Uploaded image for project: 'FHIR Specification Feedback'
  1. FHIR Specification Feedback
  2. FHIR-32216

openid and fhiruser usefull beyond end-user identity authentication

    XMLWordPrintableJSON

Details

    • Icon: Change Request Change Request
    • Resolution: Persuasive
    • Icon: Highest Highest
    • SMART on FHIR (FHIR)
    • 2.0.0
    • FHIR Infrastructure
    • Overview
    • 1.6.1.1
    • Hide

      Change: If the app needs to authenticate the identity of the end-user

       

      To say: If the app needs to authenticate the identify of or retrieve information about the end-user

      Show
      Change: If the app needs to authenticate the identity of the end-user   To say:  If the app needs to authenticate the identify of or retrieve information about the end-user
    • Gino Canessa/Yunwei Wang: 13-0-0
    • Correction
    • Non-substantive

    Description

      If the app needs to authenticate the identity of the end-user, it should include two OpenID Connect scopes: openid and fhirUser. When these scopes are requested, and the request is granted, the app will receive an id_token along with the access token. For full details, see SMART launch context parameters.

      This information is not just for authentication, also for retrieving information on the end-user for use in its UI. Please revise the sentence.

      Attachments

        Activity

          People

            carl-anderson-msft Carl Anderson (Inactive)
            bvdh Bas van den Heuvel
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: