ModMed

ModMed provides strong write access through its proprietary FHIR API after a partner onboarding process. The dual-track API architecture (proprietary vs. certified) means maintaining two integration paths with different auth methods.

Medium complexityPartnerProprietary FHIR R4Certified FHIR R4

FHIR Version

R4 (US Core 4.0.0 STU4)

Rate Limit

1,000 calls/min per API key (proprietary; customizable)

Sandbox

Yes — provisioned in ~2 weeks

ONC Certified

Yes

Capability Matrix

Capability	Read	Write
Patients	Via both proprietary and certified FHIR APIs.	Full CRUD via proprietary API after partner onboarding.
Appointments	Appointment + Slot search via proprietary API.	Full scheduling CRUD via proprietary API.
Encounters	Read via both APIs.	No encounter create across either API.
Clinical Notes	Via DocumentReference + DiagnosticReport (8 note types per USCDI v1).	Clinical notes read-only.
Document Upload		DocumentReference create + update via proprietary API.
Lab Results	DiagnosticReport + ServiceRequest (orders) read.
Medications		MedicationStatement create + update via proprietary API.
Allergies		AllergyIntolerance create + update via proprietary API.
Conditions		Condition create + update via proprietary API.
Immunizations	Read via certified FHIR API.
Vitals	Observation read via both APIs.
Billing / Claims	ChargeItem + Account search.	ChargeItem create only — no update. Via proprietary API.
Coverage / Insurance		Coverage create only — no update. Via proprietary API.
Referrals	ServiceRequest read via proprietary API.
Bulk Data Export	Patient/$export + Group/$export. NDJSON output. Files stored on Amazon S3.	—
Events / Webhooks	No webhook or subscription support. Must poll using _lastUpdated parameter.	—

YesLimited (hover for details)No

What's hard about this EHR

Two separate API tracks with different auth methods — developers must maintain dual integration paths
Proprietary API uses OAuth2 Password Grant (deprecated in OAuth 2.1 draft)
No webhooks — must poll for data changes using _lastUpdated parameter
Per-practice credential management — each practice generates separate credentials per vendor
Proficiency demo required before production access adds onboarding time
Proprietary API does not support ModMed GI/gGastro practices

When you might need Cobalt

Real-time data needed: No webhooks available. Cobalt provides real-time event-driven data from ModMed.
Simplified integration: Dual API track with different auth methods is complex. Cobalt provides a single unified interface.
Multi-practice scale: Per-practice credential management creates operational overhead. Cobalt handles credential lifecycle.

Talk to Cobalt

[Vendor]API Portal
[Vendor]Proprietary API Documentation (PDF)
[Vendor]Certified FHIR API Documentation (PDF)
[Vendor]ONC Certification Press Release
[Vendor]Become a Partner
[Vendor]Certified API Vendor Registration
[Vendor]FHIR Endpoint Directory
[Vendor]synapSYS Marketplace