Stream: smart
Topic: ISS to Client ID Mapping
Travis Cummings (Nov 05 2018 at 22:00):
For apps, is there a best practice for handling the problem of mapping ISS values to client IDs during the launch flow? Our "not best practice" is to have a mapping of an ISS directly to a client id. The problem is of course, that the ISS value can have subtle differences as a site (or vendor validation environment) launches the app. Some differences we've seen are at the subdomain (tst1.example.com, tst2.example.com) or path (example.com/tst1, example.com/tst2). Looking for any ideas or conventions other teams have applied.
Steve Munini (Nov 06 2018 at 20:42):
Hi Travis, I'm not sure what you mean exactly - the iss value in a SMART on FHIR launch contains the base FHIR endpoint that you should use to make requests back to the launching EMR's FHIR server. Which client ids are you referring to and why would you need to map an iss value to them?
Josh Mandel (Nov 13 2018 at 10:49):
Please note that I've updated a few key page at docs.smarthealthit.org to point to the now-published spec at hl7.org -- e.g., http://docs.smarthealthit.org/authorization/ (FYI @Dan Gottlieb @Vladimir Ignatov)
Last updated: Apr 12 2022 at 19:14 UTC
