SMART on FHIR

SMART Defines Two Patterns For Client Authorization

Authorizes a user-facing client application (“App”) to connect to a FHIR Server. This pattern allows for “launch context” such as currently selected patient to be shared with the app, based on a user’s session inside an EHR or other health data software, or based on a user’s selection at launch time. Authorization allows for delegation of a user’s permissions to the app itself.

Launch App: Standalone Launch

In SMART’s standalone launch flow, a user selects an app from outside the EHR,

Launch App: EHR Launch

In SMART’s EHR launch flow, a user has established an EHR session, and then decides to launch an app. This could be a single-patient app (which runs in the context of a patient record), or a user-level app (like an appointment manager or a population dashboard).

The top-level steps for Smart App Launch are:

(one-time step, can be out-of-band)
Launch App: or

Authorizes a headless or automated client application (“Backend Service”) to connect to a FHIR Server. This pattern allows for backend services to connect and interact with an EHR when there is no user directly involved in the launch process.

Last updated 1 year ago

Was this helpful?