AJ FHIR Consent Manager v1.0.0 Community Edition released

SMART App Launch v2.2
for your hospital.

The only open source Java platform with full SMART App Launch v2.2 built in. Works with Epic, Cerner, and your existing Azure AD and HAPI FHIR server.

Book a technical call → Read the docs ↗
Works with EpicCernerAzure ADOktaHAPI FHIR
EHR System Epic · Cerner · Any SMART EHR EHR Auth Server SMART App Launch v2.2 · PKCE S256 RS256 JWT · IdP Federation · 90 tests HAPI FHIR Server FHIR R4/R5 · Scope enforcement Patient · Observation · Condition… FHIR AuditEvent · IHE ATNA · HIPAA SMART v2.2 FHIR R4/R5
296+
Tests passing
v2.2
SMART App Launch
FHIR R4/R5
Data standard
< 6 wks
Typical go-live
Apache 2
Open source licence
24 hr
Security patches
For hospital IT teams

We know exactly where you are right now

Before
Keycloak extensions break on every major upgrade
SMART v2.2 not supported — still on v1.0
Smile CDR: $150K–500K+/year, closed source
Original SMART server: last updated 2018, no PKCE
Building in-house: months of edge cases, no SLA
With AJ FHIR Platform
Native SMART v2.2 — no extensions, no breakage on upgrade
Works with your existing Epic, Cerner, Azure AD, Okta
Drop-in JAR for your existing HAPI FHIR server
Apache 2.0 licensed — no licence cost, commercial support available
Go-live in 3–6 weeks with implementation support
Book a technical call →
Live simulation

From clinician to patient data — four steps

EHR launch, consent check, secure FHIR data access, audit trail. The complete platform story in under 15 seconds.

See 34-step technical demo ↗ Auto-plays · click phases to jump · full technical demo above ↗
Commercial services

Three ways to work with us

Not a SaaS vendor. A services company built around open source infrastructure.

01
Implementation Support
Go-live in weeks, not months
We deploy into your hospital infrastructure — IdP federation, Epic or Cerner integration, go-live support.
Fixed-scope · On-site or remote
Most requested
02
Support Subscription
Annual contract · Named engineer
Named engineer, guaranteed SLA, 24-hour security patches, version upgrades. We are the responsible party.
Annual contract · Enterprise + Government tiers
03
Compliance Assessment
Fixed-fee · 2–3 weeks
Formal written report mapping your architecture against HTI-1, HIPAA, SMART v2.2. Your legal team can sign off.
Deliverable document · PDF report
Discuss your requirements →
Regulatory compliance

Built for regulated environments

HIPAA BAA available · GDPR DPA available · HTI-1 compliant today

HTI-1 / ONC Required now
SMART App Launch v2.2 — mandated July 2026
HIPAA BAA Available
Access controls, audit trail, BAA available
FHIR R4/R5 Implemented
HL7 FHIR R4/R5 — all major EHR vendors
GDPR / EHDS Supported
Consent lifecycle, audit log, DPA available
IHE ATNA In progress
Non-repudiation audit trail, AuditEvent
PKCE RFC 7636 Implemented
S256 enforced on every client, no opt-out
Request HIPAA BAA → Security docs ↗
Open source platform

Everything in one platform

Apache 2.0 licensed · Independently deployable components

Full documentation at ajfhir.org →
Ready to deploy
Auth Server v0.2.3 stable
SMART App Launch v2.2 — EHR + standalone, PKCE S256, RS256 JWT, IdP federation
90 tests
SMART Client v0.1.0 stable
Spring Boot 3, FHIR R4/R5, full Nimbus RS256 id_token verification, proactive token refresh
206 tests
HAPI FHIR Plugin v1.0.0 stable
Drop-in JAR — SMART discovery proxy + scope enforcement on any HAPI FHIR JPA server
12 tests
Consent Manager v1.0.0 stable
FHIR R4/R5 Consent lifecycle, patient portal, GDPR · HIPAA · TEFCA enforcement
181 tests
Immunisation App v1.0.0 stable
Vaccination history, WHO schedule forecast, VDS-NC digital certificates with QR codes
28 tests
Referral Module v1.0.0 stable
FHIR R4/R5 ServiceRequest + Task inter-facility referral workflow
Frequently asked questions

Common questions from hospital IT teams

Yes. Tested against Epic's SMART launcher. Register in App Orchard, set the redirect URI, and the Auth Server handles the EHR launch flow including Epic-specific scope normalisation.
Yes. Cerner uses .read scope format instead of Epic's .rs format. The platform normalises both automatically via SmartScopeAuthorizationInterceptor, tested against Cerner's code Console sandbox.
No. The IdP federation layer connects directly to your Azure AD tenant via OAuth2 / OpenID Connect. Clinicians use their existing hospital credentials. No new password store, no directory sync.
No. The HAPI FHIR Plugin is a drop-in JAR. Add it to your classpath, configure two properties. Your data and configuration are untouched.
Yes. HIPAA BAA is available for Standard, Enterprise, and Government support customers. We have standard BAA templates ready.
Single-facility with Azure AD and Epic: 3–6 weeks to go-live. Multi-facility or custom IdP: 6–12 weeks. We provide a detailed project plan after the initial assessment call.
Get in touch

Talk to us about your requirements

Tell us your EHR, your identity provider, and your compliance deadline. We respond within 24 hours with a specific recommendation.

Email us directly
support@ajfhir.com Responds within 24 hours · Mon–Fri
Useful to include:
Your EHR · Your IdP · Your compliance deadline · Existing HAPI FHIR server?
Send us a message

Responds within 24 hours · Mon–Fri

July 2026

Closer than it looks.

ONC HTI-1 mandates SMART App Launch v2.2 for US hospitals. Typical implementation: 3–12 weeks. Start this week.

Book a technical call → Explore the docs ↗