SMART Application Launch Framework Implementation Guide Release 1.0.0
This page is part of the Smart App Launch Implementation Guide (v1.0.0: STU 1) based on FHIR R3. The current version which supercedes this version is 2.0.0. For a full list of available versions, see the Directory of published versions 
Declares support for automated dicovery of OAuth2 endpoints If a server requires SMART on FHIR authorization for access. Any time a client sees this extension, it must be prepared to authorize using SMART’s OAuth2-based protocol.
Context of Use CapabilityStatement.rest.security
Description of Profiles, Differentials, and Snapshots.
The official URL for this profile is: http://fhir-registry.smarthealthit.org/StructureDefinition/oauth-uris
Published on Thu Jul 05 17:00:00 AEST 2018 as active by Boston's Children Hospital and Hl7 International.
This profile builds on Extension
| Name | Flags | Card. | Type | Description & Constraints |
|---|---|---|---|---|
  Extension | 0..1 | Support for dicovery of OAuth2 endpoints | ||
  extension | 1..1 | Extension | URL indicating the OAuth2 "authorize" endpoint for this FHIR server. | |
  url | "authorize" | |||
  valueUri | uri | |||
| extension | 0..1 | Extension | URL indicating the OAuth2 "token" endpoint for this FHIR server. Required unless the implicit grant flow is used. | |
| url | "token" | |||
| valueUri | uri | |||
| extension | 0..1 | Extension | URL indicating the OAuth2 dynamic registration endpoint for this FHIR server, if supported. | |
| url | "register" | |||
| valueUri | uri | |||
| extension | 0..1 | Extension | URL where an end-user can view which applications have access to data and make adjustments to these access rights. | |
| url | "manage" | |||
| valueUri | uri | |||
| extension | 0..1 | Extension | URL indicating the introspection endpoint that can be used to validate a token. | |
| url | "introspect" | |||
| valueUri | uri | |||
| extension | 0..1 | Extension | URL indicating the endpoint that can be used to revoke a token. | |
| url | "revoke" | |||
| valueUri | uri | |||
| url | "http://fhir-registry.smarthealthit.org/StructureDefinition/oauth-uris" | |||
 value[x] | ..0 | |||
| Documentation for this format | ||||
| Name | Flags | Card. | Type | Description & Constraints |
|---|---|---|---|---|
| Extension | I | 0..1 | Support for dicovery of OAuth2 endpoints | |
| id | 0..1 | string | xml:id (or equivalent in JSON) | |
| extension | 0..* | Extension | Additional Content defined by implementations Slice: Unordered, Open by value:url | |
| extension | 1..1 | Extension | URL indicating the OAuth2 "authorize" endpoint for this FHIR server. | |
| id | 0..1 | string | xml:id (or equivalent in JSON) | |
| extension | 0..* | Extension | Additional Content defined by implementations Slice: Unordered, Open by value:url | |
| url | 1..1 | uri | "authorize" | |
| valueUri | 0..1 | uri | Value of extension | |
| extension | 0..1 | Extension | URL indicating the OAuth2 "token" endpoint for this FHIR server. Required unless the implicit grant flow is used. | |
| id | 0..1 | string | xml:id (or equivalent in JSON) | |
| extension | 0..* | Extension | Additional Content defined by implementations Slice: Unordered, Open by value:url | |
| url | 1..1 | uri | "token" | |
| valueUri | 0..1 | uri | Value of extension | |
| extension | 0..1 | Extension | URL indicating the OAuth2 dynamic registration endpoint for this FHIR server, if supported. | |
| id | 0..1 | string | xml:id (or equivalent in JSON) | |
| extension | 0..* | Extension | Additional Content defined by implementations Slice: Unordered, Open by value:url | |
| url | 1..1 | uri | "register" | |
| valueUri | 0..1 | uri | Value of extension | |
| extension | 0..1 | Extension | URL where an end-user can view which applications have access to data and make adjustments to these access rights. | |
| id | 0..1 | string | xml:id (or equivalent in JSON) | |
| extension | 0..* | Extension | Additional Content defined by implementations Slice: Unordered, Open by value:url | |
| url | 1..1 | uri | "manage" | |
| valueUri | 0..1 | uri | Value of extension | |
| extension | 0..1 | Extension | URL indicating the introspection endpoint that can be used to validate a token. | |
| id | 0..1 | string | xml:id (or equivalent in JSON) | |
| extension | 0..* | Extension | Additional Content defined by implementations Slice: Unordered, Open by value:url | |
| url | 1..1 | uri | "introspect" | |
| valueUri | 0..1 | uri | Value of extension | |
| extension | 0..1 | Extension | URL indicating the endpoint that can be used to revoke a token. | |
| id | 0..1 | string | xml:id (or equivalent in JSON) | |
| extension | 0..* | Extension | Additional Content defined by implementations Slice: Unordered, Open by value:url | |
| url | 1..1 | uri | "revoke" | |
| valueUri | 0..1 | uri | Value of extension | |
| url | 1..1 | uri | "http://fhir-registry.smarthealthit.org/StructureDefinition/oauth-uris" | |
| Documentation for this format | ||||
// Oauth URIs
{
"id" : "<string>", // xml:id (or equivalent in JSON)
"extension": [
{ // R! Only One! URL indicating the OAuth2 "authorize" endpoint for this FHIR server.
"url": "null",
"valueUri" : "<uri>" // Value of extension
},
{ // Only One! URL indicating the OAuth2 "token" endpoint for this FHIR server. Required unless the implicit grant flow is used.
"url": "null",
"valueUri" : "<uri>" // Value of extension
},
{ // Only One! URL indicating the OAuth2 dynamic registration endpoint for this FHIR server, if supported.
"url": "null",
"valueUri" : "<uri>" // Value of extension
},
{ // Only One! URL where an end-user can view which applications have access to data and make adjustments to these access rights.
"url": "null",
"valueUri" : "<uri>" // Value of extension
},
{ // Only One! URL indicating the introspection endpoint that can be used to validate a token.
"url": "null",
"valueUri" : "<uri>" // Value of extension
},
{ // Only One! URL indicating the endpoint that can be used to revoke a token.
"url": "null",
"valueUri" : "<uri>" // Value of extension
}
],
"url" : "http://fhir-registry.smarthealthit.org/StructureDefinition/oauth-uris", // R!
}
Differential View
| Name | Flags | Card. | Type | Description & Constraints |
|---|---|---|---|---|
| Extension | 0..1 | Support for dicovery of OAuth2 endpoints | ||
| extension | 1..1 | Extension | URL indicating the OAuth2 "authorize" endpoint for this FHIR server. | |
| url | "authorize" | |||
| valueUri | uri | |||
| extension | 0..1 | Extension | URL indicating the OAuth2 "token" endpoint for this FHIR server. Required unless the implicit grant flow is used. | |
| url | "token" | |||
| valueUri | uri | |||
| extension | 0..1 | Extension | URL indicating the OAuth2 dynamic registration endpoint for this FHIR server, if supported. | |
| url | "register" | |||
| valueUri | uri | |||
| extension | 0..1 | Extension | URL where an end-user can view which applications have access to data and make adjustments to these access rights. | |
| url | "manage" | |||
| valueUri | uri | |||
| extension | 0..1 | Extension | URL indicating the introspection endpoint that can be used to validate a token. | |
| url | "introspect" | |||
| valueUri | uri | |||
| extension | 0..1 | Extension | URL indicating the endpoint that can be used to revoke a token. | |
| url | "revoke" | |||
| valueUri | uri | |||
| url | "http://fhir-registry.smarthealthit.org/StructureDefinition/oauth-uris" | |||
| value[x] | ..0 | |||
| Documentation for this format | ||||
Snapshot View
| Name | Flags | Card. | Type | Description & Constraints |
|---|---|---|---|---|
| Extension | I | 0..1 | Support for dicovery of OAuth2 endpoints | |
| id | 0..1 | string | xml:id (or equivalent in JSON) | |
| extension | 0..* | Extension | Additional Content defined by implementations Slice: Unordered, Open by value:url | |
| extension | 1..1 | Extension | URL indicating the OAuth2 "authorize" endpoint for this FHIR server. | |
| id | 0..1 | string | xml:id (or equivalent in JSON) | |
| extension | 0..* | Extension | Additional Content defined by implementations Slice: Unordered, Open by value:url | |
| url | 1..1 | uri | "authorize" | |
| valueUri | 0..1 | uri | Value of extension | |
| extension | 0..1 | Extension | URL indicating the OAuth2 "token" endpoint for this FHIR server. Required unless the implicit grant flow is used. | |
| id | 0..1 | string | xml:id (or equivalent in JSON) | |
| extension | 0..* | Extension | Additional Content defined by implementations Slice: Unordered, Open by value:url | |
| url | 1..1 | uri | "token" | |
| valueUri | 0..1 | uri | Value of extension | |
| extension | 0..1 | Extension | URL indicating the OAuth2 dynamic registration endpoint for this FHIR server, if supported. | |
| id | 0..1 | string | xml:id (or equivalent in JSON) | |
| extension | 0..* | Extension | Additional Content defined by implementations Slice: Unordered, Open by value:url | |
| url | 1..1 | uri | "register" | |
| valueUri | 0..1 | uri | Value of extension | |
| extension | 0..1 | Extension | URL where an end-user can view which applications have access to data and make adjustments to these access rights. | |
| id | 0..1 | string | xml:id (or equivalent in JSON) | |
| extension | 0..* | Extension | Additional Content defined by implementations Slice: Unordered, Open by value:url | |
| url | 1..1 | uri | "manage" | |
| valueUri | 0..1 | uri | Value of extension | |
| extension | 0..1 | Extension | URL indicating the introspection endpoint that can be used to validate a token. | |
| id | 0..1 | string | xml:id (or equivalent in JSON) | |
| extension | 0..* | Extension | Additional Content defined by implementations Slice: Unordered, Open by value:url | |
| url | 1..1 | uri | "introspect" | |
| valueUri | 0..1 | uri | Value of extension | |
| extension | 0..1 | Extension | URL indicating the endpoint that can be used to revoke a token. | |
| id | 0..1 | string | xml:id (or equivalent in JSON) | |
| extension | 0..* | Extension | Additional Content defined by implementations Slice: Unordered, Open by value:url | |
| url | 1..1 | uri | "revoke" | |
| valueUri | 0..1 | uri | Value of extension | |
| url | 1..1 | uri | "http://fhir-registry.smarthealthit.org/StructureDefinition/oauth-uris" | |
| Documentation for this format | ||||
JSON Template
// Oauth URIs
{
"id" : "<string>", // xml:id (or equivalent in JSON)
"extension": [
{ // R! Only One! URL indicating the OAuth2 "authorize" endpoint for this FHIR server.
"url": "null",
"valueUri" : "<uri>" // Value of extension
},
{ // Only One! URL indicating the OAuth2 "token" endpoint for this FHIR server. Required unless the implicit grant flow is used.
"url": "null",
"valueUri" : "<uri>" // Value of extension
},
{ // Only One! URL indicating the OAuth2 dynamic registration endpoint for this FHIR server, if supported.
"url": "null",
"valueUri" : "<uri>" // Value of extension
},
{ // Only One! URL where an end-user can view which applications have access to data and make adjustments to these access rights.
"url": "null",
"valueUri" : "<uri>" // Value of extension
},
{ // Only One! URL indicating the introspection endpoint that can be used to validate a token.
"url": "null",
"valueUri" : "<uri>" // Value of extension
},
{ // Only One! URL indicating the endpoint that can be used to revoke a token.
"url": "null",
"valueUri" : "<uri>" // Value of extension
}
],
"url" : "http://fhir-registry.smarthealthit.org/StructureDefinition/oauth-uris", // R!
}
Downloads: StructureDefinition: (XML, JSON), Schema: XML Schematron