Integration Specialist Role

This document explains the permission settings for the Integration Specialist Role, for use with Ovation LIMs/3rd party integrations. The Integration Specialist role is meant for 3rd party users, in order to give them only the access needed to complete the integration activities.

This document also provides additional information on each permission so that adjustments can be made, as needed, to suit the individual needs of an integration.

For more information on giving users access to Ovation LIMs, see the Roles and Permissions knowledge base article.

For more information on specific integrations, see the Integrations, API and Webhooks knowledge base articles.

The sections in this article include:

Integration Types
Default Permissions for Integration Specialist Role
Permission Details

Integration Types

Patient or Orders/Results Portal: Create orders and deliver results to a patient portal
1. Accomplished via API, Webhook, or HL7
Orders In: Create orders from an ordering portal/EHR to send to Ovation (often paired with Results Out integration)
1. Accomplished via API or HL7
Orders Out: Create orders from Ovation to send to EHR or the like (often paired with delivering patient test results)
1. Accomplished via API, Webhook, or HL7
Raw Data Analysis & Patient Report: Deliver instrument test results to interpretation service (for analysis and patient test report generation)
1. Accomplished via API, Webhook, HL7, or Native integration
Results In: Accept pdf patient test reports from an interpretation and reporting service
1. Accomplished via API or HL7
Results Out: Deliver patient test results to a portal, EHR or the like (often paired with Orders In integration)
1. Accomplished via API, Webhook, or HL7
State Reporting: Deliver test results to state authority
1. Accomplished via Webhook
Billing: Send billing information to a billing processing service
1. Accomplished via API, Webhook, HL7, or Native integration

Default Permissions for Integration Specialist Role

Note: Once the 3rd party user has been added to Ovation LIMs and given the Integration Specialist Role, they must also be added to any applicable Projects within the LIMs.

Default Permissions for Integration Specialist Role:

PERMISSION	PERMISSION LEVEL
BILLING SETTINGS	Write
CONTAINERS	Read
DOCUMENTS	Read
INTEGRATIONS	Read
PROJECT SETTINGS	Read
PROJECTS	Read
REQUISITIONS	Read
SALES	Read
TEST PANELS	Read
WEBHOOK USER	Admin
WEBHOOK ADMIN	None
WORKFLOWS	Read

Additional Permissions for Orders In API Integrations:

PERMISSION	LEVEL SUGGESTED	NEEDED SCENARIOS
CONTAINERS	Write	Creating a Requisition via API with a Specific Container ID
REQUISITIONS	Write	Utilizing the Create Requisition API

Additional Permissions for Results In API Integrations:

PERMISSION	LEVEL SUGGESTED	NEEDED SCENARIOS
REQUISITIONS	Write	Utilizing the Create Resource API
REPORT GENERATION	Write	Utilizing Update Report Contents API
BATCH CREATION	Write	Utilizing the Create a Test Result API
QPCR RESULTS	Write	Utilizing the Create a Test Result API
QUALITY CHECK	Write	Utilizing the Create a Test Result API

Additional Permissions for Patient Report API Integrations:

PERMISSION	LEVEL SUGGESTED	NEEDED SCENARIOS
BATCH CREATION	Write	Utilizing the Medications API
MEDICATION RESULTS	Write	Utilizing the Medications API
QUALITY CHECK	Write	Utilizing the Medications API

Permission Details

Default permissions for the Integration Specialist Role are bold and italicized. Each higher permission level includes the abilities granted by the lower permission levels.

Batch Creation

Read-enables user to view “Batch Creation” workflow step
Write-permission to submit and undo the “Batch Creation” workflow activity
- Needed for Create a Test Result and Medication Results APIs
Admin-provides same permissions as Write

Billing Settings

Read-enables “Billing Settings” navigation item; permission to view Billing Settings, Insurance Providers, Billing Rules, and Billing Submissions
- Needed for Integration Compendium download
Write-permission to create and update Billing Settings, Insurance Providers, Billing Rules, and Billing Submissions
- Needed to modify Insurance Providers list and payor codes
- Needed to modify Insurance Groups
- Needed to modify Provider list and payor codes
- Needed to modify Billing Rules
Admin-provides same permissions as Write

Containers

Read-enables “Containers” navigation item; permission to view containers
- Needed for Integration Compendium download
Write-permission to create, update, and destroy containers
- Needed to create orders with a specific container ID
Admin-provides same permissions as Write

Documents

Read-enables “Documents” navigation item; permission to view Documents folders and their contents (specific document folder permissions are needed under the “Documents” tab of “Users and Permissions”)
- Needed to view Documents link included in HL7 messages
Write-provides the same permissions as Read
Admin-provides same permissions as Write

