FHIR © HL7.org  |  Server Home  |  FHIR Server FHIR Server 3.4.11  |  FHIR Version n/a  User: [n/a]

Resource CodeSystem/FHIR Server from package hl7.fhir.uv.smart-multi-server-auth#current (62 ms)

Package hl7.fhir.uv.smart-multi-server-auth
Type CodeSystem
Id Id
FHIR Version R4
Source http://hl7.org/fhir/uv/smart-multi-server-auth/https://build.fhir.org/ig/bvdh/smart-multi-auth/CodeSystem-smart-auth-information-CodeSystem.html
Url http://hl7.org/fhir/uv/smart-multi-server-auth/CodeSystem/smart-auth-information-CodeSystem
Version 0.1.0
Status draft
Date 2024-12-09T15:05:47+00:00
Name SmartAuthInformationCodeSystem
Title Codes for SMART authorization
Experimental False
Realm uv
Authority hl7
Description -
Content complete

Resources that use this resource

ValueSet
SmartCapabilities Smart Capabilities
SmartEndpointCapabilities Smart associated_endpoints capabilities
smart-grant-types Grant types supported by SMART-on-FHIR
smart-token-endpoint-auth-methods Smart Token Endpoint Auth Methods supported by SMART-on-FHIR

Resources that this resource uses

No resources found

Narrative

Note: links and images are rebased to the (stated) source

Generated Narrative: CodeSystem smart-auth-information-CodeSystem

This code system http://hl7.org/fhir/uv/smart-multi-server-auth/CodeSystem/smart-auth-information-CodeSystem defines the following codes in an undefined hierarchy:

LvlCodeDisplay
1endpoint-capabilities Endpoint Capabilities
2  smart-app-state Endpoint storing smart app state resources
1capability Capabilities of the server
2  launch-ehr support for SMART’s EHR Launch mode
2  launch-standalone support for SMART’s Standalone Launch mode
2  authorize-post support for POST-based authorization
2  client-public support for SMART’s public client profile (no client authentication)
2  client-confidential-symmetric support for SMART’s symmetric confidential client profile (“client secret” authentication). See Client Authentication Symmetric.
2  client-confidential-asymmetric support for SMART’s asymmetric confidential client profile (“JWT authentication”). See Client Authentication Asymmetric.
2  sso-openid-connect support for SMART’s OpenID Connect profile
2  context-banner support for “need patient banner” launch context (conveyed via need_patient_banner token parameter)
2  context-style support for “SMART style URL” launch context (conveyed via smart_style_url token parameter). This capability is deemed experimental. Launch Context for EHR Launch
2  context-ehr-patient support for patient-level launch context (requested by launch/patient scope, conveyed via patient token parameter)
2  context-ehr-encounter support for encounter-level launch context (requested by launch/encounter scope, conveyed via encounter token parameter) Launch Context for Standalone Launch
2  context-standalone-patient support for patient-level launch context (requested by launch/patient scope, conveyed via patient token parameter)
2  context-standalone-encounter support for encounter-level launch context (requested by launch/encounter scope, conveyed via encounter token parameter) Permissions
2  permission-offline support for “offline” refresh tokens (requested by offline_access scope)
2  permission-online support for “online” refresh tokens requested during EHR Launch (requested by online_access scope). This capability is deemed experimental, providing the input to a scope negotiation that could result in granting an online or offline refresh token (see Scopes and Launch Context).
2  permission-patient support for patient-level scopes (e.g., patient/Observation.rs)
2  permission-user support for user-level scopes (e.g., user/Appointment.rs)
2  permission-v1 support for SMARTv1 scope syntax (e.g., patient/Observation.read)
2  permission-v2 support for SMARTv2 granular scope syntax (e.g., patient/Observation.rs?category=http://terminology.hl7.org/CodeSystem/observation-category|vital-signs) App State (Experimental)
2  launch-token support for issuing launch tokens.
2  token-exchange-openid support for token exchange using an open id token
2  token-exchange-accesstoken support for token exchange using an access token
2  token-exchange-launchtoken support for token exchange using a launch token
1grant-type Lists the grant-types supported
2  authorization_code when SMART App Launch is supported
2  client_credentials Indicates upport for SMART Backend Services.
2  urn:ietf:params:oauth:grant-type:token-exchange Indicates support for token-exchange according to RFC8693
1token_endpoint_auth_methods Supported token endpoints
2  client_secret_post
2  client_secret_basic
2  private_key_jwt
1smart_associated_endpoints Smart associated_endpoints capabilities
2  token-reuse Authorization credentials can be retrieved by retrieving a access token for multiple audiences.
2  token-exchange Authorization credentials can be retrieved using token exchange.
2  smart-open-id-connect Authorization credentials can be retrieved using OpenID Connect with SMART on FHIR extensions.

