mcp-fhir
@flexpa/mcp-fhir is an experimental MCP (Model Context Protocol) server that connects to a FHIR server using SMART on FHIR access tokens. It exposes MCP tools to search for FHIR resources and read individual FHIR resources, returning results in FHIR JSON and supporting resource access via fhir:// URIs.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
Uses a SMART on FHIR access token supplied via environment variables. The README does not specify token storage/logging behavior, TLS requirements, or fine-grained scope constraints. It also does not document handling of sensitive FHIR data returned to the MCP client.
⚡ Reliability
Best When
Prototyping an MCP-based assistant workflow over FHIR data where the FHIR server and token handling are already managed securely.
Avoid When
When you need a documented, stable, production-grade integration contract or when rate limits/error semantics from the MCP server are critical to automate robustly.
Use Cases
- • Integrate an LLM client that supports MCP with a FHIR backend
- • Search FHIR resources by resourceType and searchParams
- • Read specific FHIR resources by URI and provide results as context for downstream LLM workflows
Not For
- • Production clinical workloads without additional validation and hardening
- • Environments that cannot provide (or securely handle) a SMART on FHIR access token
- • Use cases requiring strict privacy-by-design controls without further configuration/auditing
Interface
Authentication
Authentication is described as a SMART on FHIR access token provided through FHIR_ACCESS_TOKEN. The README does not document scopes, refresh flow, or token lifecycle management.
Pricing
No pricing information provided (appears to be an open-source package/library).
Agent Metadata
Known Gotchas
- ⚠ README does not describe pagination or how to handle FHIR Bundle pagination for large searches
- ⚠ No explicit guidance on retry behavior for transient failures
- ⚠ Operational debugging requires using the MCP Inspector; stdio-based debugging may be nontrivial
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for mcp-fhir.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-03-30.