Testing Healthcare APIs: Scenario-Based Certification with Karate

Testing Healthcare APIs: Scenario-Based Certification with Karate

Testing a FHIR server is notoriously difficult. Unlike a simple CRUD app, a FHIR server involves complex resource relationships, search parameter indexing, and versioned histories.

While unit tests are great for logic, they don’t give you confidence that your API actually behaves like a FHIR server should. For that, we need Behavioral Integration Testing.

Why Karate DSL?

Karate is a testing framework that allows you to write API tests using a Gherkin-like syntax. It is perfect for FHIR because:

  • Built-in JSON assertions: Easily match complex FHIR bundles.
  • No boilerplate code: Write tests in plain text, no Java required.
  • Scenario Focus: You can model an entire patient journey in one file.

Tutorial: Writing Your First FHIR Test

Step 1: Create a Feature File

Let’s test the creation and retrieval of a Patient. Create a file called patient.feature:

Feature: FHIR Patient API

  Background:
    * url 'http://localhost:8080/fhir'

  Scenario: Create a patient and verify their name
    Given path 'Patient'
    And request { resourceType: 'Patient', name: [{ family: 'Doe', given: ['John'] }] }
    When method post
    Then status 201
    * def patientId = response.id

    Given path 'Patient', patientId
    When method get
    Then status 200
    And match response.name[0].family == 'Doe'

Step 2: Running Tests in the CI/CD Pipeline

In the hapi-fhir-groovy repo, I’ve integrated Karate into the docker-compose stack. This ensures tests run against a clean, “real-world” environment.

Run them with a simple command:

make integration-tests

Advanced Tutorial: Testing Custom Extensions

Since our server supports Dynamic Scripting, we can use Karate to verify that a new Groovy script works as expected:

Scenario: Verify dynamic business rule
  # 1. Upload a script that enforces a specific identifier
  Given path 'Configuration'
  And request read('identifier-check-script.json')
  When method post
  Then status 201

  # 2. Try to save a patient without that identifier
  Given path 'Patient'
  And request { resourceType: 'Patient', name: [{ family: 'Fail' }] }
  When method post
  Then status 400
  And match response.issue[0].diagnostics contains 'Missing required identifier'

The Architect’s Verdict: Certification vs. Testing

In a production healthcare environment, we don’t just “test”; we certify. Karate allows us to create a certification suite that verifies:

  • Conformance: Does the server correctly reject resources that don’t match our profiles?
  • Search Logic: Do complex nested search parameters work as expected?
  • Workflow Integrity: Can a patient be created, enrolled in a clinical trial, and have their observations recorded in a single atomic-like sequence of API calls?

By using Karate, you create a “living documentation” of your API’s capabilities. These tests can be shared with integration partners as a technical specification, ensuring that everyone knows exactly how the server will respond to specific clinical scenarios.

Check out the sample tests in the src/test/smoketest and docker-compose.yaml.

Related Content

Compliant by Design: Automated FHIR Auditing

Compliant by Design: Automated FHIR Auditing

How to implement structured, FHIR-native audit trails that satisfy HIPAA and GDPR requirements using the AuditEvent resource.

FHIR AuditEvent Compliance
Dynamic FHIR Logic: Hot-Reloading Business Rules with Groovy

Dynamic FHIR Logic: Hot-Reloading Business Rules with Groovy

Learn how to extend your HAPI FHIR server at runtime using Groovy scripts, allowing for hot-reloadable Interceptors and Resource Providers.

FHIR Groovy Architecture
Orchestrating the Perfect FHIR Sandbox: The Power of Synthea and Flexporter

Orchestrating the Perfect FHIR Sandbox: The Power of Synthea and Flexporter

How to move beyond static test data by combining the scale of Synthea with the precision of Flexporter to build realistic, custom healthcare environments.

Synthea Flexporter FHIR
Breaking the Mold: The Case for Custom FHIR Resources

Breaking the Mold: The Case for Custom FHIR Resources

Exploring the strategic value of Logical Models in FHIR architecture: when to use them, why they matter, and how to implement them using FHIR Shorthand (FSH).

FHIR Architecture FSH
Visualizing Interoperability: Architectural Graphics in the FHIR IG Publisher

Visualizing Interoperability: Architectural Graphics in the FHIR IG Publisher

A deep dive into the three powerful methods for including graphical representations in FHIR Implementation Guides: Mermaid, PlantUML, and the new automated Class Diagrams.

FHIR Implementation Guide Architecture
Testing Mirth Connect: Introducing Mirth Tools for Clinical Data Workflows

Testing Mirth Connect: Introducing Mirth Tools for Clinical Data Workflows

A suite of utilities designed to simplify the testing and validation of Mirth Connect transformations, ensuring reliable clinical data integration.

Mirth Connect HL7v2 Testing
Testing Mirth Connect: Introducing Mirth Tools for Clinical Data Workflows

Testing Mirth Connect: Introducing Mirth Tools for Clinical Data Workflows

Testing and validation in Mirth.

Mirth Connect HL7v2 Testing
From FHIR PlanDefinition to BPMN: Visualizing Care Pathways

From FHIR PlanDefinition to BPMN: Visualizing Care Pathways

Tool to convert FHIR PlanDefinitions into interactive BPMN diagrams with a simple web app, making complex care pathways easy to visualize and understand.

FHIR dbt DuckDB