Bulk Data Purge (Multi Tenant)
This topic is for the multi-tenant environment (MTE) version of Bulk Data Purge. If your implementation is a single-tenant environment (STE), see the topics in Bulk Data Purge (Single Tenant).
You can use the FHIR API Bulk Data Purge endpoint to delete resources for a specific FHIR version (R4, STU3, or DSTU2). You can delete resources for a single 1up user ID for your client ID. When you delete resources, you can choose to delete all resources, or you can specify a parameter to delete only specific resources. When you delete a resource, the version history is also deleted.
The Purge operation deletes FHIR resources for the 1up user that you specify. We recommend that you use the Purge operation with extreme caution. After the Purge operation is initiated, the delete process cannot be undone and data cannot be recovered.
You can access this endpoint using either a Bearer token or header-based authentication.
The client ID and client secret you use in the request defined below must have created the 1up user ID that you are attempting to purge data from. You can't purge the data for a 1up user that you didn't create using your own application (client ID and client secret).
If you don’t specify any parameters when you submit your request (_type
or _before
), this endpoint deletes all of the FHIR resources (all types) for the 1up user for the FHIR version (R4, STU3, or DSTU2) that you specify in your request.
-
If you include the
_type
parameter in your request, only the specified resources by resource type are purged. -
If you include the
_before
parameter in your request, and themeta.lastUpdated
date of any resource is less than the date passed into the_before
filter, then those specific resources are purged. For example, if the date 2022-05-10 is passed into the_before
filter, all resources with ameta.lastUpdated
date before but not equal to 2022-05-10 are purged.
Purge does not delete the 1up user. After the Purge operation finishes, the user continues to exist, but without the FHIR resources you deleted.
Known Limitation
The Purge operation cannot delete all of the resources for a user ID with a large volume of resources (for example, 400K patients or more). Purge operation requests for users with large resource counts fail because the synchronous request can only run for 30 seconds before it times out.
When a timeout occurs, resources are deleted before the request timed out. This means that you can run the same Purge operation several times consecutively, until all of the resources that you want to purge are deleted.
Purge Resources with Bearer Token Authentication
You can use Bearer token authentication when you submit your Purge operation request.
For more information about how to get an access token for Bearer token authentication, see Authentication & Authorization APIs.
DELETE https://api.1up.health/{fhirVersion}/purge
Delete all resources for the specified FHIR version for a single 1up user ID.
Parameters
Query |
|
|
---|---|---|
_type |
|
Specify the FHIR resource types to purge. Separate multiple resource types with commas. Example — If you don’t specify |
_mode |
|
When you submit a Purge request, you can set the |
_before |
|
Specify which FHIR resources to purge by including Use the For example, If you don’t specify the |
Header |
|
|
---|---|---|
Bearer* |
Token |
Responses
200: OK |
Purge Resources with Header Authentication
You can use the oneup_user_id
when you submit your Purge operation request. With this option, you can include the user ID of the user you want to delete resources for in your request header.
For more information about how to get the oneup_user_id
for an app_user_id
for header authentication, see User Management APIs.
DELETE https://api.1up.health/{fhirVersion}/purge
Delete all resources for the specified FHIR version for a single 1up user ID.
Parameters
Query |
|
|
---|---|---|
_type |
|
Specify the FHIR resource types to purge. Separate multiple resource types with commas. Example — If you don’t specify |
_mode |
|
When you submit a Purge request, you can set the |
_before |
|
Specify which FHIR resources to purge by including Use the For example, If you don’t specify the |
Header |
|
|
---|---|---|
client_id* |
|
|
client_secret* |
|
|
x-oneup-user-id* |
|
|
Responses
200: OK |