.

A coded identifier of the operation, supported by the system.

Guidance specific to the implementation of this operation, such as limitations on the kind of transactions allowed, or information about system wide search is implemented.

Search parameters that are supported for searching all resources for implementations to support and/or make use of - either references to ones defined in the specification, or additional ones defined for/by the implementation. This is only for searches executed against the system-level endpoint.

Typically, the only search parameters supported for all searches are those that apply to all resources - tags, profiles, text search etc. These search parameters should include the control search parameters such as _sort, _count, etc. that also apply to this resource (though many will be listed at CapabilityStatement.rest.searchParam). The behavior of some search parameters may be further described by other code or extension elements, or narrative within the capability statement or linked SearchParameter definitions.

Definition of an operation or a named query together with its parameters and their meaning and type.

CapabilityStatement.rest.operation is for operations invoked at the system level, or for operations that are supported across multiple resource types. Operations linked from CapabilityStatement.rest.operation must have OperationDefinition.system = true, or more than one Operation.resource.

An absolute URI which is a reference to the definition of a compartment that the system supports. The reference is to a CompartmentDefinition resource by its canonical URL .

At present, the only defined compartments are at CompartmentDefinition.

A description of the messaging capabilities of the solution.

Multiple repetitions allow the documentation of multiple endpoints per solution.

An endpoint (network accessible address) to which messages and/or replies are to be sent.

A list of the messaging transport protocol(s) identifiers, supported by this endpoint.

The network address of the endpoint. For solutions that do not use network addresses for routing, it can be just an identifier.

Length if the receiver's reliable messaging cache in minutes (if a receiver) or how long the cache length on the receiver should be (if a sender).

If this value is missing then the application does not implement (receiver) or depend on (sender) reliable messaging.

Documentation about the system's messaging capabilities for this endpoint not otherwise documented by the capability statement. For example, the process for becoming an authorized messaging exchange partner.

References to message definitions for messages this system can send or receive.

This is a proposed alternative to the messaging.event structure.

The mode of this event declaration - whether application is sender or receiver.

Points to a message definition that identifies the messaging event, message structure, allowed responses, etc.

A document definition.

Mode of this document declaration - whether an application is a producer or consumer.

A description of how the application supports or uses the specified document profile. For example, when documents are created, what action is taken with consumed documents, etc.

A profile on the document Bundle that constrains which resources are present, and their contents.

The profile is actually on the Bundle.