Details
-
Change Request
-
Resolution: Persuasive
-
Medium
-
SMART on FHIR (FHIR)
-
2.0.0
-
FHIR Infrastructure
-
STU
-
Best Practices
-
-
Gino Canessa/Yunwei Wang: 13-0-0
-
Enhancement
-
Non-substantive
Description
The non-normative best practices page should include the following
—
Best practices for app developers include:
- Ensure that refresh tokens are never used more than once
- Take advantage of techniques to bind refresh tokens to asymmetric secrets managed in hardware, when available (see above)
- If an app only needs to connect to EHR when the user is present, maintain secrets with best-available protection (e.g., biometric unlock)
Publicly document any code of conduct that an app adheres to (e.g., CARIN Alliance code of conduct)
Attachments
Issue Links
- is voted on by
-
BALLOT-17397 Negative - Josh Mandel : 2021-May-HL7 FHIR IG SMART APP LAUNCH R2 STU
- Withdrawn
-
BALLOT-17405 Negative - Christopher Schaut : 2021-May-HL7 FHIR IG SMART APP LAUNCH R2 STU
- Withdrawn
-
BALLOT-17410 Negative - Brett Marquard : 2021-May-HL7 FHIR IG SMART APP LAUNCH R2 STU
- Withdrawn
-
BALLOT-17881 Negative - Michael Clifton : 2021-May-HL7 FHIR IG SMART APP LAUNCH R2 STU
- Withdrawn
-
BALLOT-17399 Negative - Jenni Syed : 2021-May-HL7 FHIR IG SMART APP LAUNCH R2 STU
- Closed
-
BALLOT-17425 Negative - Hans Buitendijk : 2021-May-HL7 FHIR IG SMART APP LAUNCH R2 STU
- Closed
-
BALLOT-17736 Negative - Vassil Peytchev : 2021-May-HL7 FHIR IG SMART APP LAUNCH R2 STU
- Closed
-
BALLOT-17791 Negative - Doug Pratt : 2021-May-HL7 FHIR IG SMART APP LAUNCH R2 STU
- Closed
-
BALLOT-17834 Negative - Chris Courville : 2021-May-HL7 FHIR IG SMART APP LAUNCH R2 STU
- Closed
-
BALLOT-17876 Negative - David Sundaram-Stukel : 2021-May-HL7 FHIR IG SMART APP LAUNCH R2 STU
- Closed
-
BALLOT-17893 Negative - Amit Popat : 2021-May-HL7 FHIR IG SMART APP LAUNCH R2 STU
- Closed