Method: fhirStores.applyAdminConsents

Full name: projects.locations.datasets.fhirStores.applyAdminConsents

Applies the admin Consent resources for the FHIR store and reindexes the underlying resources in the FHIR store according to the aggregate consents. This method also updates the consentConfig.enforced_admin_consents field of the FhirStore unless validateOnly=true in ApplyAdminConsentsRequest. Any admin Consent resource change after this operation execution (including deletion) requires you to call fhirStores.applyAdminConsents again for the change to take effect.

This method returns an Operation that can be used to track the progress of the resources that were reindexed, by calling operations.get. Upon completion, the ApplyAdminConsentsResponse additionally contains the number of resources that were reindexed.

If at least one Consent resource contains an error or fails be be enforced for any reason, the method returns an error instead of an Operation. No resources will be reindexed and the consentConfig.enforced_admin_consents field will be unchanged.

To enforce a consent check for data access, consentConfig.access_enforced must be set to true for the FhirStore.

HTTP request


The URL uses gRPC Transcoding syntax.

Path parameters



Required. The name of the FHIR store to enforce, in the format projects/{projectId}/locations/{locationId}/datasets/{datasetId}/fhirStores/{fhirStoreId}.

Authorization requires the following IAM permission on the specified resource name:

  • healthcare.fhirStores.applyConsents

Request body

The request body contains data with the following structure:

JSON representation
  "validateOnly": boolean,

  // Union field payload can be only one of the following:
  "newConsentsList": {
  // End of list of possible types for union field payload.


If true, the method only validates Consent resources to make sure they are supported. Otherwise, the method applies the aggregate consent information to update the enforcement model and reindex the FHIR resources. If all Consent resources can be applied successfully, the ApplyAdminConsentsResponse is returned containing the following fields: * consentApplySuccess to indicate the number of Consent resources applied. * affectedResources to indicate the number of resources that might have had their consent access changed. If, however, one or more Consent resources are unsupported or cannot be applied, the method fails and ApplyAdminConsentsErrorDetail is is returned with details about the unsupported Consent resources.

Union field payload.

payload can be only one of the following:



A new list of admin Consent resources to be applied. Any existing enforced Consents, which are specified in consentConfig.enforced_admin_consents of the FhirStore, that are not part of this list will be disabled. An empty list is equivalent to clearing or disabling all Consents enforced on the FHIR store. When a FHIR store has disableResourceVersioning=true and this list contains a Consent resource that exists in consentConfig.enforced_admin_consents, the method enforces any updates to the existing resource since the last enforcement. If the existing resource hasn't been updated since the last enforcement, the resource is unaffected. After the method finishes, the resulting consent enforcement model is determined by the contents of the Consent resource(s) when the method was called: * When disableResourceVersioning=true, the result is identical to the current resource(s) in the FHIR store. * When disableResourceVersioning=false, the result is based on the historical version(s) of the Consent resource(s) at the point in time when the method was called. At most 200 Consents can be specified.

Response body

If successful, the response body contains an instance of Operation.

Authorization scopes

Requires one of the following OAuth scopes:


For more information, see the Authentication Overview.


List of admin Consent resources to be applied.

JSON representation
  "names": [


The versioned names of the admin Consent resource(s), in the format projects/{projectId}/locations/{location}/datasets/{datasetId}/fhirStores/{fhirStoreId}/fhir/Consent/{resourceId}/_history/{versionId}. For FHIR stores with disableResourceVersioning=true, the format is projects/{projectId}/locations/{location}/datasets/{datasetId}/fhirStores/{fhirStoreId}/fhir/Consent/{resourceId}.