Stream: implementers
Topic: Authx in AWS
Joel Williams (Apr 12 2022 at 13:55):
I'm just starting to develop and test a FHIR interface API for our EHR. We're in AWS, so I first started working with Cognito for authentication and token handling, however it appears that Cognito won't be able to handle the scopes needed for testing.
Anyone else using AWS (specifically I'm coding Node.js Lambda functions) and have guidance as to what should work for authentication and authorization? I'd appreciate any feedback or suggestions you have.
Drew Torres (Apr 12 2022 at 14:12):
Have you looked at FHIR Works on AWS project? The SMART line main branch should have some details:
Drew Torres (Apr 12 2022 at 14:12):
https://github.com/awslabs/fhir-works-on-aws-deployment/tree/smart-mainline
Mike Lohmeier (Apr 12 2022 at 14:27):
Like @Drew Torres mentioned AWS FHIR Works is a great option on the AWS stack. The base repo uses cognito and roles based access control and the smart branch uses attribute based access control. You can also implement your own authz by implementing the Authorization interface found here https://github.com/awslabs/fhir-works-on-aws-interface/blob/mainline/src/authorization.ts.
Joel Williams (Apr 12 2022 at 15:11):
OK, thanks...I'm aware of FHIR Works, but didn't realize there was a SMART component that dealt with some of the issues I'm bumping into.
Last updated: Apr 12 2022 at 19:14 UTC
