SMART Health Check-in over W3C Digital Credentials API

Open prototype Spec: v1 draft MIT licensed

A web verifier — clinic, front-desk page, or patient portal — asks a patient wallet for check-in information: FHIR resources, questionnaires, SMART Health Cards, and per-item status — in a user-approved, encrypted response.

Try the demos

Check in from a phone

The patient is on their phone. They tap a button, choose their health app, approve the items, and the page renders the wallet's response in place.

Online
Try it How it works →

Check in at a kiosk

Check-in can begin at the front desk, at a kiosk, or in a provider app. The patient opens the request on their phone, shares from their wallet, and the check-in flow updates when the response is ready.

In-person
Try it How it works →

Try an experimental web wallet

Use the same SMART Health Check-in request flow with a web-app wallet instead of a platform wallet. This experimental flow still returns an org-iso-mdoc credential for the verifier to open.

Experimental
Try verifier + web wallet Read the protocol sketch →
No device handy? The wire-protocol explainer drives a byte-by-byte viewer over the checked-in fixtures — the same captures the test suites validate. Walk a real request and response without any hardware.

A verifier asks. A wallet answers.

Verifier request clinic · front desk · portal

// SmartHealthCheckinRequest (excerpt)
{
  "type":    "smart-health-checkin-request",
  "version": "1",
  "purpose": "Clinic check-in",
  "fhirVersions": ["4.0.1"],
  "items": [
    { "id": "insurance",
      "required": true,
      "content": { "kind": "selection.fhir",
        "profiles": ["…/C4DIC-Coverage"] } },
    { "id": "intake",
      "content": { "kind": "form.fhir",
        "questionnaireCanonical": "…/Questionnaire/intake|1.2.3",
        "questionnaire": { … } } },
    { "id": "summary",
      "content": { "kind": "selection.fhir",
        "profilesFrom": ["http://hl7.org/fhir/us/core"] } }
  ]
}

Wallet response patient app

// SmartHealthCheckinResponse (excerpt)
{
  "type": "smart-health-checkin-response",
  "artifacts": [
    { "id": "a1",
      "mediaType": "application/fhir+json",
      "fhirVersion": "4.0.1",
      "fulfills": ["insurance"],
      "value": { "resourceType":
        "Coverage", … } },
    { "id": "a2",
      "mediaType": "application/fhir+json",
      "fhirVersion": "4.0.1",
      "fulfills": ["intake"], … }
  ],
  "requestStatus": [
    { "item": "insurance", "status": "fulfilled" },
    { "item": "intake",    "status": "fulfilled" },
    { "item": "summary",   "status": "declined" }
  ]
}

Core invariant: each request.items[].id appears exactly once in response.requestStatus[]. Artifacts cite item ids in fulfills[], so a single artifact (a Bundle, a Health Card) can fulfill multiple items.

Want the full payload definition? See the SMART model explainer or read the SMART Health Check-in 1.0 draft spec.

How it's wired

The experience has two reusable pieces: a clinical request/response model and a browser-mediated wallet sharing flow. The kiosk demo adds a clinic handoff so the patient can finish sharing on their phone while the check-in flow waits for the result.

SMART request & response

Clinical content layer: items, artifacts, FHIR resources, questionnaires, SMART Health Cards, and per-item status. JSON, transport-neutral.

Model explainer → Draft spec →

Digital Credentials API

Browser-mediated wallet sharing. Wallet presentation uses direct org-iso-mdoc: HPKE encryption, COSE-signed mdoc, with the SMART payload carried inside.

Wire-protocol explainer → Byte fixtures →

Kiosk handoff demo

A clinic handoff: check-in begins in the clinic, sharing continues on the patient's phone, and the completed response comes back to the waiting session.

Kiosk flow explainer →

Read deeper, build with it

Open-source, MIT-licensed. Spec, libraries, and fixtures live in one repo so the wallet, verifier, and tests reference the same byte captures.

Read the spec

Build a verifier

Build a wallet

Inspect the bytes