Workflow or API calls:
Reminder: If this is referring to a client domain or EHR activity—not the public sandbox—do not include API request data or live patient data.
Background Information:
Failure to provide answers will impact our ability to respond in a timely and effective manner
Developer questions:
Are you an OPN Member? No
Have you signed up to be in the Healthcare Developer Track? Yes
Are you a registered Code Program member? No
Does your App have a presence on the Oracle Healthcare App Marketplace? Yes
Are you developing on behalf of an Oracle Health client?
If so, which client:
Application's Client ID and App ID, if relevant:
Expected Result:
Actual Result:
X-Request-Id / Cerner-Correlation-Id / opc-request-id:
Date/time of the example:
I am requesting to whitelist our external web application so that it can be embedded inside Cerner PowerChart (Citrix Workspace) using an iframe.
Application details:
App URL: https://oraclehealth.socialroots-prod.org
Purpose: This app is required to be accessible within PowerChart for workflow integration and clinical use.
Technical requirements:
The app is served over HTTPS.
Nginx configuration has been updated to allow embedding from the Cerner domain (https://cernabcn.cernerworks.com).
All conflicting headers like X-Frame-Options have been removed, and Content-Security-Policy: frame-ancestors is set appropriately.
Could you please add this URL to the External Content Whitelist / MPage configuration so it can be loaded inside PowerChart?
Please let me know if you need any additional details or testing access.
Thank you,