Skip to content

Instantly share code, notes, and snippets.

@jmandel

jmandel/the-problem.md

Last active Aug 29, 2015
Embed
What would you like to do?
One app connecting to multiple servers

1. Launch in EHR

Got access token back:

{
  "access_token": "29141724124...",
  "patient": "123"
}

Assumption: somehow the app knows this is Patient/abc in the external system.

The problem: today, apps can ask to learn about an existing context, but apps can't set that context themselves.

2. Want genomic data from an external system...

(also SMART on FHIR)

Start a new OAuth authorization process to connect to external system.

Redirect the browser to:

/authorize?
  client_id=my-app&
  scopes=patient/GeneticVariant.read&
  patient=abc  <-- We currently have no way to say this!

Alternatively: assume the app doesn't know the patient's external identifier. Then we need, sigh, patient matching of some kind.

E.g. pass in a list of

  • Patient.identifier (drivers license, med rec, social security, etc...)

General solution:

API like

POST /$smart.create-launch
{
  "patient": {
    "resourceType": "Patient",
    "identifier": [{MRN, etc...}]
  }
}

Returning

{
  "launch": {"valueString": "17248172942"},
  "multiple-matches": {"valueBooelean": false},
  "no-matches": {"valueBooelean": false},
}

Then use this launch id in the normal authorization flow.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment