Care Nexus: An MCP Endpoint for Major EHR Platforms (Cerner/Epic)

A Model Context Protocol (MCP) gateway engineered to interface with prevailing Electronic Medical Record (EMR) systems, specifically Cerner and Epic, enabling advanced interaction with FHIR resources via Anthropic Claude Desktop and Goose Desktop environments.

Demonstration

Core Capabilities

• Seamless connectivity with EMR frameworks leveraging SMART on FHIR protocols
• Utilizes OAuth2 specification for secure authentication handshakes with EMRs
• Native integration supporting Anthropic Claude Desktop workflows
• Supports integration with external medical literature repositories (PubMed, Clinical Trials registry, FDA)
• Implements response result caching mechanisms
• Comprehensive error capture and systematic management
• Enforcement of null-safe data serialization and formatting
• Advanced instrumentation for nuanced clinical interpretation

Visual Previews

Available Toolkit Functions

FHIR Data Interaction Modules

• find_patient - Execute patient demographic searches using identifiers such as nomenclature or date of birth.
• get_patient_observations - Retrieve a patient's recorded vital signs and physiological measurements.
• get_patient_conditions - Fetch the current active diagnostic findings for the subject.
• get_patient_medications - Access the current pharmacological regimen prescribed to the patient.
• get_patient_encounters - Obtain records of patient-provider interactions and visits.
• get_patient_allergies - Retrieve documented hypersensitivities and adverse reactions.
• get_patient_procedures - Query the registry of surgical or therapeutic interventions performed.
• get_patient_careteam - List the assigned multidisciplinary healthcare personnel responsible for the patient.
• get_patient_careplans - Retrieve structured treatment objectives and management strategies.
• get_vital_signs - Specifically fetch core physiological measurements (e.g., BP, HR, Temp).
• get_lab_results - Access results from diagnostic laboratory testing.
• get_medications_history - Review the historical record of prescribed drugs.
• clinical_query - Dispatch bespoke, low-level queries against the FHIR endpoint.

Biomedical Intelligence Modules

• search-pubmed - Query the PubMed database for literature pertaining to specified medical topics.
• search-trials - Locate relevant ongoing or completed clinical investigations.
• drug-interactions - Assess potential pharmacological conflicts between specified pharmaceutical agents.

Operational Guidance

Invocation of each function necessitates precise input arguments:

Mandatory Input Arguments

• The patientId field is a prerequisite for the majority of patient-centric tools.
• Select functions require supplementary inputs:
• lab_trend_analysis: Mandates the labType specification.
• search-pubmed: Requires a query string and permits an optional maxResults constraint.
• search-trials: Requires the condition context and allows for an optional location filter.
• drug-interactions: Requires an array structure detailing the relevant drugs.

Environment Setup Directives

• For Cerner Connectivity: Navigate to https://code-console.cerner.com to establish a sandbox credential set, provision a new provider application, and extract the necessary clientId/secret. (Note: The tenant identifier 2458f2-1e24-41c8-b71b-0e701af7583d serves as the default for the Cerner development sandbox)

• For Epic Connectivity: Register as a developer at https://fhir.epic.com/Developer/Apps, create a new application instance, and secure the clientId/secret.

• For External Data Sources (PubMed, Trials, FDA): API access credentials must be obtained directly from the respective service providers' portals.

• Clinical Trial Metadata: https://clinicaltrials.gov/api/v2/studies
• NCBI E-utilities: https://eutils.ncbi.nlm.nih.gov/entrez/eutils
• FDA NDC Lookup: https://api.fda.gov/drug/ndc.json

For instantiation on a local machine, populate a .env file within the project root directory or inject these variables into the Claude Desktop execution configuration.

