Stream: implementers
Topic: Purpose of use in HTTP operations?
Nick Radov (Sep 14 2020 at 15:40):
Is there any way to indicate the purpose of use in HTTP operations? For some use cases it's important for the FHIR server to know why the client is requesting certain data. For example, it is common to allow providers to "break the glass" for accessing patient data during emergency care even if that normally wouldn't be allowed.
Kevin Olbrich (Sep 14 2020 at 15:44):
I think this might cover your need... https://www.hl7.org/fhir/security-labels.html#break-the-glass
John Moehrke (Sep 14 2020 at 16:58):
there are proposals to add PurposeOfUse into the SMART context. ask on the #smart stream
John Moehrke (Sep 14 2020 at 17:02):
an alternative to SMART is a specification from IHE that profiles OAuth slightly differently - Internet User Authorization (IUA).
Last updated: Apr 12 2022 at 19:14 UTC
