0.1.0 - ci-build

SMARTapplaunchmultiserverauthentication, published by HL7. This guide is not an authorized publication; it is the continuous build for version 0.1.0 built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/jmandel/smart-multi-auth/ and changes regularly. See the Directory of published versions

Logical Model: ExtendedSmartLaunchConformance - Detailed Descriptions

Draft as of 2024-12-09

Definitions for the extended-smart-launch-conformance logical model.

Guidance on how to interpret the contents of this table can be found here

0. extended-smart-launch-conformance
Definition

The formal definition of the SMART launch conformance as a FHIR logical model.

ShortNew SMART launch conformance definition
Logical ModelInstances of this logical model are not marked to be the target of a Reference
2. extended-smart-launch-conformance.issuer
Definition

CONDITIONAL, String conveying this system’s OpenID Connect Issuer URL. Required if the server’s capabilities include sso-openid-connect; otherwise, omitted.

ShortCONDITIONAL, String conveying this system’s OpenID Connect Issuer URL. Required if the server’s capabilities include sso-openid-connect; otherwise, omitted.
Control0..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
4. extended-smart-launch-conformance.jwks-uri
Definition

CONDITIONAL, String conveying this system’s JSON Web Key Set URL. Required if the server’s capabilities include sso-openid-connect; otherwise, optional.

ShortCONDITIONAL, String conveying this system’s JSON Web Key Set URL. Required if the server’s capabilities include sso-openid-connect; otherwise, optional.
Control0..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
6. extended-smart-launch-conformance.authorization-endpoint
Definition

REQUIRED, URL to the OAuth2 authorization endpoint. Required if server supports the launch-ehr or launch-standalone capability; otherwise, optional.

ShortREQUIRED, URL to the OAuth2 authorization endpoint. Required if server supports the `launch-ehr` or launch-standalone capability; otherwise, optional.
Control0..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
8. extended-smart-launch-conformance.grant-types-supported
Definition

OPTIONAL, Array of grant types supported at the token endpoint. The options are “authorization_code” (when SMART App Launch is supported) and “client_credentials” (when SMART Backend Services is supported).

ShortOPTIONAL, Array of grant types supported at the token endpoint. The options are “authorization_code” (when SMART App Launch is supported) and “client_credentials” (when SMART Backend Services is supported).
Control1..*
BindingThe codes SHALL be taken from Grant types supported by SMART-on-FHIR
(required to http://hl7.org/fhir/uv/smart-multi-server-auth/ValueSet/smart-grant-types)
Typecode
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
10. extended-smart-launch-conformance.token-endpoint
Definition

OPTIONAL, URL to the OAuth2 token endpoint.

ShortOPTIONAL, URL to the OAuth2 token endpoint.
Control1..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
12. extended-smart-launch-conformance.token-endpoint-auth-methods-supported
Definition

array of client authentication methods supported by the token endpoint. The options are “client_secret_post”, “client_secret_basic”, and “private_key_jwt”.

Shortarray of client authentication methods supported by the token endpoint. The options are “client_secret_post”, “client_secret_basic”, and “private_key_jwt”.
Control0..1
BindingThe codes SHALL be taken from Smart Token Endpoint Auth Methods supported by SMART-on-FHIR
(required to http://hl7.org/fhir/uv/smart-multi-server-auth/ValueSet/smart-token-endpoint-auth-methods)
Typecode
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
14. extended-smart-launch-conformance.registration-endpoint
Definition

OPTIONAL, If available, URL to the OAuth2 dynamic registration endpoint for this FHIR server.

ShortOPTIONAL, If available, URL to the OAuth2 dynamic registration endpoint for this FHIR server.
Control0..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
16. extended-smart-launch-conformance.smart-app-state-endpoint
Definition

OPTIONAL, DEPRECATED, URL to the EHR’s app state endpoint. Deprecated; use associated_endpoints with the smart-app-state capability instead.

