Stream: Security and Privacy
Topic: Token Exchange approach
sameera gunarathne (Feb 09 2022 at 04:44):
Hi all,
I have a use case where I have a third party gateway exposes the FHIR APIs and the SMART app launch flow is implemented there. Now let's say there's a 3rd party FHIR resource server which will support token exchange grant. Will it be possible to extend the SMART app launch flow as below in order to consume the FHIR server APIs. Here the Gateway acts as the SMART app via token exchange.
Thank you.
John Moehrke (Feb 09 2022 at 13:15):
@Luis Maas @Josh Mandel ?
Josh Mandel (Feb 09 2022 at 14:37):
You could build something like this, sure. As far as SMART is concerned this is an internal detail of the server (which happens to be a gateway in your diagram, but the SMART app doesn't/shouldn't know anything about that)
Last updated: Apr 12 2022 at 19:14 UTC
