Skip to content

Implement an AccessChecker based on "SMART Backend Services". #202

Open
@bashir2

Description

Our current sample access-checkers, i.e., patient and list are intended for app facing scenarios. Another common scenario is when a backend service needs to interact with the FHIR server (e.g., pipelines in fhir-data-pipes). We are going to adopt SMART Backend Services spec as the standard way for such scenarios and implement a sample AccessChecker based on that.

Activity

added
enhancementNew feature or request
P2:shouldAn issue to be addressed in a quarter or so.
on Nov 2, 2023
self-assigned this
on Nov 2, 2023
bashir2

bashir2 commented on Nov 18, 2023

@bashir2
CollaboratorAuthor

A large part of supporting SMART Backend spec lies inside the IDP/Authorization server, e.g., Keycloak. To close this issue, we need to do the following:

removed their assignment
on Nov 18, 2023
bashir2

bashir2 commented on Nov 18, 2023

@bashir2
CollaboratorAuthor

Once this feature is implemented we should also update fhir-data-pipes and add support for client-confidential-asymmetric flow, but we will track that in that repo. Note the client-confidential-symmetric flow was implemented in this PR.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Assignees

No one assigned

    Labels

    P2:shouldAn issue to be addressed in a quarter or so.enhancementNew feature or request

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions

      Implement an `AccessChecker` based on "SMART Backend Services". · Issue #202 · google/fhir-gateway