ShortOPTIONAL, DEPRECATED, URL to the EHR’s app state endpoint. Deprecated; use associated_endpoints with the smart-app-state capability instead.
Control0..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
18. extended-smart-launch-conformance.user-access-brand-bundle
Definition

RECOMMENDED, URL for a Brand Bundle. See User Access Brands.

ShortRECOMMENDED, URL for a Brand Bundle. See User Access Brands.
Control0..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
20. extended-smart-launch-conformance.user-access-brand-identifier
Definition

RECOMMENDED, Identifier for the primary entry in a Brand Bundle. See User Access Brands.

ShortRECOMMENDED, Identifier for the primary entry in a Brand Bundle. See User Access Brands.
Control0..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
22. extended-smart-launch-conformance.scopes-supported
Definition

RECOMMENDED, Array of scopes a client may request. See scopes and launch context. The server SHALL support all scopes listed here; additional scopes MAY be supported (so clients should not consider this an exhaustive list).

ShortRECOMMENDED, Array of scopes a client may request. See scopes and launch context. The server SHALL support all scopes listed here; additional scopes MAY be supported (so clients should not consider this an exhaustive list).
Control0..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
24. extended-smart-launch-conformance.response-types-supported
Definition

RECOMMENDED, Array of OAuth2 response_type values that are supported. Implementers can refer to response_types defined in OAuth 2.0 (RFC 6749) and in OIDC Core.

ShortRECOMMENDED, Array of OAuth2 response_type values that are supported. Implementers can refer to response_types defined in OAuth 2.0 (RFC 6749) and in OIDC Core.
Control0..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
26. extended-smart-launch-conformance.management-endpoint
Definition

RECOMMENDED, URL where an end-user can view which applications currently have access to data and can make adjustments to these access rights.

ShortRECOMMENDED, URL where an end-user can view which applications currently have access to data and can make adjustments to these access rights.
Control0..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
28. extended-smart-launch-conformance.introspection-endpoint
Definition

RECOMMENDED, URL to a server’s introspection endpoint that can be used to validate a token.

ShortRECOMMENDED, URL to a server’s introspection endpoint that can be used to validate a token.
Control0..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
30. extended-smart-launch-conformance.revocation-endpoint
Definition

RECOMMENDED, URL to a server’s revoke endpoint that can be used to revoke a token.

ShortRECOMMENDED, URL to a server’s revoke endpoint that can be used to revoke a token.
Control0..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
32. extended-smart-launch-conformance.capabilities
Definition

REQUIRED, Array of strings representing SMART capabilities (e.g., sso-openid-connect or launch-standalone) that the server supports.

ShortREQUIRED, Array of strings representing SMART capabilities (e.g., sso-openid-connect or launch-standalone) that the server supports.
Control1..*
BindingThe codes SHALL be taken from Smart Capabilities
(required to http://hl7.org/fhir/uv/smart-multi-server-auth/ValueSet/SmartCapabilities)
Typecode
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
34. extended-smart-launch-conformance.code-challenge-methods-supported
Definition

REQUIRED, Array of PKCE code challenge methods supported. The S256 method SHALL be included in this list, and the plain method SHALL NOT be included in this list.

ShortREQUIRED, Array of PKCE code challenge methods supported. The S256 method SHALL be included in this list, and the plain method SHALL NOT be included in this list.
Control1..*
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
36. extended-smart-launch-conformance.associated-endpoints
Definition

OPTIONAL, Array of objects for endpoints that share the same authorization mechanism as this FHIR endpoint, each with a “url” and “capabilities” array. This property is deemed experimental.

ShortOPTIONAL, Array of objects for endpoints that share the same authorization mechanism as this FHIR endpoint, each with a “url” and “capabilities” array. This property is deemed experimental.
Control0..1
TypeBase
38. extended-smart-launch-conformance.associated-endpoints.url
Definition

url of the endpoint

Shorturl of the endpoint
Control1..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
40. extended-smart-launch-conformance.associated-endpoints.capabilities
Definition

List of capabilities of the endpoint.

ShortList of capabilities of the endpoint.
Control1..*
BindingThe codes SHALL be taken from Smart associated_endpoints capabilities
(required to http://hl7.org/fhir/uv/smart-multi-server-auth/ValueSet/SmartEndpointCapabilities)
Typecode
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension

Guidance on how to interpret the contents of this table can be found here

0. extended-smart-launch-conformance
Definition

The formal definition of the SMART launch conformance as a FHIR logical model.

ShortNew SMART launch conformance definition
Control0..*
Is Modifierfalse
Logical ModelInstances of this logical model are not marked to be the target of a Reference
2. extended-smart-launch-conformance.issuer
Definition

CONDITIONAL, String conveying this system’s OpenID Connect Issuer URL. Required if the server’s capabilities include sso-openid-connect; otherwise, omitted.

ShortCONDITIONAL, String conveying this system’s OpenID Connect Issuer URL. Required if the server’s capabilities include sso-openid-connect; otherwise, omitted.
Control0..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
4. extended-smart-launch-conformance.jwks-uri
Definition

CONDITIONAL, String conveying this system’s JSON Web Key Set URL. Required if the server’s capabilities include sso-openid-connect; otherwise, optional.

ShortCONDITIONAL, String conveying this system’s JSON Web Key Set URL. Required if the server’s capabilities include sso-openid-connect; otherwise, optional.
Control0..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
6. extended-smart-launch-conformance.authorization-endpoint
Definition

REQUIRED, URL to the OAuth2 authorization endpoint. Required if server supports the launch-ehr or launch-standalone capability; otherwise, optional.

ShortREQUIRED, URL to the OAuth2 authorization endpoint. Required if server supports the `launch-ehr` or launch-standalone capability; otherwise, optional.
Control0..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
8. extended-smart-launch-conformance.grant-types-supported
Definition

OPTIONAL, Array of grant types supported at the token endpoint. The options are “authorization_code” (when SMART App Launch is supported) and “client_credentials” (when SMART Backend Services is supported).

ShortOPTIONAL, Array of grant types supported at the token endpoint. The options are “authorization_code” (when SMART App Launch is supported) and “client_credentials” (when SMART Backend Services is supported).
Control1..*
BindingThe codes SHALL be taken from Grant types supported by SMART-on-FHIR
(required to http://hl7.org/fhir/uv/smart-multi-server-auth/ValueSet/smart-grant-types)
Typecode
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
10. extended-smart-launch-conformance.token-endpoint
Definition

OPTIONAL, URL to the OAuth2 token endpoint.

ShortOPTIONAL, URL to the OAuth2 token endpoint.
Control1..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
12. extended-smart-launch-conformance.token-endpoint-auth-methods-supported
Definition

array of client authentication methods supported by the token endpoint. The options are “client_secret_post”, “client_secret_basic”, and “private_key_jwt”.

Shortarray of client authentication methods supported by the token endpoint. The options are “client_secret_post”, “client_secret_basic”, and “private_key_jwt”.
Control0..1
BindingThe codes SHALL be taken from Smart Token Endpoint Auth Methods supported by SMART-on-FHIR
(required to http://hl7.org/fhir/uv/smart-multi-server-auth/ValueSet/smart-token-endpoint-auth-methods)
Typecode
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
14. extended-smart-launch-conformance.registration-endpoint
Definition

OPTIONAL, If available, URL to the OAuth2 dynamic registration endpoint for this FHIR server.

ShortOPTIONAL, If available, URL to the OAuth2 dynamic registration endpoint for this FHIR server.
Control0..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
16. extended-smart-launch-conformance.smart-app-state-endpoint
Definition

OPTIONAL, DEPRECATED, URL to the EHR’s app state endpoint. Deprecated; use associated_endpoints with the smart-app-state capability instead.

ShortOPTIONAL, DEPRECATED, URL to the EHR’s app state endpoint. Deprecated; use associated_endpoints with the smart-app-state capability instead.
Control0..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
18. extended-smart-launch-conformance.user-access-brand-bundle
Definition

RECOMMENDED, URL for a Brand Bundle. See User Access Brands.