Source

{
  "resourceType" : "CodeSystem",
  "id" : "smart-auth-information-CodeSystem",
  "text" : {
    "status" : "generated",
    "div" : "<div xmlns=\"http://www.w3.org/1999/xhtml\"><p class=\"res-header-id\"><b>Generated Narrative: CodeSystem smart-auth-information-CodeSystem</b></p><a name=\"smart-auth-information-CodeSystem\"> </a><a name=\"hcsmart-auth-information-CodeSystem\"> </a><a name=\"smart-auth-information-CodeSystem-en-US\"> </a><p>This  code system <code>http://hl7.org/fhir/uv/smart-multi-server-auth/CodeSystem/smart-auth-information-CodeSystem</code> defines the following codes in an undefined hierarchy:</p><table class=\"codes\"><tr><td><b>Lvl</b></td><td style=\"white-space:nowrap\"><b>Code</b></td><td><b>Display</b></td></tr><tr><td>1</td><td style=\"white-space:nowrap\">endpoint-capabilities<a name=\"smart-auth-information-CodeSystem-endpoint-capabilities\"> </a></td><td>Endpoint Capabilities</td></tr><tr><td>2</td><td style=\"white-space:nowrap\">��smart-app-state<a name=\"smart-auth-information-CodeSystem-smart-app-state\"> </a></td><td>Endpoint storing smart app state resources</td></tr><tr><td>1</td><td style=\"white-space:nowrap\">capability<a name=\"smart-auth-information-CodeSystem-capability\"> </a></td><td>Capabilities of the server</td></tr><tr><td>2</td><td style=\"white-space:nowrap\">��launch-ehr<a name=\"smart-auth-information-CodeSystem-launch-ehr\"> </a></td><td>support for SMART’s EHR Launch mode</td></tr><tr><td>2</td><td style=\"white-space:nowrap\">��launch-standalone<a name=\"smart-auth-information-CodeSystem-launch-standalone\"> </a></td><td>support for SMART’s Standalone Launch mode</td></tr><tr><td>2</td><td style=\"white-space:nowrap\">��authorize-post<a name=\"smart-auth-information-CodeSystem-authorize-post\"> </a></td><td>support for POST-based authorization</td></tr><tr><td>2</td><td style=\"white-space:nowrap\">��client-public<a name=\"smart-auth-information-CodeSystem-client-public\"> </a></td><td>support for SMART’s public client profile (no client authentication)</td></tr><tr><td>2</td><td style=\"white-space:nowrap\">��client-confidential-symmetric<a name=\"smart-auth-information-CodeSystem-client-confidential-symmetric\"> </a></td><td>support for SMART’s symmetric confidential client profile (“client secret” authentication). See Client Authentication Symmetric.</td></tr><tr><td>2</td><td style=\"white-space:nowrap\">��client-confidential-asymmetric<a name=\"smart-auth-information-CodeSystem-client-confidential-asymmetric\"> </a></td><td>support for SMART’s asymmetric confidential client profile (“JWT authentication”). See Client Authentication Asymmetric.</td></tr><tr><td>2</td><td style=\"white-space:nowrap\">��sso-openid-connect<a name=\"smart-auth-information-CodeSystem-sso-openid-connect\"> </a></td><td>support for SMART’s OpenID Connect profile</td></tr><tr><td>2</td><td style=\"white-space:nowrap\">��context-banner<a name=\"smart-auth-information-CodeSystem-context-banner\"> </a></td><td>support for “need patient banner” launch context (conveyed via need_patient_banner token parameter)</td></tr><tr><td>2</td><td style=\"white-space:nowrap\">��context-style<a name=\"smart-auth-information-CodeSystem-context-style\"> </a></td><td>support for “SMART style URL” launch context (conveyed via smart_style_url token parameter). This capability is deemed experimental. Launch Context for EHR Launch</td></tr><tr><td>2</td><td style=\"white-space:nowrap\">��context-ehr-patient<a name=\"smart-auth-information-CodeSystem-context-ehr-patient\"> </a></td><td>support for patient-level launch context (requested by launch/patient scope, conveyed via patient token parameter)</td></tr><tr><td>2</td><td style=\"white-space:nowrap\">��context-ehr-encounter<a name=\"smart-auth-information-CodeSystem-context-ehr-encounter\"> </a></td><td>support for encounter-level launch context (requested by launch/encounter scope, conveyed via encounter token parameter) Launch Context for Standalone Launch</td></tr><tr><td>2</td><td style=\"white-space:nowrap\">��context-standalone-patient<a name=\"smart-auth-information-CodeSystem-context-standalone-patient\"> </a></td><td>support for patient-level launch context (requested by launch/patient scope, conveyed via patient token parameter)</td></tr><tr><td>2</td><td style=\"white-space:nowrap\">��context-standalone-encounter<a name=\"smart-auth-information-CodeSystem-context-standalone-encounter\"> </a></td><td>support for encounter-level launch context (requested by launch/encounter scope, conveyed via encounter token parameter) Permissions</td></tr><tr><td>2</td><td style=\"white-space:nowrap\">��permission-offline<a name=\"smart-auth-information-CodeSystem-permission-offline\"> </a></td><td>support for “offline” refresh tokens (requested by offline_access scope)</td></tr><tr><td>2</td><td style=\"white-space:nowrap\">��permission-online<a name=\"smart-auth-information-CodeSystem-permission-online\"> </a></td><td>support for “online” refresh tokens requested during EHR Launch (requested by online_access scope). This capability is deemed experimental, providing the input to a scope negotiation that could result in granting an online or offline refresh token (see Scopes and Launch Context).</td></tr><tr><td>2</td><td style=\"white-space:nowrap\">��permission-patient<a name=\"smart-auth-information-CodeSystem-permission-patient\"> </a></td><td>support for patient-level scopes (e.g., patient/Observation.rs)</td></tr><tr><td>2</td><td style=\"white-space:nowrap\">��permission-user<a name=\"smart-auth-information-CodeSystem-permission-user\"> </a></td><td>support for user-level scopes (e.g., user/Appointment.rs)</td></tr><tr><td>2</td><td style=\"white-space:nowrap\">��permission-v1<a name=\"smart-auth-information-CodeSystem-permission-v1\"> </a></td><td>support for SMARTv1 scope syntax (e.g., patient/Observation.read)</td></tr><tr><td>2</td><td style=\"white-space:nowrap\">��permission-v2<a name=\"smart-auth-information-CodeSystem-permission-v2\"> </a></td><td>support for SMARTv2 granular scope syntax (e.g., patient/Observation.rs?category=http://terminology.hl7.org/CodeSystem/observation-category|vital-signs) App State (Experimental)</td></tr><tr><td>2</td><td style=\"white-space:nowrap\">��launch-token<a name=\"smart-auth-information-CodeSystem-launch-token\"> </a></td><td>support for issuing launch tokens.</td></tr><tr><td>2</td><td style=\"white-space:nowrap\">��token-exchange-openid<a name=\"smart-auth-information-CodeSystem-token-exchange-openid\"> </a></td><td>support for token exchange using an open id token</td></tr><tr><td>2</td><td style=\"white-space:nowrap\">��token-exchange-accesstoken<a name=\"smart-auth-information-CodeSystem-token-exchange-accesstoken\"> </a></td><td>support for token exchange using an access token</td></tr><tr><td>2</td><td style=\"white-space:nowrap\">��token-exchange-launchtoken<a name=\"smart-auth-information-CodeSystem-token-exchange-launchtoken\"> </a></td><td>support for token exchange using a launch token</td></tr><tr><td>1</td><td style=\"white-space:nowrap\">grant-type<a name=\"smart-auth-information-CodeSystem-grant-type\"> </a></td><td>Lists the grant-types supported</td></tr><tr><td>2</td><td style=\"white-space:nowrap\">��authorization_code<a name=\"smart-auth-information-CodeSystem-authorization_code\"> </a></td><td>when SMART App Launch is supported</td></tr><tr><td>2</td><td style=\"white-space:nowrap\">��client_credentials<a name=\"smart-auth-information-CodeSystem-client_credentials\"> </a></td><td>Indicates upport for SMART Backend Services.</td></tr><tr><td>2</td><td style=\"white-space:nowrap\">��urn:ietf:params:oauth:grant-type:token-exchange<a name=\"smart-auth-information-CodeSystem-urn.58ietf.58params.58oauth.58grant-type.58token-exchange\"> </a></td><td>Indicates support for token-exchange according to RFC8693</td></tr><tr><td>1</td><td style=\"white-space:nowrap\">token_endpoint_auth_methods<a name=\"smart-auth-information-CodeSystem-token_endpoint_auth_methods\"> </a></td><td>Supported token endpoints</td></tr><tr><td>2</td><td style=\"white-space:nowrap\">��client_secret_post<a name=\"smart-auth-information-CodeSystem-client_secret_post\"> </a></td><td/></tr><tr><td>2</td><td style=\"white-space:nowrap\">��client_secret_basic<a name=\"smart-auth-information-CodeSystem-client_secret_basic\"> </a></td><td/></tr><tr><td>2</td><td style=\"white-space:nowrap\">��private_key_jwt<a name=\"smart-auth-information-CodeSystem-private_key_jwt\"> </a></td><td/></tr><tr><td>1</td><td style=\"white-space:nowrap\">smart_associated_endpoints<a name=\"smart-auth-information-CodeSystem-smart_associated_endpoints\"> </a></td><td>Smart associated_endpoints capabilities</td></tr><tr><td>2</td><td style=\"white-space:nowrap\">��token-reuse<a name=\"smart-auth-information-CodeSystem-token-reuse\"> </a></td><td>Authorization credentials can be retrieved by retrieving a access token for multiple audiences.</td></tr><tr><td>2</td><td style=\"white-space:nowrap\">��token-exchange<a name=\"smart-auth-information-CodeSystem-token-exchange\"> </a></td><td>Authorization credentials can be retrieved using token exchange.</td></tr><tr><td>2</td><td style=\"white-space:nowrap\">��smart-open-id-connect<a name=\"smart-auth-information-CodeSystem-smart-open-id-connect\"> </a></td><td>Authorization credentials can be retrieved using OpenID Connect with SMART on FHIR extensions.</td></tr></table></div>"
  },
  "url" : "http://hl7.org/fhir/uv/smart-multi-server-auth/CodeSystem/smart-auth-information-CodeSystem",
  "version" : "0.1.0",
  "name" : "SmartAuthInformationCodeSystem",
  "title" : "Codes for SMART authorization",
  "status" : "draft",
  "date" : "2024-12-09T15:05:47+00:00",
  "publisher" : "HL7",
  "contact" : [
    {
      "name" : "HL7",
      "telecom" : [
        {
          "system" : "url",
          "value" : "http://www.hl7.org/Special/committees/fhiri"
        }
      ]
    },
    {
      "name" : "HL7 International / FHIR infrastructure",
      "telecom" : [
        {
          "system" : "url",
          "value" : "http://www.hl7.org/Special/committees/fiwg/index.cfm"
        }
      ]
    },
    {
      "name" : "Bas van den Heuvel",
      "telecom" : [
        {
          "system" : "email",
          "value" : "bas.van.den.heuvel@philips.com",
          "use" : "work"
        }
      ]
    }
  ],
  "description" : "-",
  "content" : "complete",
  "count" : 38,
  "concept" : [
    {
      "code" : "endpoint-capabilities",
      "display" : "Endpoint Capabilities",
      "concept" : [
        {
          "code" : "smart-app-state",
          "display" : "Endpoint storing smart app state resources"
        }
      ]
    },
    {
      "code" : "capability",
      "display" : "Capabilities of the server",
      "concept" : [
        {
          "code" : "launch-ehr",
          "display" : "support for SMART’s EHR Launch mode"
        },
        {
          "code" : "launch-standalone",
          "display" : "support for SMART’s Standalone Launch mode"
        },
        {
          "code" : "authorize-post",
          "display" : "support for POST-based authorization"
        },
        {
          "code" : "client-public",
          "display" : "support for SMART’s public client profile (no client authentication)"
        },
        {
          "code" : "client-confidential-symmetric",
          "display" : "support for SMART’s symmetric confidential client profile (“client secret” authentication). See Client Authentication Symmetric."
        },
        {
          "code" : "client-confidential-asymmetric",
          "display" : "support for SMART’s asymmetric confidential client profile (“JWT authentication”). See Client Authentication Asymmetric."
        },
        {
          "code" : "sso-openid-connect",
          "display" : "support for SMART’s OpenID Connect profile"
        },
        {
          "code" : "context-banner",
          "display" : "support for “need patient banner” launch context (conveyed via need_patient_banner token parameter)"
        },
        {
          "code" : "context-style",
          "display" : "support for “SMART style URL” launch context (conveyed via smart_style_url token parameter). This capability is deemed experimental. Launch Context for EHR Launch"
        },
        {
          "code" : "context-ehr-patient",
          "display" : "support for patient-level launch context (requested by launch/patient scope, conveyed via patient token parameter)"
        },
        {
          "code" : "context-ehr-encounter",
          "display" : "support for encounter-level launch context (requested by launch/encounter scope, conveyed via encounter token parameter) Launch Context for Standalone Launch"
        },
        {
          "code" : "context-standalone-patient",
          "display" : "support for patient-level launch context (requested by launch/patient scope, conveyed via patient token parameter)"
        },
        {
          "code" : "context-standalone-encounter",
          "display" : "support for encounter-level launch context (requested by launch/encounter scope, conveyed via encounter token parameter) Permissions"
        },
        {
          "code" : "permission-offline",
          "display" : "support for “offline” refresh tokens (requested by offline_access scope)"
        },
        {
          "code" : "permission-online",
          "display" : "support for “online” refresh tokens requested during EHR Launch (requested by online_access scope). This capability is deemed experimental, providing the input to a scope negotiation that could result in granting an online or offline refresh token (see Scopes and Launch Context)."
        },
        {
          "code" : "permission-patient",
          "display" : "support for patient-level scopes (e.g., patient/Observation.rs)"
        },
        {
          "code" : "permission-user",
          "display" : "support for user-level scopes (e.g., user/Appointment.rs)"
        },
        {
          "code" : "permission-v1",
          "display" : "support for SMARTv1 scope syntax (e.g., patient/Observation.read)"
        },
        {
          "code" : "permission-v2",
          "display" : "support for SMARTv2 granular scope syntax (e.g., patient/Observation.rs?category=http://terminology.hl7.org/CodeSystem/observation-category|vital-signs) App State (Experimental)"
        },
        {
          "code" : "launch-token",
          "display" : "support for issuing launch tokens."
        },
        {
          "code" : "token-exchange-openid",
          "display" : "support for token exchange using an open id token"
        },
        {
          "code" : "token-exchange-accesstoken",
          "display" : "support for token exchange using an access token"
        },
        {
          "code" : "token-exchange-launchtoken",
          "display" : "support for token exchange using a launch token"
        }
      ]
    },
    {
      "code" : "grant-type",
      "display" : "Lists the grant-types supported",
      "concept" : [
        {
          "code" : "authorization_code",
          "display" : "when SMART App Launch is supported"
        },
        {
          "code" : "client_credentials",
          "display" : "Indicates upport for SMART Backend Services."
        },
        {
          "code" : "urn:ietf:params:oauth:grant-type:token-exchange",
          "display" : "Indicates support for token-exchange according to RFC8693"
        }
      ]
    },
    {
      "code" : "token_endpoint_auth_methods",
      "display" : "Supported token endpoints",
      "concept" : [
        {
          "code" : "client_secret_post"
        },
        {
          "code" : "client_secret_basic"
        },
        {
          "code" : "private_key_jwt"
        }
      ]
    },
    {
      "code" : "smart_associated_endpoints",
      "display" : "Smart associated_endpoints capabilities",
      "concept" : [
        {
          "code" : "token-reuse",
          "display" : "Authorization credentials can be retrieved by retrieving a access token for multiple audiences."
        },
        {
          "code" : "token-exchange",
          "display" : "Authorization credentials can be retrieved using token exchange."
        },
        {
          "code" : "smart-open-id-connect",
          "display" : "Authorization credentials can be retrieved using OpenID Connect with SMART on FHIR extensions."
        }
      ]
    }
  ]
}

XIG built as of ??metadata-date??. Found ??metadata-resources?? resources in ??metadata-packages?? packages.