SMART on FHIR

SMART Defines Two Patterns For Client Authorization

Authorization via SMART App Launch

Authorizes a user-facing client application (“App”) to connect to a FHIR Server. This pattern allows for “launch context” such as currently selected patient to be shared with the app, based on a user’s session inside an EHR or other health data software, or based on a user’s selection at launch time. Authorization allows for delegation of a user’s permissions to the app itself.

Launch App: Standalone Launch

In SMART’s standalone launch flow, a user selects an app from outside the EHR,

Launch App: EHR Launch

In SMART’s EHR launch flow, a user has established an EHR session, and then decides to launch an app. This could be a single-patient app (which runs in the context of a patient record), or a user-level app (like an appointment manager or a population dashboard).

The top-level steps for Smart App Launch are:

Register App with EHR (one-time step, can be out-of-band)
Launch App: Standalone Launch or EHR Launch
Retrieve .well-known/smart-configuration
Obtain authorization code
Obtain access token
Access FHIR API
Refresh access token

Check SMART App launch tutorial to launch Smart App locally

For Inferno compliance test check Aidbox sample

Authorization via SMART Backend Services

Authorizes a headless or automated client application (“Backend Service”) to connect to a FHIR Server. This pattern allows for backend services to connect and interact with an EHR when there is no user directly involved in the launch process.

Last updated 1 year ago

Was this helpful?