Details
-
Question
-
Resolution: Considered - Question answered
-
Medium
-
SMART on FHIR (FHIR)
-
current
-
FHIR Infrastructure
-
App Launch: Scopes and Launch Context
-
Description
Current language: s noted previously, clients can request clinical scopes that contain a wildcard for the FHIR resource. When a wildcard is requested for the FHIR resource, the client is asking for all data for all available FHIR resources, both now and in the future. This is an important distinction to understand, especially for the entity responsible for granting authorization requests from clients.
Comment: The future aspect seems concerning. While I can understand a wildcard request for currently held data, I do not understand how it can be extended to the future. How can the potential sensitivity of future data be ascertained?