Authenticate to the Health Gorilla API using OAuth 2.0 client credentials flow: POST to the token endpoint with your client_id and client_secret (YOUR_KEY) to obtain a bearer access token
Search for the patient using the Health Gorilla patient search endpoint, supplying name, date of birth, and optionally zip code or SSN last-4 to locate the patient's Health Gorilla record
Initiate a data request by POSTing to the query endpoint for the desired data categories (labs, medications, imaging, clinical documents); Health Gorilla queries connected health systems and aggregates results
Poll the request status endpoint using the returned request ID until status indicates completion; large queries across many connected sources may take several seconds to minutes
Retrieve the compiled results, which are returned as FHIR R4 resources (DiagnosticReport, MedicationRequest, DocumentReference, etc.); parse and integrate into your application's data model
Handle partial results gracefully — some connected sources may time out or return errors; check each source's status in the response envelope and surface unavailable sources to the end user
Known gotchas
Health Gorilla connectivity is limited to their network of connected health systems and labs; if a patient's records are at an unconnected institution they will not appear in query results
FHIR resources returned by Health Gorilla may not fully conform to US Core profiles; implement tolerant parsing that does not break on missing optional fields
Patient consent and authorization requirements vary by state; for some data categories (behavioral health, substance use disorder records) additional patient consent artifacts are required before retrieval is permitted
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp