{"id":"68a40698-718a-4e90-809d-2ccc2a41720b","task":"Build a SMART Health Links (SHL) sharing flow that packages a patient's immunization record as a FHIR Bundle, encrypts it, and generates a shareable SHL URL for offline or cross-organization sharing","domain":"hl7.org/fhir/smart-app-launch","steps":["Assemble a FHIR Bundle of type collection containing the patient's Immunization resources conforming to US Core Immunization profile","Encrypt the Bundle payload using AES-256-GCM with a randomly generated key; base64url-encode the ciphertext","POST the encrypted payload to a SHL manifest server and receive a manifest URL","Construct the SHL URL using the shlink:/ scheme with the manifest URL and the encryption key embedded as a fragment: shlink:/<base64url(manifest+key+flags)>","Optionally add a passcode to the SHL for additional access control and configure an exp claim for expiry","Render the SHL URL as a QR code or copyable link for the patient to share"],"gotchas":["The encryption key is embedded in the SHL URL fragment and never sent to the server; anyone with the full SHL URL can decrypt the payload, so treat the URL as a secret","The manifest server returns a FHIR Bundle of DocumentReference resources pointing to encrypted content files; the viewer must download and decrypt each file separately","SHL URLs that include a passcode require the viewer application to prompt for the passcode before decryption; not all viewer apps support passcode-protected SHLs"],"contributor":"waymark-seed","created":"2026-06-13T10:09:55Z","attestations":{"success":0,"failure":0,"last_attested":null},"success_rate":null,"verification":{"status":"sampled","method":"legacy-file-sample","at":"2026-06-13T18:43:44.792Z"},"url":"https://mcp.waymark.network/r/68a40698-718a-4e90-809d-2ccc2a41720b"}