Stay organized with collections
Save and categorize content based on your preferences.
This page explains the concept of referential integrity as it relates to
resources within a FHIR store in the Cloud Healthcare API.
The FHIR store enforces referential integrity on references to other resources
within the same store:
When creating, updating, or patching a resource, the operation will fail if the resulting
content of the resource contains a reference to a resource or resource version that does not
exist.
When deleting a resource, the operation will fail if there are other resources in the store that
reference that resource.
Referential integrity can be disabled by setting the
disableReferentialIntegrity option at the time of store creation.
Exclusions and limitations
The FHIR specification allows various forms of
references, some of which are not
covered by referential integrity:
An external reference specified by a URL that does not match the base URL of the FHIR store.
A logical reference specified by a business identifier.
A reference containing only a human-readable display string.
References inside FHIR
extensions are only subject to
referential integrity if complexDataTypeReferenceParsing
is set to ENABLED. This is the default value for new FHIR stores.
Certain API methods can cause referential integrity to be violated under some conditions:
FHIR allows references to point to a specific history version of a resource using the form
[resource type]/[resource ID]/_history/[version ID]. Referential integrity is applied to these
references when created or updated, but when using the
Resource-purge
method to remove historical versions of a resource, incoming references are not checked.
The FHIR import
method does not enforce referential integrity. The method may be used either in cases where
referential integrity is not required, or where the input is known to satisfy referential
integrity. In the latter case, the references inside the FHIR store will reach eventual
consistency after every resource is successfully imported.
The
deidentify
method can potentially create a FHIR store in a state that does not satisfy referential integrity
temporarily during the operation, or permanently if filters are used to select a subset of
resources.
A state where integrity is being enforced but has been violated by one of the previous cases will
cause resource updates to be rejected on a resource that contains an invalid reference, unless the
update fixes or removes all invalid references. Such a state might also create difficulties for
applications using the store that assume integrity.
Contained resources
The FHIR specification contains a constraint that every
contained resource must be
referenced from somewhere within its containing resource (including references from other
contained resources), and every reference to a contained resource must be valid. This constraint
is enforced separately from referential integrity and cannot be disabled as it is defined in the
FHIRPath invariants on each individual resource.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-25 UTC."],[[["\u003cp\u003eThis page outlines how the Cloud Healthcare API's FHIR store enforces referential integrity on references to other resources within the same store, causing operations to fail if references are invalid or if referenced resources are deleted.\u003c/p\u003e\n"],["\u003cp\u003eReferential integrity can be disabled during FHIR store creation using the \u003ccode\u003edisableReferentialIntegrity\u003c/code\u003e option.\u003c/p\u003e\n"],["\u003cp\u003eCertain types of references, such as external URLs, logical identifiers, or simple display strings, are excluded from referential integrity checks, and references within FHIR extensions are only checked if \u003ccode\u003ecomplexDataTypeReferenceParsing\u003c/code\u003e is enabled.\u003c/p\u003e\n"],["\u003cp\u003eSpecific API methods like \u003ccode\u003eResource-purge\u003c/code\u003e, \u003ccode\u003eimport\u003c/code\u003e, and \u003ccode\u003edeidentify\u003c/code\u003e can bypass referential integrity checks, potentially leading to a state where integrity is violated.\u003c/p\u003e\n"],["\u003cp\u003eThe FHIR specification's constraint on contained resources, which requires them to be referenced within their containing resource and every reference to them to be valid, is enforced independently and cannot be disabled.\u003c/p\u003e\n"]]],[],null,["# FHIR referential integrity\n\nThis page explains the concept of referential integrity as it relates to\nresources within a FHIR store in the Cloud Healthcare API.\n\nThe FHIR store enforces referential integrity on references to other resources\nwithin the same store:\n\n- When creating, updating, or patching a resource, the operation will fail if the resulting content of the resource contains a reference to a resource or resource version that does not exist.\n- When deleting a resource, the operation will fail if there are other resources in the store that reference that resource.\n\nReferential integrity can be disabled by setting the\n[`disableReferentialIntegrity`](/healthcare-api/docs/reference/rest/v1/projects.locations.datasets.fhirStores#FhirStore.FIELDS.disable_referential_integrity) option at the time of store creation.\n\nExclusions and limitations\n--------------------------\n\nThe FHIR specification allows various forms of\n[references](http://hl7.org/fhir/references.html), some of which are not\ncovered by referential integrity:\n\n- An external reference specified by a URL that does not match the base URL of the FHIR store.\n- A logical reference specified by a business identifier.\n- A reference containing only a human-readable display string.\n- References inside FHIR [extensions](http://hl7.org/fhir/extensibility.html) are only subject to referential integrity if [`complexDataTypeReferenceParsing`](/healthcare-api/docs/reference/rest/v1/projects.locations.datasets.fhirStores#ComplexDataTypeReferenceParsing) is set to `ENABLED`. This is the default value for new FHIR stores.\n\nCertain API methods can cause referential integrity to be violated under some conditions:\n\n- FHIR allows references to point to a specific history version of a resource using the form `[resource type]/[resource ID]/_history/[version ID]`. Referential integrity is applied to these references when created or updated, but when using the [`Resource-purge`](/healthcare-api/docs/reference/rest/v1/projects.locations.datasets.fhirStores.fhir/Resource-purge) method to remove historical versions of a resource, incoming references are **not** checked.\n- The FHIR [`import`](/healthcare-api/docs/reference/rest/v1/projects.locations.datasets.fhirStores/import) method does not enforce referential integrity. The method may be used either in cases where referential integrity is not required, or where the input is known to satisfy referential integrity. In the latter case, the references inside the FHIR store will reach eventual consistency after every resource is successfully imported.\n- The [`deidentify`](/healthcare-api/docs/reference/rest/v1/projects.locations.datasets.fhirStores/deidentify) method can potentially create a FHIR store in a state that does not satisfy referential integrity temporarily during the operation, or permanently if filters are used to select a subset of resources.\n\nA state where integrity is being enforced but has been violated by one of the previous cases will\ncause resource updates to be rejected on a resource that contains an invalid reference, unless the\nupdate fixes or removes all invalid references. Such a state might also create difficulties for\napplications using the store that assume integrity.\n\nContained resources\n-------------------\n\nThe FHIR specification contains a constraint that every\n[contained resource](http://hl7.org/fhir/references.html#contained) must be\nreferenced from somewhere within its containing resource (including references from other\ncontained resources), and every reference to a contained resource must be valid. This constraint\nis enforced separately from referential integrity and cannot be disabled as it is defined in the\nFHIRPath invariants on each individual resource."]]