Integrations

Read-enables “Integrations” navigation item; permission to view downstream Integrations widgets (e.g. Download Compendium and Webhooks), integration tiles and established integrations.
- Needed for Integration Compendium download
- Needed to interact with the gear widgets and perform icon list actions
- Needed to view Secure Host Credentials, Box Integrations, and requisition Import Mappings
- Needed to view integration and Route configuration (via sFTP HL7)
- Needed to access Event Log (via sFTP HL7)
- Needed to access Webhooks widget and actions (via API)
  - Note: Webhook User permission is needed to interact with items under the “Webhooks” widget item
Write-permission to create, update, and delete new and existing integrations, integration settings, and integration credentials (including the configuration and modification of integration routes and actions)
- Needed to create, update and delete Secure Host Credentials, Box Integrations, integration folder paths, route configurations, and requisition mappings.
- Needed to create and update integration and Route configuration (via sFTP HL7)
Admin-provides same permissions as Write

Medication Results

Read-permission to view “Medication Results” workflow step
Write-permission to submit and undo the “Medication Results” workflow activity
- Needed to utilize the Medication Results API
Admin-provides same permissions as Write

Project Settings

Read-enables “Project→Settings” navigation item; permission to view downstream requisition templates and settings
- Needed to view required/optional fields in a requisition template within the LIMs and via API
- Needed for Integration Compendium download
Write-permission to create, update, and delete items within the “Project→Settings” navigation item
Admin-permission to add or remove report and billing configurations

Projects

Read-enables “Project” navigation item; permission to view downstream requisition templates and settings
- Needed to view required/optional fields within downstream requisition templates
- Needed for Integration Compendium download
Write-permission to create and update items within the “Projects”
Admin-provides same permissions as Write

qPCR Results

Read-permission to view “qPCR Results” workflow activity step in which result data is imported
Write-permission to submit and undo the “qPCR Results” workflow activity step in which result data is imported
- Needed to utilize the Create Test Result and Medications APIs
Admin-provides same permissions as Write

Quality Check

Read-permission to view “Quality Check” (QC) workflow activity step
Write-permission to submit and undo the “Quality Check”(QC) workflow activity step
- Needed to utilize the Create a Test Result and Medications APIs
Admin-provides same permissions as Write

Report Generation

Read-no permission provided at this level
Write-permission to assign patient reports to an existing reportID using the Assign Report Contents API
- Needed to add patient reports to requisitions for a Results In integration
Admin-provides same permissions as Write

Requisitions

Read-enables “Requisitions” navigation item; permission to view subsequent requisitions, patient reports, requisition templates, consent, physician and sample items
- Needed to view and verify information entered in the requisition in the LIMs and utilizing the Get Requisition(s) APIs
- Needed to view “Unsigned Requisitions” and “Rejected Samples” in the organization dashboard
- Needed to view documents utilizing the Get Documents API
- Needed to view project templates utilizing the Get Project Templates API
- Needed to view requisition schemas utilizing the Get Requisition Schema API
- Needed to view test results utilizing the Get Test Result(s) APIs
Write-permission to create and update requisitions
- Needed to create and update requisitions in the LIMs and via the Update and Create Requisition APIs
- Needed to create documents utilizing the Create Documents API
- Needed to create a resource in a workflow utilizing the Create Resource API
Admin-provides same permissions as Write

Sales

Read-enables “Sales Groups”, “Sales Reps”, and “Provider Accounts” navigation items
- Needed for Integration Compendium download
- Needed to view provider accounts utilizing the Get Provider Account(s) APIs
- Needed to view providers utilizing the Get Providers APIs
- Needed to view provider account contacts utilizing the Get Provider Account(s) Contact APIs
Write-permission to update sales groups, sales reps and provider accounts
- Needed to update provider accounts utilizing the Update Provider Account(s) APIs
- Needed to create providers utilizing the Add Providers API
- Needed to update provider account contacts utilizing the Update Provider Account(s) Contact APIs
Admin-permission to create and delete sales groups, sales reps and provider accounts
- Needed to create and delete provider accounts utilizing the Create and Delete Provider Account(s) APIs
- Needed to delete providers utilizing the Remove a Provider API
- Needed to create and delete provider account contacts utilizing the Create Delete Provider Account(s) Contact APIs

Test Panels

Read-enables “Test Panels” navigation item; permission to view Test Panels
- Needed for Integration Compendium download
Write-permission to create and update Test Panels and their Requisition Template Associations
Admin-provides same permissions as Write

Webhook User

Read-permission to view all webhooks created by the user or one(s) for which an individual has been given access; provides access to Event Logs
Write-permission to create and update webhooks created by the user or one(s) for which an individual has been given access
Admin-permission to delete and resend webhooks created by the user or one(s) for which an individual has been given access
- Needed to create, manage, and resend webhooks

Webhook Admin

Read-permission to view all webhooks regardless of creator; provides access to Webhooks Events Log
Write-permission to create and update all webhooks regardless of creator
Admin-permission to delete and resend all webhooks regardless of creator
- Only recommended for lab users (not 3rd party users)
- Needed to create, manage, and resend webhooks regardless of creator

Workflows

Read-enables “Workflows” navigation item and “Active Workflows” organization dashboard widget
- Needed to view workflow step and workflowDefinitionId utilizing the Get Workflow API
- Needed to utilize the Get a QC Workflow Report API
Write-permission to create and update workflows and workflowQueue
Admin-provides same permissions as Write