Stream: implementers
Topic: fhirUser
Marco Ramos (Jan 22 2021 at 19:34):
Happy Friday All!
I've got a question about a FHIR authorization server's implementation to support clients providing the fhirUser scope defined in the SMART Application Launch Framework Implementation Guide Release 1.0.0.
For some deployments, we may have a FHIR authorization server that uses a single identity provider for all users. This is regardless of whether the user is a patients, practitioner, or authorized representative. Our system currently allows a single user identity to be mapped to a patient AND a practitioner AND an authorized representative. Though this is rare, I'm trying to understand how the authorization server would decide which fhirUser reference is appropriate.
My initial thought is that a client meant for practitioners should prioritize the practitioner FHIR reference if it exists for the user over any other references that may exist for the user. This would appear to require some way of the authorization server understanding the target audience for the application which as far as I know isn't something that is standardized when using dynamic client registration. This approach also doesn't handle applications which target various audiences; of which I know none, but given that there is no explicit prohibition in FHIR, may need to be considered.
There are other approaches that suffer from usability concerns, such as prompting the user during the authorization flow.
Any input would be greatly appreciated.
Thanks,
Marco
Josh Mandel (Jan 22 2021 at 19:51):
Thanks! W(ould recommend bringing this to #smart
Marco Ramos (Jan 22 2021 at 19:52):
Josh Mandel said:
Thanks! W(ould recommend bringing this to #smart
Thanks, how would I do that?
Josh Mandel (Jan 22 2021 at 20:06):
You should be able to click the "#smart" link in my message to take you to the right stream. If not, click the "settings gear" next to "Streams" in the left side bar and subscribe to #smart .
Edit: I see you already figured this out ;)
Last updated: Apr 12 2022 at 19:14 UTC
