Webhook event is sent on data push from HIP to HIU

The Health Information User (HIU) can initiate a consent request through the Consent-API to get care context data. Once consent is validated, the Health Information Provider (HIP) sends the encrypted health data to the HIU.

Request

Headers:

Body:

{
    "service": "abdm",
    "event": "abha.hiu_data_push",
    "event_time": 1749822309,
    "transaction_id": "<webhook transaction id>",
    "timestamp": 1749825214,
    "business_id": "<partner business id>",
    "client_id": "<partner client id>",
    "data": {
        "abha_address": "shyam@abdm",
        "abha_number": "",
        "hip_id": "<partner hip id>",
        "oid": "<eka user id>",
        "partner_patient_id": "<partner patient id>",
        "consent_id": "<string>",
        "transaction_id": "<string>",
        "entries": [
            {
                "care_context_id": "<string>",
                "checksum": "<string>",
                "content": "<string>",
                "media": "application/fhir+json"
            }
        ],
        "key_information": {
            "crypto_alg": "<string>",
            "curve": "<string>",
            "dh_public_key": {
                "expiry": "<string>",
                "key_value": "<string>",
                "parameters": "<string>"
            },
            "nonce": "<string>"
        }
    }
}

Field Descriptions

  • data: Contains additional details related to the event.
    • consent_id: Consent id for the data transfer
    • transaction_id: Transaction id for the data flow
    • entries: List of care contexts with encrypted fhir data
    • key_information : Contains the cryptographic key material and related parameters required for secure ECDH-based key exchange between HIU and HIP.
      • crypto_alg The cryptographic algorithm used for key exchange (e.g., “ECDH”).
      • curve The elliptic curve used in ECDH key generation (e.g., “Curve25519”, “P-256”).
      • dh_public_key Object containing the HIU’s public key and related metadata:
        • expiry The expiration timestamp (in ISO 8601 format) indicating how long the public key is valid.
        • parameters Additional parameters related to the ECDH key (optional or curve-specific).
        • key_value The base64-encoded public key value generated by the HIU.
      • nonce A 32-byte random nonce (Base64-encoded) generated by the HIU, used to ensure uniqueness in the session key derivation.