Cerner Configuration Profile

OAUTH_CLIENT_ID="XXXXX", OAUTH_CLIENT_SECRET="XXXXXXX", OAUTH_TOKEN_HOST="https://authorization.cerner.com", OAUTH_AUTHORIZE_PATH="/tenants/ec2458f2-1e24-41c8-b71b-0e701af7583d/protocols/oauth2/profiles/smart-v1/personas/provider/authorize", OAUTH_AUTHORIZATION_METHOD='header', OAUTH_TOKEN_PATH="/tenants/ec2458f2-1e24-41c8-b71b-0e701af7583d/hosts/api.cernermillennium.com/protocols/oauth2/profiles/smart-v1/token", OAUTH_AUDIENCE="https://fhir-ehr.cerner.com/r4/ec2458f2-1e24-41c8-b71b-0e701af7583d", OAUTH_CALLBACK_URL="http://localhost:3456/oauth/callback", OAUTH_SCOPES="user/Patient.read user/Condition.read user/Observation.read user/MedicationRequest.read user/AllergyIntolerance.read user/Procedure.read user/CarePlan.read user/CareTeam.read user/Encounter.read user/Immunization.read", OAUTH_CALLBACK_PORT="3456" FHIR_BASE_URL:any = "https://fhir-ehr.cerner.com/r4/ec2458f2-1e24-41c8-b71b-0e701af7583d" PUBMED_API_KEY=your_pubmed_api_key CLINICAL_TRIALS_API_KEY=your_trials_api_key FDA_API_KEY=your_fda_api_key

Epic Configuration Profile

OAUTH_CLIENT_ID="XXXXXXX", OAUTH_CLIENT_SECRET="", OAUTH_TOKEN_HOST="https://fhir.epic.com", OAUTH_AUTHORIZE_PATH="/interconnect-fhir-oauth/oauth2/authorize", OAUTH_AUTHORIZATION_METHOD='body', OAUTH_TOKEN_PATH="/interconnect-fhir-oauth/oauth2/token", OAUTH_AUDIENCE="https://fhir.epic.com/interconnect-fhir-oauth/api/FHIR/R4", OAUTH_CALLBACK_URL="http://localhost:3456/oauth/callback", OAUTH_SCOPES="user/Patient.read user/Observation.read user/MedicationRequest.read user/Condition.read user/AllergyIntolerance.read user/Procedure.read user/CarePlan.read user/CareTeam.read user/Encounter.read user/Immunization.read", OAUTH_CALLBACK_PORT=3456 FHIR_BASE_URL:any = "https://fhir.epic.com/interconnect-fhir-oauth/api/FHIR/R4" //EPIC PUBMED_API_KEY=your_pubmed_api_key CLINICAL_TRIALS_API_KEY=your_trials_api_key FDA_API_KEY=your_fda_api_key

Local Execution Initialization

git clone {agentcare-mcp-github path} cd agentcare-mcp npm install npm run build

Utilizing Claude Desktop

` For compatibility with Claude Desktop: macOS Path: ~/Library/Application Support/Claude/claude_desktop_config.json (Ensure environment variables mirroring the configurations above are correctly mapped within the launch settings)

{ "mcpServers": { "filesystem": { "command": "npx", "args": [ "-y", "@modelcontextprotocol/server-filesystem", "/Users/your-username/Desktop" ] }, "agent-care": { "command": "node", "args": [ "/Users/your-username/{agentcare-download-path}/agent-care-mcp/build/index.js" ], "env": { "OAUTH_CLIENT_ID": XXXXXX, "OAUTH_CLIENT_SECRET":XXXXXXX, "OAUTH_TOKEN_HOST":, "OAUTH_TOKEN_PATH":, "OAUTH_AUTHORIZE_PATH":, "OAUTH_AUTHORIZATION_METHOD": , "OAUTH_AUDIENCE":, "OAUTH_CALLBACK_URL":, "OAUTH_SCOPES":, "OAUTH_CALLBACK_PORT":, "FHIR_BASE_URL":, "PUBMED_API_KEY":, "CLINICAL_TRIALS_API_KEY":, "FDA_API_KEY": } } } } `

Using the MCP Inspector Utility

(To activate the MCP inspection interface; remember to update the local .env file with requisite access credentials.) npm install -g @modelcontextprotocol/inspector mcp-inspector build/index.js http://localhost:5173

Standard Credential Sets (For testing/sandbox environments)

• Cerner Access: portal | portal
• Epic Access: FHIRTWO | EpicFhir11!

Diagnostic Information (Troubleshooting)

Should Claude Desktop exhibit conflicts, it is likely due to port 3456 being occupied during the OAuth flow. Terminate the conflicting process using this shell command: kill -9 $(lsof -t -i:3456)

Goose Framework Integration

Goose, an open-source agent architecture originating from Block (Stripe), is compatible with MCP endpoints. Goose Desktop offers similar functionality to Claude Desktop but provides flexibility in selecting underlying large language models. More details are available at: https://block.xyz/inside/block-open-source-introduces-codename-goose

Configuration for Goose Desktop to utilize the Care Nexus server requires pointing the extension command to: /Users/your-username/{agentcare-download-path}/agent-care-mcp/build/index.js

WIKIPEDIA: XMLHttpRequest (XHR) is an Application Programming Interface implemented as a JavaScript object, providing methods to dispatch HTTP requests from a web browser to a remote server. These methods enable browser-based software modules to dispatch server inquiries post-page-load and subsequently receive resultant data. XMLHttpRequest forms a foundational element of Asynchronous JavaScript and XML (Ajax) development. Before Ajax, navigation relied primarily on standard hyperlinks and form submissions, which often necessitated a complete page refresh upon server interaction.

== Pedigree == The foundational concept for XMLHttpRequest was initially conceived in 2000 by developers working on Microsoft Outlook. This concept was subsequently integrated into the Internet Explorer 5 browser release (1999). However, the initial implementation did not utilize the XMLHttpRequest nomenclature; instead, developers employed the identifiers ActiveXObject("Msxml2.XMLHTTP") and ActiveXObject("Microsoft.XMLHTTP"). As of Internet Explorer 7 (2006), universal browser support for the standardized XMLHttpRequest identifier was achieved. The XMLHttpRequest identifier has since become the established convention across all primary browser engines, including Mozilla’s Gecko rendering engine (2002), Safari 1.2 (2004), and Opera 8.0 (2005).

=== Formal Specification Development === The World Wide Web Consortium (W3C) published its initial Working Draft specification for the XMLHttpRequest object on April 5, 2006. On February 25, 2008, the W3C advanced this to a Level 2 specification draft. Level 2 enhancements introduced capabilities for monitoring transmission progress, facilitating cross-site data fetching, and managing binary byte streams. By the close of 2011, the Level 2 features were formally integrated back into the core specification. In late 2012, stewardship of development transitioned to the WHATWG, which maintains an active, evolving document utilizing Web IDL notation.

== Operational Use Pattern == Typically, initiating a request via XMLHttpRequest requires adherence to several programmatic stages:

Instantiate an XMLHttpRequest object via its constructor method: Invoke the open method to define the request methodology (GET/POST, etc.), pinpoint the target resource URI, and choose between blocking (synchronous) or non-blocking (asynchronous) execution: For asynchronous operations, establish an event handler function that will execute upon state transitions of the request: Trigger the transmission sequence by calling the send method: Process the responses as state changes are reported by the event listener. If the server provides return data, it is typically aggregated in the responseText attribute by default. Once the object completes its processing cycle, its state transitions to 4, signifying the "complete" status. Beyond these fundamental steps, XMLHttpRequest offers extensive configuration options to govern request dispatch and response parsing. Custom HTTP header fields can be injected to guide server behavior, and data payloads can be uploaded by supplying them within the send invocation. The received response data can be deserialized from JSON into an immediately usable JavaScript object, or processed incrementally as it arrives instead of awaiting the full payload. Furthermore, the request can be halted prematurely or configured with a defined timeout threshold to prevent indefinite waiting.