ShortRECOMMENDED, URL for a Brand Bundle. See User Access Brands.
Control0..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
20. extended-smart-launch-conformance.user-access-brand-identifier
Definition

RECOMMENDED, Identifier for the primary entry in a Brand Bundle. See User Access Brands.

ShortRECOMMENDED, Identifier for the primary entry in a Brand Bundle. See User Access Brands.
Control0..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
22. extended-smart-launch-conformance.scopes-supported
Definition

RECOMMENDED, Array of scopes a client may request. See scopes and launch context. The server SHALL support all scopes listed here; additional scopes MAY be supported (so clients should not consider this an exhaustive list).

ShortRECOMMENDED, Array of scopes a client may request. See scopes and launch context. The server SHALL support all scopes listed here; additional scopes MAY be supported (so clients should not consider this an exhaustive list).
Control0..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
24. extended-smart-launch-conformance.response-types-supported
Definition

RECOMMENDED, Array of OAuth2 response_type values that are supported. Implementers can refer to response_types defined in OAuth 2.0 (RFC 6749) and in OIDC Core.

ShortRECOMMENDED, Array of OAuth2 response_type values that are supported. Implementers can refer to response_types defined in OAuth 2.0 (RFC 6749) and in OIDC Core.
Control0..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
26. extended-smart-launch-conformance.management-endpoint
Definition

RECOMMENDED, URL where an end-user can view which applications currently have access to data and can make adjustments to these access rights.

ShortRECOMMENDED, URL where an end-user can view which applications currently have access to data and can make adjustments to these access rights.
Control0..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
28. extended-smart-launch-conformance.introspection-endpoint
Definition

RECOMMENDED, URL to a server’s introspection endpoint that can be used to validate a token.

ShortRECOMMENDED, URL to a server’s introspection endpoint that can be used to validate a token.
Control0..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
30. extended-smart-launch-conformance.revocation-endpoint
Definition

RECOMMENDED, URL to a server’s revoke endpoint that can be used to revoke a token.

ShortRECOMMENDED, URL to a server’s revoke endpoint that can be used to revoke a token.
Control0..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
32. extended-smart-launch-conformance.capabilities
Definition

REQUIRED, Array of strings representing SMART capabilities (e.g., sso-openid-connect or launch-standalone) that the server supports.

ShortREQUIRED, Array of strings representing SMART capabilities (e.g., sso-openid-connect or launch-standalone) that the server supports.
Control1..*
BindingThe codes SHALL be taken from Smart Capabilities
(required to http://hl7.org/fhir/uv/smart-multi-server-auth/ValueSet/SmartCapabilities)
Typecode
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
34. extended-smart-launch-conformance.code-challenge-methods-supported
Definition

REQUIRED, Array of PKCE code challenge methods supported. The S256 method SHALL be included in this list, and the plain method SHALL NOT be included in this list.

ShortREQUIRED, Array of PKCE code challenge methods supported. The S256 method SHALL be included in this list, and the plain method SHALL NOT be included in this list.
Control1..*
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
36. extended-smart-launch-conformance.associated-endpoints
Definition

OPTIONAL, Array of objects for endpoints that share the same authorization mechanism as this FHIR endpoint, each with a “url” and “capabilities” array. This property is deemed experimental.

ShortOPTIONAL, Array of objects for endpoints that share the same authorization mechanism as this FHIR endpoint, each with a “url” and “capabilities” array. This property is deemed experimental.
Control0..1
TypeBase
38. extended-smart-launch-conformance.associated-endpoints.url
Definition

url of the endpoint

Shorturl of the endpoint
Control1..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
40. extended-smart-launch-conformance.associated-endpoints.capabilities
Definition

List of capabilities of the endpoint.

