Stream: smart
Topic: sso-openid-connect profile
Sagar Shah (Sep 22 2020 at 19:27):
What's the significance of sso-openid-connect profile? I did not find much documentation around that on SMART on FHIR specs.
Could anyone throw some light on that?
Appreciate your suggestions!
Robert Scanlon (Sep 22 2020 at 19:33):
The sso-openid-connect capability means the server supports SMART's flavor of OpenID Connect for user authentication. See http://hl7.org/fhir/smart-app-launch/scopes-and-launch-context/index.html#scopes-for-requesting-identity-data
Robert Scanlon (Sep 22 2020 at 19:38):
Other references to it are throughout the guide. The openid and fhirUser scopes come from that, as well as id_token in the token response.
Sagar Shah (Sep 22 2020 at 19:49):
Ok. So it mainly insists following Open ID Connect profile. Thanks for clarifying.
Sagar Shah (Sep 22 2020 at 19:50):
Does not mean that it requires SSO implementation as such so that user is not required to login (in standalone launch at least)
Sagar Shah (Sep 22 2020 at 19:51):
What does fhirUser value indicate? Does that have to be a web url link with the current user's FHIR identifier?
Robert Scanlon (Sep 22 2020 at 19:54):
As described in the section I linked to earlier:
To learn more about the user, the app should treat the fhirUser claim as the URL of a FHIR resource representing the current user. This will be a resource of type Patient, Practitioner, RelatedPerson, or Person. Note that Person is only used if the other resource type do not apply to the current user, for example, the “authorized representative” for >1 patients.
Last updated: Apr 12 2022 at 19:14 UTC
