OAuth 2.0 Overview

OAuth 2.0 is the industry standard for allowing external applications access to protected resources. Additional information about the technology may be found at https://oauth.net/2/ .

App Registration

Applications can be registered within the Login Trusts editor within the EHR. Contact your implementation specialist for assistance.

Patient Standalone Launch

Registered applications can utilize the OAuth 2.0 authorization code workflow in order to access the EHR.

Utilizing applications conforming to the SMART launch workflow, users will be directed to the EHR’s Scope confirmation page.

On this page, individual accesses may be customized or denied altogether.

If allowed, the application will then be permitted to access the user’s data via the FHIR API.

EHR Launch

The Quickview contains a FHIR Launch portlet which allows launching configured applications.

Navigate to the Quickview sidemenu tab

Open the Select Portlets manager

Select the FHIR Launch portlet

Utilizing the links to the configured applications present in the FHIR Launch portlet will allow EHR Practitioner access to those applications.

Revocation of Access

Users may revoke access to any applications previously granted access via the Token Administration tool.

SMART Backend Services

Applications may utilize the FHIR Bulk access workflow order to consume EHR resources.
The EHR supports authentication of JWT access tokens via out of band supplied JWKS url.

Additional Information

• PKCE is not currently supported.