IC Application Reference
The IC (Integrated Components) framework is the code-generation and runtime layer that powers every REV.health module. This page documents the shared stack, conventions, and commands.
Shared Technology Stack
| Layer | Technology | Notes |
|---|---|---|
| Database | Azure Cosmos DB (NoSQL API) | Partition-key multi-tenancy, tunable consistency |
| Cache | Redis (Azure Cache) | Session, lookup tables, rate limiting |
| Frontend | Angular 21 | Standalone components, signals, SSR-ready |
| Messaging | SQS + SNS (AWS) | Async command/event bus, dead-letter queues |
| Secrets | Azure Key Vault | All secrets, connection strings, certificates |
| Observability | OpenTelemetry | Traces, metrics, logs → Azure Monitor + Grafana |
| Component CDN | Azure CDN / Cloudflare | Versioned component bundles, env-tagged |
| Auth | OAuth 2.1 / OIDC + SMART on FHIR | SSO federation, SMART launch context |
Project Directory Skeleton
module-root/
ami/ # AMI schema definitions (.ami.json)
patient.ami.json
encounter.ami.json
rules/ # Business rules (.rules.json)
eligibility.rules.json
api/ # Generated API controllers + DTOs
controllers/
dtos/
validators/
components/ # Generated Angular components
forms/
tables/
detail-views/
adapters/ # External integration adapters
surescripts/
stedi/
waystar/
jobs/ # Background job definitions
sync/
cleanup/
deploy/ # IaC and deployment manifests
cosmos/
cdn/
k8s/Component Naming Convention
Pattern:
Examples:
ic-{framework}{majorVer}-{scope}-{break}-{name}Examples:
ic-ng21-scheduling-form-appointment — Angular 21, scheduling module, form component, appointment entityic-ng21-rcm-table-claim — Angular 21, RCM module, table component, claim entityic-ng21-clinical-doc-detail-encounter — Angular 21, clinical-doc module, detail-view, encounter entity
Code Generation Flow
graph TD AMI["AMI Schema
(.ami.json)"] --> PARSE["Parse & Validate"] PARSE --> DB["Generate Cosmos
Container Config"] PARSE --> API["Generate API
Controllers + DTOs"] PARSE --> COMP["Generate Angular
Components"] PARSE --> TEST["Generate Test
Scaffolds"] DB --> DEPLOY["Deploy Stage:
Cosmos containers"] API --> DEPLOY COMP --> CDN["Deploy Stage:
CDN bundle"] TEST --> CI["CI/CD Pipeline"] CI --> DEPLOY
Default Bindings
When generating components from AMI schemas, each field type maps to a default Angular component:
| AMI Type | Default Component | Notes |
|---|---|---|
| String | text-input | Single-line text |
| Text | textarea | Multi-line text |
| Int | int-input | Integer with step controls |
| Decimal | decimal-input | Decimal with precision control |
| Money | money-input | Currency-formatted with locale |
| Bool | checkbox | Toggle / checkbox |
| DateTime | datetime-picker | Date + time with timezone |
| Guid | short-guid-display | Read-only Base62 display |
email-input | Email with validation | |
| Phone | phone-input | E.164 formatted with mask |
| Url | url-input | URL with protocol validation |
| Entity FK | entity-picker | Searchable entity selector |
| List | jtable | Inline editable table for child collections |
Environment Cascade
| Environment | Cosmos Database | CDN Tag | Purpose |
|---|---|---|---|
| Dev | cosmos-dev | dev | Local development, feature branches |
| QA | cosmos-qa | qa | Automated testing, integration tests |
| UAT | cosmos-uat | uat | User acceptance testing, demo environment |
| Prod | cosmos-prod | prod | Production, real patient data |
Permissions / RBAC Enforcement
The core RBAC rules are the same for all modules. Module-specific thresholds (e.g., which level can submit a claim vs. prescribe a controlled substance) are documented on each module's IC application page.
