OAuth2 Module - EHR Launch Flow
What is SMART's EHR launch sequence :
EHR launch sequence
In SMART’s EHR launch flow (shown above), a user has established an EHR session, and then decides to launch an app. This could be a single-patient app (which runs in the context of a patient record), or a user-level app (like an appointment manager or a population dashboard). The EHR initiates a “launch sequence” by opening a new browser instance (or iframe) pointing to the app’s registered launch URL and passing some context.
The following parameters are included:
| Parameters | ||
|---|---|---|
iss | required | Identifies the EHR's FHIR endpoint, which the app can use to obtain additional details about the EHR, including its authorization URL. |
launch | required | Opaque identifier for this specific launch, and any EHR context associated with it. This parameter must be communicated back to the EHR at authorization time by passing along a launch=123parameter (see below). |
For example
A launch might cause the browser to redirect to:
Location: https://app/launch?iss=https%3A%2F%2Fehr%2Ffhir&launch=xyz123
On receiving the launch notification, the app would query the issuer’s /metadata endpoint:
GET https://ehr/fhir/metadata
Accept: application/json
The metadata response contains (among other details) the EHR’s conformance statement identifying the OAuth authorize and token endpoint URLs for use in requesting authorization to access FHIR resources.
Later, when the app prepares a list of access scopes to request from the EHR authorization server, it will bind to the existing EHR context by including the launch notification in the scope.
Documentation / How-To :
In order to see EHR launch flow in action, user must first register SMART clients. See this.
Once SMART application is registered, user have two options to see the list of registered SMART applications and run them. They are :
- The SMART OWA.
- On the Administration Page, under OAuth Module title.
Screenshots
The Option for Running registered SMART apps on the Administration page under OAuth2 Module title:
List of registered SMART Applications on LegacyUI on Administration page under OAuth2 Module title :
