Details
-
Change Request
-
Resolution: Persuasive
-
Medium
-
SMART on FHIR (FHIR)
-
1.0 [deprecated]
-
FHIR Infrastructure
-
STU
-
(NA)
-
4.2, 4.3
-
-
Gino Canessa/Yunwei Wang: 13-0-0
-
Correction
-
Non-substantive
Description
In the SMART conformance doc: http://www.hl7.org/fhir/smart-app-launch/conformance/index.html#sample-response
the resonse_types_supported states:
response_types_supported: RECOMMENDED, array of OAuth2 response_type values that are supported
Is there any subset of defined values that is pulled from? EG: from the example:
"response_types_supported": ["code", "code id_token", "id_token", "refresh_token"],
code is part of OAuth 2 base, code id_token, and id_token are from Openid Connect.
Action:
refresh_token should be removed as it's not a grant response that I'm aware of (see also conversation on zulip [1]).
Link to or define the acceptable set of values more formally vs the definition being primarily contained within examples as it is today. Proposed stater set would be the OpenId Connect and base OAuth 2 specifications (though SMART doesn't go much beyond the "code" grant type today - will we accept others here?).
[1] https://chat.fhir.org/#narrow/stream/179170-smart/topic/response_types_supported.20values
Attachments
Issue Links
- is voted on by
-
BALLOT-17380 Negative - Jenni Syed : 2021-May-HL7 FHIR IG SMART APP LAUNCH R2 STU
- Closed
-
BALLOT-17394 Negative - Hans Buitendijk : 2021-May-HL7 FHIR IG SMART APP LAUNCH R2 STU
- Closed
-
BALLOT-17793 Negative - Doug Pratt : 2021-May-HL7 FHIR IG SMART APP LAUNCH R2 STU
- Closed
- mentioned in
-
Page Loading...