FHIR Chat · scope delimination · smart

Stream: smart

Topic: scope delimination

view this post on Zulip Sean McIlvenna (May 26 2020 at 23:10):

I'm using https://launch.smarthealthit.org/ to test my smart-on-fhir (client) implementation.
It's my understanding that scopes are commonly delimited by a blank space. But it seems that this test client (launch.smarthealthit.org) seems to require that the scopes be delimited using a comma.
Does anyone know why?

view this post on Zulip Vladimir Ignatov (May 26 2020 at 23:20):

Not sure what you mean. launch.smarthealthit.org does use space(s).

view this post on Zulip Sean McIlvenna (May 26 2020 at 23:37):

Ok... so, here's my case:

  1. go to launch.smarthealthit.org
  2. select a single provider (NOT a patient)
  3. launch app (specify url)
  4. app asks authorization for the following scopes: "launch openid profile"
  5. launch.smarthealthit.org prompts the user to select a patient. this is where it is wrong. I've asked for it to be provider access (user/**), so why is it asking the user to select a patient? if I replace "launch openid profile" with "launch,openid,profile" then it does not ask the user to select a patient and continues forward in the flow just fine

view this post on Zulip Vladimir Ignatov (May 27 2020 at 01:27):

You still need a patient (if you are using the launch or launch/patient scope) and if you didn't select one in advance, it will prompt you to do so after launch. The user/*.* scope just states that you want to be able to access the current user resources.

view this post on Zulip Sean McIlvenna (May 27 2020 at 15:11):

so what is the appropriate scopes to apply that doesn't require a patient context, and indicates a system-wide access/context?

view this post on Zulip Sean McIlvenna (May 27 2020 at 15:16):

it seems that removing "launch" from the scopes seems to have bypassed prompting the user for a patient... so, maybe that's the answer.

view this post on Zulip Vladimir Ignatov (May 27 2020 at 15:22):

Here is an easy way to experiment with that:

  1. Select a "Provider Standalone Launch" as a launch type
  2. Select a provider
  3. Optionally uncheck the "Skip provider login screen" and "Skip app authorization screen"
  4. Click on the "Test with Sample App" link

This will then allow you to try different scopes and see the result

Last updated: Apr 12 2022 at 19:14 UTC


An HL7 Website -