Loading...

XML

Word

Printable

JSON

Details

Type: Change Request
Resolution: Persuasive
Priority: Highest

Specification:

SMART on FHIR (FHIR)
Raised in Version:

2.0.0
Work Group:

FHIR Infrastructure
Outstanding Negatives:
STU
Related Page(s):

Overview
Grouping:
- block-vote-0
Resolution Description:

Hide

Update: Apps SHALL generate an unpredictable state parameter for each user session. An app SHALL validate the state value for any request sent to its redirect URL; include state with all authorization requests; and validate the state value included in access tokens it receives.

To read: Apps SHALL generate an unpredictable state parameter for each user session; SHALL include state with all authorization requests; and SHALL validate the state value for any request sent to its redirect URL.

Show
Update: Apps SHALL generate an unpredictable state parameter for each user session. An app SHALL validate the state value for any request sent to its redirect URL; include state with all authorization requests; and validate the state value included in access tokens it receives. To read: Apps SHALL generate an unpredictable state parameter for each user session; SHALL include state with all authorization requests; and SHALL validate the state value for any request sent to its redirect URL.
Resolution Vote:
Gino Canessa/Yunwei Wang: 13-0-0
Change Category:
Correction
Change Impact:
Non-substantive

Description

• Apps SHALL generate an unpredictable state parameter for each user session. An app SHALL validate the state value for any request sent to its redirect URL; include state with all authorization requests; and validate the state value included in access tokens it receives.

Access tokens are opague, how does one validate the state value?

Attachments

Issue Links

is voted on by

BALLOT-17320 Negative - Bas van den Heuvel : 2021-May-HL7 FHIR IG SMART APP LAUNCH R2 STU

Closed

BALLOT-17722 Negative - Ana Kostadinovska : 2021-May-HL7 FHIR IG SMART APP LAUNCH R2 STU

Closed

BALLOT-17784 Negative - Ricardo Quintano : 2021-May-HL7 FHIR IG SMART APP LAUNCH R2 STU

Closed

BALLOT-17828 Negative - Timon Grob : 2021-May-HL7 FHIR IG SMART APP LAUNCH R2 STU

Closed

BALLOT-17868 Negative - Chris Melo : 2021-May-HL7 FHIR IG SMART APP LAUNCH R2 STU

Closed

BALLOT-17927 Negative - Javier Espina : 2021-May-HL7 FHIR IG SMART APP LAUNCH R2 STU

Closed

(1 is voted on by)

Activity

People

Assignee:: Carl Anderson (Inactive)

Reporter:: Bas van den Heuvel

Watchers:: 2 Start watching this issue

Dates

Created:: 2021-05-11 02:44

Updated:: 2021-11-29 01:38

Resolved:: 2021-07-01 07:51

Vote Date:: 2021-07-19