Skip to content

Instantly share code, notes, and snippets.

@jmandel jmandel/the-problem.md
Last active Aug 29, 2015

Embed
What would you like to do?
One app connecting to multiple servers

1. Launch in EHR

Got access token back:

{
  "access_token": "29141724124...",
  "patient": "123"
}

Assumption: somehow the app knows this is Patient/abc in the external system.

The problem: today, apps can ask to learn about an existing context, but apps can't set that context themselves.

2. Want genomic data from an external system...

(also SMART on FHIR)

Start a new OAuth authorization process to connect to external system.

Redirect the browser to:

/authorize?
  client_id=my-app&
  scopes=patient/GeneticVariant.read&
  patient=abc  <-- We currently have no way to say this!

Alternatively: assume the app doesn't know the patient's external identifier. Then we need, sigh, patient matching of some kind.

E.g. pass in a list of

  • Patient.identifier (drivers license, med rec, social security, etc...)

General solution:

API like

POST /$smart.create-launch
{
  "patient": {
    "resourceType": "Patient",
    "identifier": [{MRN, etc...}]
  }
}

Returning

{
  "launch": {"valueString": "17248172942"},
  "multiple-matches": {"valueBooelean": false},
  "no-matches": {"valueBooelean": false},
}

Then use this launch id in the normal authorization flow.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.