ShortList of capabilities of the endpoint.
Control1..*
BindingThe codes SHALL be taken from Smart associated_endpoints capabilities
(required to http://hl7.org/fhir/uv/smart-multi-server-auth/ValueSet/SmartEndpointCapabilities)
Typecode
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension

Guidance on how to interpret the contents of this table can be found here

0. extended-smart-launch-conformance
Definition

The formal definition of the SMART launch conformance as a FHIR logical model.

ShortNew SMART launch conformance definition
Control0..*
Is Modifierfalse
Logical ModelInstances of this logical model are not marked to be the target of a Reference
2. extended-smart-launch-conformance.issuer
Definition

CONDITIONAL, String conveying this system’s OpenID Connect Issuer URL. Required if the server’s capabilities include sso-openid-connect; otherwise, omitted.

ShortCONDITIONAL, String conveying this system’s OpenID Connect Issuer URL. Required if the server’s capabilities include sso-openid-connect; otherwise, omitted.
Control0..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
4. extended-smart-launch-conformance.jwks-uri
Definition

CONDITIONAL, String conveying this system’s JSON Web Key Set URL. Required if the server’s capabilities include sso-openid-connect; otherwise, optional.

ShortCONDITIONAL, String conveying this system’s JSON Web Key Set URL. Required if the server’s capabilities include sso-openid-connect; otherwise, optional.
Control0..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
6. extended-smart-launch-conformance.authorization-endpoint
Definition

REQUIRED, URL to the OAuth2 authorization endpoint. Required if server supports the launch-ehr or launch-standalone capability; otherwise, optional.

ShortREQUIRED, URL to the OAuth2 authorization endpoint. Required if server supports the `launch-ehr` or launch-standalone capability; otherwise, optional.
Control0..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
8. extended-smart-launch-conformance.grant-types-supported
Definition

OPTIONAL, Array of grant types supported at the token endpoint. The options are “authorization_code” (when SMART App Launch is supported) and “client_credentials” (when SMART Backend Services is supported).

ShortOPTIONAL, Array of grant types supported at the token endpoint. The options are “authorization_code” (when SMART App Launch is supported) and “client_credentials” (when SMART Backend Services is supported).
Control1..*
BindingThe codes SHALL be taken from Grant types supported by SMART-on-FHIR
(required to http://hl7.org/fhir/uv/smart-multi-server-auth/ValueSet/smart-grant-types)
Typecode
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
10. extended-smart-launch-conformance.token-endpoint
Definition

OPTIONAL, URL to the OAuth2 token endpoint.

ShortOPTIONAL, URL to the OAuth2 token endpoint.
Control1..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
12. extended-smart-launch-conformance.token-endpoint-auth-methods-supported
Definition

array of client authentication methods supported by the token endpoint. The options are “client_secret_post”, “client_secret_basic”, and “private_key_jwt”.

Shortarray of client authentication methods supported by the token endpoint. The options are “client_secret_post”, “client_secret_basic”, and “private_key_jwt”.
Control0..1
BindingThe codes SHALL be taken from Smart Token Endpoint Auth Methods supported by SMART-on-FHIR
(required to http://hl7.org/fhir/uv/smart-multi-server-auth/ValueSet/smart-token-endpoint-auth-methods)
Typecode
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
14. extended-smart-launch-conformance.registration-endpoint
Definition

OPTIONAL, If available, URL to the OAuth2 dynamic registration endpoint for this FHIR server.

ShortOPTIONAL, If available, URL to the OAuth2 dynamic registration endpoint for this FHIR server.
Control0..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
16. extended-smart-launch-conformance.smart-app-state-endpoint
Definition

OPTIONAL, DEPRECATED, URL to the EHR’s app state endpoint. Deprecated; use associated_endpoints with the smart-app-state capability instead.

ShortOPTIONAL, DEPRECATED, URL to the EHR’s app state endpoint. Deprecated; use associated_endpoints with the smart-app-state capability instead.
Control0..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
18. extended-smart-launch-conformance.user-access-brand-bundle
Definition

RECOMMENDED, URL for a Brand Bundle. See User Access Brands.

ShortRECOMMENDED, URL for a Brand Bundle. See User Access Brands.
Control0..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
20. extended-smart-launch-conformance.user-access-brand-identifier
Definition

RECOMMENDED, Identifier for the primary entry in a Brand Bundle. See User Access Brands.

ShortRECOMMENDED, Identifier for the primary entry in a Brand Bundle. See User Access Brands.
Control0..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
22. extended-smart-launch-conformance.scopes-supported
Definition

RECOMMENDED, Array of scopes a client may request. See scopes and launch context. The server SHALL support all scopes listed here; additional scopes MAY be supported (so clients should not consider this an exhaustive list).

ShortRECOMMENDED, Array of scopes a client may request. See scopes and launch context. The server SHALL support all scopes listed here; additional scopes MAY be supported (so clients should not consider this an exhaustive list).
Control0..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
24. extended-smart-launch-conformance.response-types-supported
Definition

RECOMMENDED, Array of OAuth2 response_type values that are supported. Implementers can refer to response_types defined in OAuth 2.0 (RFC 6749) and in OIDC Core.

ShortRECOMMENDED, Array of OAuth2 response_type values that are supported. Implementers can refer to response_types defined in OAuth 2.0 (RFC 6749) and in OIDC Core.
Control0..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
26. extended-smart-launch-conformance.management-endpoint
Definition

RECOMMENDED, URL where an end-user can view which applications currently have access to data and can make adjustments to these access rights.

ShortRECOMMENDED, URL where an end-user can view which applications currently have access to data and can make adjustments to these access rights.
Control0..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
28. extended-smart-launch-conformance.introspection-endpoint
Definition

RECOMMENDED, URL to a server’s introspection endpoint that can be used to validate a token.

ShortRECOMMENDED, URL to a server’s introspection endpoint that can be used to validate a token.
Control0..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
30. extended-smart-launch-conformance.revocation-endpoint
Definition

RECOMMENDED, URL to a server’s revoke endpoint that can be used to revoke a token.

ShortRECOMMENDED, URL to a server’s revoke endpoint that can be used to revoke a token.
Control0..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
32. extended-smart-launch-conformance.capabilities
Definition

REQUIRED, Array of strings representing SMART capabilities (e.g., sso-openid-connect or launch-standalone) that the server supports.

ShortREQUIRED, Array of strings representing SMART capabilities (e.g., sso-openid-connect or launch-standalone) that the server supports.
Control1..*
BindingThe codes SHALL be taken from Smart Capabilities
(required to http://hl7.org/fhir/uv/smart-multi-server-auth/ValueSet/SmartCapabilities)
Typecode
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
34. extended-smart-launch-conformance.code-challenge-methods-supported
Definition

REQUIRED, Array of PKCE code challenge methods supported. The S256 method SHALL be included in this list, and the plain method SHALL NOT be included in this list.

ShortREQUIRED, Array of PKCE code challenge methods supported. The S256 method SHALL be included in this list, and the plain method SHALL NOT be included in this list.
Control1..*
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
36. extended-smart-launch-conformance.associated-endpoints
Definition

OPTIONAL, Array of objects for endpoints that share the same authorization mechanism as this FHIR endpoint, each with a “url” and “capabilities” array. This property is deemed experimental.

ShortOPTIONAL, Array of objects for endpoints that share the same authorization mechanism as this FHIR endpoint, each with a “url” and “capabilities” array. This property is deemed experimental.
Control0..1
TypeBase
38. extended-smart-launch-conformance.associated-endpoints.url
Definition

url of the endpoint

Shorturl of the endpoint
Control1..1
Typestring
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension
40. extended-smart-launch-conformance.associated-endpoints.capabilities
Definition

List of capabilities of the endpoint.

ShortList of capabilities of the endpoint.
Control1..*
BindingThe codes SHALL be taken from Smart associated_endpoints capabilities
(required to http://hl7.org/fhir/uv/smart-multi-server-auth/ValueSet/SmartEndpointCapabilities)
Typecode
Primitive ValueThis primitive element may be present, or absent, or replaced by an extension