FHIRcast, published by HL7 International / Infrastructure And Messaging. This guide is not an authorized publication; it is the continuous build for version 3.0.0-ballot built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/HL7/fhircast-docs/ and changes regularly. See the Directory of published versions
FHIRcast defines OAuth 2.0 access scopes that correspond directly to FHIRcast events. These scopes associate read or write permissions to an event. Applications that need to receive workflow related events SHOULD ask for read
scopes. Applications that request context changes SHOULD ask for write
scopes.
Expressed in Extended Backus-Naur Form (EBNF) notation, the FHIRcast syntax for OAuth 2.0 access scopes is:
FhircastScopes ::= fhircast '/' ( FHIRcast-event-name | '*' ) '.' ( 'read' | 'write' | '*' )
Note the FHIRcast event format contains a noun-verb, for example: Patient-open
. So, a requested scope of fhircast/Patient-open.read
would authorize the subscribing application to receive a notification when the patient in context changed. Similarly, a scope of fhircast/Patient-open.write
authorizes the subscribing application to request a context change.