FHIRcast logo

FHIRcast
3.0.0-ballot - ci-build International flag

FHIRcast, published by HL7 International / Infrastructure And Messaging. This guide is not an authorized publication; it is the continuous build for version 3.0.0-ballot built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/HL7/fhircast-docs/ and changes regularly. See the Directory of published versions

OAuth 2.0 Authorization Scopes

FHIRcast defines OAuth 2.0 access scopes that correspond directly to FHIRcast events. These scopes associate read or write permissions to an event. Applications that need to receive workflow related events SHOULD ask for read scopes. Applications that request context changes SHOULD ask for write scopes.

Expressed in Extended Backus-Naur Form (EBNF) notation, the FHIRcast syntax for OAuth 2.0 access scopes is:

FhircastScopes ::= fhircast  '/' ( FHIRcast-event-name | '*' ) '.' ( 'read' | 'write' | '*' )
FhircastScopes.png
Figure: Syntax for FHIRcast scopes

Note the FHIRcast event format contains a noun-verb, for example: Patient-open. So, a requested scope of fhircast/Patient-open.read would authorize the subscribing application to receive a notification when the patient in context changed. Similarly, a scope of fhircast/Patient-open.write authorizes the subscribing application to request a context change.