Priority
High - Major feature, it achieves a lot of work
Status
Draft
Customer
WHO
Business owner
Souleymane THIAM
Description
The DDCC specifications relies on FHIR Smart App Launch Implementation Guide for the user authorization feature. See http://hl7.org/fhir/smart-app-launch/index.html.
In this context, the SUT Operator shall have a mean to verify that his SUT is able to
- Support OAuth v1.0 tokens when requesting resources from a REST server
- Support OAuth v1.0 tokens when receiving requests from a REST client
- Support OAuth v2.0 tokens when requesting resources from a REST server
- Support OAuth v2.0 tokens when receiving requests from a REST client
- Limit access to resources based on the authorization token it receives;
- Get an authorization code by sending a request to an Authorization Server compliant with the SMART App Launch pattern
- Get an access token sending a request with a JWT assertion to an Authorization Server based on SMART App Launch pattern
- Get an access token sending a request with a client secret to an Authorization Server based on SMART App Launch pattern
- Get an access token sending a request with a JWT assertion to an Authorization Server based on SMART Backend Services pattern
What is/are the targeted context(s)?
Who is the targeted audience?
Targetted goal(s)
Allow the SUT operator to verify the conformance of his SUT against the FHIR SMART App Launch specifications.
Expected benefit
SUT Operator will be able to see if their implementation conforms with DDCC specifications.
Documentation
FHIR SMART App Launch: http://hl7.org/fhir/smart-app-launch/index.html
Source files