Details
-
Change Request
-
Resolution: Persuasive
-
Highest
-
SMART on FHIR (FHIR)
-
2.0.0
-
FHIR Infrastructure
-
STU
-
Overview
-
-
Gino Canessa/Yunwei Wang: 13-0-0
-
Correction
-
Non-substantive
Description
• Apps SHALL generate an unpredictable state parameter for each user session. An app SHALL validate the state value for any request sent to its redirect URL; include state with all authorization requests; and validate the state value included in access tokens it receives.
Access tokens are opague, how does one validate the state value?
Attachments
Issue Links
- is voted on by
-
BALLOT-17320 Negative - Bas van den Heuvel : 2021-May-HL7 FHIR IG SMART APP LAUNCH R2 STU
- Closed
-
BALLOT-17722 Negative - Ana Kostadinovska : 2021-May-HL7 FHIR IG SMART APP LAUNCH R2 STU
- Closed
-
BALLOT-17784 Negative - Ricardo Quintano : 2021-May-HL7 FHIR IG SMART APP LAUNCH R2 STU
- Closed
-
BALLOT-17828 Negative - Timon Grob : 2021-May-HL7 FHIR IG SMART APP LAUNCH R2 STU
- Closed
-
BALLOT-17868 Negative - Chris Melo : 2021-May-HL7 FHIR IG SMART APP LAUNCH R2 STU
- Closed
-
BALLOT-17927 Negative - Javier Espina : 2021-May-HL7 FHIR IG SMART APP LAUNCH R2 STU
- Closed