SMART App Launch
2.2.0 - STU 2.2
SMART App Launch
2.2.0 - STU 2.2
SMART App Launch, published by HL7 International / FHIR Infrastructure. This guide is not an authorized publication; it is the continuous build for version 2.2.0 built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/HL7/smart-app-launch/ and changes regularly. See the Directory of published versions
This profile describes SMART’s
client-confidential-symmetric authentication mechanism. It is intended
for SMART App Launch clients that can maintain a secret but cannot manage asymmetric keypairs. For clients that can manage asymmetric keypairs, Asymmetric Authentication is preferred. This profile is not intended for SMART Backend Services clients.
client_secretIf a client has registered for Client Password authentication (i.e.,
it possesses a client_secret that is also known to the EHR), the client
authenticates by supplying an Authorization header with HTTP Basic authentication,
where the username is the app’s client_id and the password is the app’s
client_secret.
If the client_id is “my-app” and the client_secret is “my-app-secret-123”,
then the header uses the value B64Encode(“my-app:my-app-secret-123”), which
converts to bXktYXBwOm15LWFwcC1zZWNyZXQtMTIz. This gives the app the Authorization
token for “Basic Auth”.
GET header:
Authorization: Basic bXktYXBwOm15LWFwcC1zZWNyZXQtMTIz
IG © 2020+ HL7 International / FHIR Infrastructure and Boston Children's Hospital. Package hl7.fhir.uv.smart-app-launch#2.2.0 based on FHIR 4.0.1. Generated 2024-05-14
Links: Table of Contents |
QA Report
| Version History |
|
Propose a change