Core Feature

Integrations

A pull-based REST API secured with X.509 certificate authentication provides external access to case data, SNOMED-CT codes, and PDF reports. Designed for integration with downstream clinical systems.

Request Demo Explore Features
Data Exchange

REST API

CorePathology provides a RESTful API for external systems to retrieve authorised case data. The API follows a pull-based model where downstream systems request case updates on demand, with acknowledgment tracking to ensure reliable delivery.

  • Case Data Retrieval - Retrieve updated case data including patient demographics, report sections, specimen details, and diagnostic codes in structured JSON format.
  • PDF Report Retrieval - Download the authorised PDF pathology report for any case via a dedicated endpoint, ready for downstream distribution or archiving.
  • Acknowledgment Tracking - Confirm that case updates have been processed by the downstream system. Prevents duplicate processing and ensures reliable data exchange.
  • Health & Status Endpoints - Monitor API availability with dedicated health check endpoints. Verify connectivity before initiating data exchange.
REST API data exchange
Secure Access

X.509 Certificate Authentication

The API is secured with mutual TLS using X.509 client certificates. Only systems presenting a valid, recognised certificate can access case data, ensuring that sensitive patient information is protected at the transport layer.

  • Client Certificate Validation - Incoming requests are authenticated by validating the client certificate against the server's trusted certificate store.
  • Thumbprint Matching - Certificate thumbprints are verified against pre-registered values. Only certificates with a matching thumbprint are granted access.
  • Expiry Checking - Certificate validity dates are checked on every request. Expired certificates are automatically rejected to maintain security.
  • HTTPS Enforcement - All API communication requires HTTPS. No unencrypted connections are accepted, protecting data in transit.
X.509 certificate security
Structured Data

SNOMED-CT & Case Data

API responses include structured case data with SNOMED-CT diagnostic codes, enabling downstream systems to process standardised pathology data for clinical records, research databases, or reporting systems.

  • SNOMED-CT Codes - Diagnostic codes assigned during microscopic examination are included in API responses with type, code, and description fields.
  • JSON Format - All data exchanged in structured JSON format. Well-defined response schemas for consistent parsing by downstream systems.
  • Paginated Responses - Case data updates returned in paginated batches of up to 100 cases per request, supporting efficient processing of large datasets.
  • OpenAPI Documentation - API endpoints documented with OpenAPI/Swagger specification for straightforward integration development.
Structured JSON case data with SNOMED codes
API Endpoints

How the API Works

A simple, pull-based integration model designed for reliability and ease of implementation.

1
🔐

Authenticate

Present a valid X.509 client certificate over HTTPS. The API validates the certificate thumbprint and expiry before granting access.

2
🏥

Health Check

Call the health endpoint to verify API availability and connectivity before requesting case data.

3
📋

Request Updates

Retrieve case data updates in JSON format. Response includes patient details, report sections, specimens, and SNOMED codes.

4
📄

Retrieve Reports

Download the authorised PDF pathology report for any specific case using its case identifier.

5

Acknowledge

Confirm that case updates have been successfully processed. Acknowledged cases won't appear in subsequent update requests.

6
📧

Email Notifications

Three automatic triggers: case moved out of lab (alerts consultant), special stain completed (alerts consultant), and case closed/report ready (alerts clinician).

Capabilities

Integration Features

Built-in tools for connecting CorePathology with external systems.

🔌

REST API

RESTful endpoints for case data retrieval, PDF report download, and update acknowledgment over HTTPS.

🔐

X.509 Certificates

Mutual TLS authentication using client certificates. Thumbprint validation and expiry checking on every request.

🏷️

SNOMED-CT Data

Diagnostic codes included in API responses with type, code, and description for standardised downstream processing.

📄

PDF Reports

Download authorised pathology reports as professionally formatted PDFs via a dedicated API endpoint.

📧

Email Notifications

SMTP-based alerts for three key events: case out of lab, special stain complete, and report ready. Per-user configuration with urgent-only filtering.

📎

File Attachments

Upload request forms and supporting documents as attachments to cases. File type classification and activity logging.

📊

JSON Responses

All API data exchanged in structured JSON format with well-defined schemas documented via OpenAPI specification.

Idempotent Delivery

Acknowledgment-based tracking ensures each case update is processed exactly once by downstream systems.

📋

API Logging

API requests logged with timestamps for troubleshooting. Track when case data was last requested and confirmed.

REST
API Architecture
X.509
Certificate Auth
JSON
Data Format
HTTPS
Encrypted Transport

Integrate with CorePathology

Book a demo to see how the CorePathology API can connect your laboratory with downstream clinical and reporting systems.

Book Demo Explore Security