Access control is enforced at four layers:
- Database layer. Cosmos partition-key isolation keyed on the
OrganizationIDpartition key blocks any cross-org read or write. The session variable is set at request context from the API using the authenticated user's org claim. Global containers (e.g.,Prescription) do not use partition-key isolation; reads are scoped by patient identity through the application-layer authorization chain. - API layer. Generated controllers compare the caller's IC permission level (0–100) against the entity threshold for the requested verb. Reading raw
RawRequestText/RawResponseTextrequires elevated permission (typically ≥ 70) because raw payloads can leak unrelated details. - Component layer. Edit controls disable on the client when the caller's level is below the field's write threshold. EditAMI controls (add required field, change type, remove field) are gated client-side and server-side at level 90 per IC rule #5.
- Read-access audit. Reads of sensitive data emit
AuditLogrows capturing the viewer, the entity, and the authorization-chain trace per the global read-access audit contract.
Every API endpoint has a numeric permission level (0–100); the caller's role must meet or exceed the required level:
| Level | Description | Example Roles |
|---|---|---|
| 0 | Public / unauthenticated | Anonymous patient portal pages |
| 10 | Patient self-service | Patient |
| 30 | Clinical read | MA, Nurse, Reception |
| 50 | Clinical write | PA/NP, Physician |
| 70 | Administrative | Practice Manager, RCM Specialist |
| 90 | System admin | IT Admin, Super Admin |
| 100 | Platform operator | REV.health internal ops |
Build / Test / Run Commands
The command pattern is the same for all modules. Replace {noun} with the module's root noun (e.g., eligibility, rcm, erx-epcs, scheduling). Module-specific test flags (e.g., --scrubbing for RCM, --epcs for eRx / EPCS, --pdmp for eRx / EPCS) are documented on each module's IC application page.
| Command | What it does |
|---|---|
ic generate {noun} | Runs DB → API → Components in order from the AMI/rules sources. |
ic generate {noun} --stage db | Run only the DB stage (Cosmos container definition diff, partition-key isolation, indexes). |
ic generate {noun} --stage api | Run only the API stage; requires DB stage already applied. |
ic generate {noun} --stage components | Run only the Components stage; publishes to the configured CDN. |
ic test {noun} --unit | Generated-controller unit tests + module-specific parser/serialization tests. |
ic test {noun} --integration | End-to-end against vendor sandboxes; uses test data appropriate for the module. |
ic test {noun} --contract | FHIR profile validation for the module's resource profiles. |
ic deploy {noun} --env dev | Deploys the latest built artifact to Dev only. |
ic deploy {noun} --env qa --cascade | Deploys to QA and cascades Dev to the same version. |
ic deploy {noun} --env prod --cascade --approve | Deploys to Prod (requires manager approval) and cascades all environments. |
ic schema bump {noun} {entity} --feature | Adds a feature bump to the entity's *.ami.json; rejects if the diff is not backward-compatible. |
ic schema bump {noun} {entity} --break | Adds a break bump; requires EditAMI (90) and triggers IC rule #13 new-database flow. |
Module root nouns.
{noun} maps to the module's directory name and CLI slug: eligibility, scheduling, clinical-doc, coding-cds, referrals, patient-portal, erx-epcs, rcm, task-mgmt, payer-opt.
Module Root Nouns
Each module is identified by a root noun used in container names, API routes, component prefixes, and deploy manifests:
| Root Noun | Module |
|---|---|
eligibility | Eligibility & Prior Authorization |
scheduling | Scheduling & Appointments |
clinical-doc | Clinical Documentation |
coding-cds | Coding & Clinical Decision Support |
referrals | Referrals & Specialist Coordination |
patient-portal | Patient Portal & Mobile |
erx-epcs | e-Prescribing & EPCS |
rcm | Revenue Cycle Management |
task-mgmt | Task Management & Workflows |
payer-opt | Payer Optimization & Rules |