Uploaded image for project: 'FHIR Specification Feedback'
  1. FHIR Specification Feedback
  2. FHIR-32219

Why not refer to OAuth2.1?

    XMLWordPrintableJSON

    Details

    • Type: Change Request
    • Status: Applied (View Workflow)
    • Priority: Highest
    • Resolution: Persuasive with Modification
    • Specification:
      SMART on FHIR (FHIR)
    • Raised in Version:
      current
    • Work Group:
      FHIR Infrastructure
    • Related Page(s):
      Overview
    • Related Section(s):
      16.1.3
    • Grouping:
    • Resolution Description:
      Hide

      We refer to OAuth 2.0 and not OAuth 2.1 because OAuth 2.1 is still an early-stage draft.

       

      For consistency with other links to the OAuth spec, we will update:

      > as described in section 4.1.3 of RFC6749.

      To read:

      > as described in section 4.1.3 of RFC6749.

      Show
      We refer to OAuth 2.0 and not OAuth 2.1 because OAuth 2.1 is still an early-stage draft.   For consistency with other links to the OAuth spec, we will update: > as described in  section 4.1.3 of RFC6749 . To read: > as described in section 4.1.3 of RFC6749 .
    • Resolution Vote:
      Gino Canessa/Yunwei Wang: 13-0-0
    • Change Category:
      Clarification
    • Change Impact:
      Non-substantive

      Description

      After obtaining an authorization code, the app trades the code for an access token via HTTP POST to the EHR authorization server's token endpoint URL, using content-type application/x-www-form-urlencoded, as described in section* 4.1.3 of RFC6749.*

      Suggest to refer to OAuth2.1 instead of deeplinking into OAuth2.1 requirements.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              carl-anderson-msft Carl Anderson
              Reporter:
              bvdh Bas van den Heuvel
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Vote Date: