Uploaded image for project: 'FHIR Specification Feedback'
  1. FHIR Specification Feedback
  2. FHIR-32296

SMART capabilities need to include online_access

    XMLWordPrintableJSON

Details

    • Icon: Change Request Change Request
    • Resolution: Persuasive
    • Icon: Medium Medium
    • SMART on FHIR (FHIR)
    • current
    • FHIR Infrastructure
    • STU
    • Conformance
    • 4.1.2.6
    • Hide

      Below:

      • permission-offline: support for refresh tokens (requested by offline_access scope)

      Add:

      • permission-online: support for refresh tokens (requested by online_access scope)
      Show
      Below: permission-offline : support for refresh tokens (requested by  offline_access  scope) Add: permission-online : support for refresh tokens (requested by  online_access  scope)
    • Gino Canessa/Yunwei Wang: 13-0-0
    • Correction
    • Non-substantive

    Description

      On related URL http://hl7.org/fhir/smart-app-launch/2021May/conformance.html#permissions

      (note: Jira won't let me include this in the URL field at this time)

      this defines permission-offline (for offline_access) but completely fails to mention permission-online (for online_access). Both should exist.

      In addition, we my want to modify the  "Clinician Access for EHR Launch" capability set to include the use of permission-offline or permission-online.

      In our system, permission-online is the most common access method used for EHR-launched SMART applications. Our tokens are also very short lived (15 minutes or less), so "single use" tokens aren't very useful, so the ability to declare support for this is very important.

      Attachments

        Activity

          People

            carl-anderson-msft Carl Anderson (Inactive)
            jenni_syed Jenni Syed (Inactive)
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: