FHIR Chat · Argonaut AU

Stream: smart

Topic: Argonaut AU

Grahame Grieve (Feb 20 2019 at 02:03):

I thought that smart on FHIR as used by argonaut and Smart App Launch were pretty much the same thing. But they're not... profile vs fhirUser - is there other differences? Which would we want to use for Argonaut AU?

Grahame Grieve (Feb 20 2019 at 02:06):

Also, in http://hl7.org/fhir/smart-app-launch/#step-1-app-asks-for-authorization, this:

either a launchvalue or a set of launch context requirements

this is ambiguous whether one of these is mandatory, or it just means one of the other if you want a launch parameter

Isaac Vetter (Feb 20 2019 at 02:16):

Which would we want to use for Argonaut AU?

Isaac Vetter (Feb 20 2019 at 02:17):

As part of the HL7 ballot process a few things changed in SMART from the base Argonaut spec. fhirUser and a bit of the language around OIDC, extensions were added, as well as the whole capabilities thing. Do note that these are largely (if not entirely) designed to be backward compatible.

Isaac Vetter (Feb 20 2019 at 02:17):

I think that any new implementations should definitely use the HL7 version of the spec, and that existing implementation are/should migrate to it.

Grahame Grieve (Feb 20 2019 at 02:21):

how is fhirUser backwards compatible?

Isaac Vetter (Feb 20 2019 at 02:26):

Some apps need to authenticate the clinical end-user. This can be accomplished by requesting a pair of OpenID Connect scopes: openid and fhirUser. A client may also request openid profile instead of openid fhirUser, but the profile claim is being deprecated in favor of fhirUser.

http://www.hl7.org/fhir/smart-app-launch/scopes-and-launch-context/index.html#scopes-for-requesting-identity-data