SMART App Launch
1.1.0 - ballot

This page is part of the Smart App Launch Implementation Guide (v1.1.0: STU 2 Ballot 1) based on FHIR R4. The current version which supercedes this version is 2.0.0. For a full list of available versions, see the Directory of published versions

Extension: SMART on FHIR Oauth URIs

Declares support for automated dicovery of OAuth2 endpoints, if a server supports SMART on FHIR authorization for access. Any time a client sees this extension, it must be prepared to authorize using SMART’s OAuth2-based protocol.

The official URL for this extension is:

http://fhir-registry.smarthealthit.org/StructureDefinition/oauth-uris

Status: active
Extension maintained by: HL7 International - FHIR Infrastructure WG

Context of Use

This extension may be used on the following element(s):

  • CapabilityStatement.rest.security

Usage info

Usage:

  • This Extension is not used in this Implementation Guide

Formal Views of Extension Content

Description of Profiles, Differentials, Snapshots, and how the XML and JSON presentations work.

This structure is derived from Extension

Summary

Mandatory: 2 elements
Must-Support: 6 elements
Fixed Value: 7 elements
Prohibited: 7 elements

This structure is derived from Extension

NameFlagsCard.TypeDescription & Constraintsdoco
.. Extension 0..*ExtensionSMART on FHIR Oauth URIs
... extension 1..*ExtensionExtension
... extension:authorize S1..1ExtensionURL indicating the OAuth2 "authorize" endpoint for this FHIR server.
.... extension 0..0
.... url 1..1uri"authorize"
.... value[x] 0..1uriValue of extension
... extension:token S0..1ExtensionURL indicating the OAuth2 "token" endpoint for this FHIR server. Required unless the implicit grant flow is used.
.... extension 0..0
.... url 1..1uri"token"
.... value[x] 0..1uriValue of extension
.... extension 0..0
.... url 1..1uri"register"
.... value[x] 0..1uriValue of extension
... extension:manage S0..1ExtensionURL where an end-user can view which applications have access to data and make adjustments to these access rights.
.... extension 0..0
.... url 1..1uri"manage"
.... value[x] 0..1uriValue of extension
... extension:introspect S0..1ExtensionURL indicating the introspection endpoint that can be used to validate a token.
.... extension 0..0
.... url 1..1uri"introspect"
.... value[x] 0..1uriValue of extension
... extension:revoke S0..1ExtensionURL indicating the endpoint that can be used to revoke a token.
.... extension 0..0
.... url 1..1uri"revoke"
.... value[x] 0..1uriValue of extension
... url 1..1uri"http://fhir-registry.smarthealthit.org/StructureDefinition/oauth-uris"
... value[x] 0..0

doco Documentation for this format
NameFlagsCard.TypeDescription & Constraintsdoco
.. Extension 0..*ExtensionSMART on FHIR Oauth URIs
... id 0..1stringUnique id for inter-element referencing
... extension 1..*ExtensionExtension
Slice: Unordered, Open by value:url
... extension:authorize S1..1ExtensionURL indicating the OAuth2 "authorize" endpoint for this FHIR server.
.... id 0..1stringUnique id for inter-element referencing
.... extension 0..0
.... url 1..1uri"authorize"
.... value[x] 0..1uriValue of extension
.... id 0..1stringUnique id for inter-element referencing
.... extension 0..0
.... url 1..1uri"token"
.... value[x] 0..1uriValue of extension
... extension:register S0..1ExtensionURL indicating the OAuth2 dynamic registration endpoint for this FHIR server, if supported.
.... id 0..1stringUnique id for inter-element referencing
.... extension 0..0
.... url 1..1uri"register"
.... value[x] 0..1uriValue of extension
... extension:manage S0..1ExtensionURL where an end-user can view which applications have access to data and make adjustments to these access rights.
.... id 0..1stringUnique id for inter-element referencing
.... extension 0..0
.... url 1..1uri"manage"
.... value[x] 0..1uriValue of extension
... extension:introspect S0..1ExtensionURL indicating the introspection endpoint that can be used to validate a token.
.... id 0..1stringUnique id for inter-element referencing
.... extension 0..0
.... url 1..1uri"introspect"
.... value[x] 0..1uriValue of extension
... extension:revoke S0..1ExtensionURL indicating the endpoint that can be used to revoke a token.
.... id 0..1stringUnique id for inter-element referencing
.... extension 0..0
.... url 1..1uri"revoke"
.... value[x] 0..1uriValue of extension
... url 1..1uri"http://fhir-registry.smarthealthit.org/StructureDefinition/oauth-uris"

doco Documentation for this format

This structure is derived from Extension

Summary

Mandatory: 2 elements
Must-Support: 6 elements
Fixed Value: 7 elements
Prohibited: 7 elements

Differential View

This structure is derived from Extension

NameFlagsCard.TypeDescription & Constraintsdoco
.. Extension 0..*ExtensionSMART on FHIR Oauth URIs
... extension 1..*ExtensionExtension
... extension:authorize S1..1ExtensionURL indicating the OAuth2 "authorize" endpoint for this FHIR server.
.... extension 0..0
.... url 1..1uri"authorize"
.... value[x] 0..1uriValue of extension
... extension:token S0..1ExtensionURL indicating the OAuth2 "token" endpoint for this FHIR server. Required unless the implicit grant flow is used.
.... extension 0..0
.... url 1..1uri"token"
.... value[x] 0..1uriValue of extension
.... extension 0..0
.... url 1..1uri"register"
.... value[x] 0..1uriValue of extension
... extension:manage S0..1ExtensionURL where an end-user can view which applications have access to data and make adjustments to these access rights.
.... extension 0..0
.... url 1..1uri"manage"
.... value[x] 0..1uriValue of extension
... extension:introspect S0..1ExtensionURL indicating the introspection endpoint that can be used to validate a token.
.... extension 0..0
.... url 1..1uri"introspect"
.... value[x] 0..1uriValue of extension
... extension:revoke S0..1ExtensionURL indicating the endpoint that can be used to revoke a token.
.... extension 0..0
.... url 1..1uri"revoke"
.... value[x] 0..1uriValue of extension
... url 1..1uri"http://fhir-registry.smarthealthit.org/StructureDefinition/oauth-uris"
... value[x] 0..0

doco Documentation for this format

Snapshot View

NameFlagsCard.TypeDescription & Constraintsdoco
.. Extension 0..*ExtensionSMART on FHIR Oauth URIs
... id 0..1stringUnique id for inter-element referencing
... extension 1..*ExtensionExtension
Slice: Unordered, Open by value:url
... extension:authorize S1..1ExtensionURL indicating the OAuth2 "authorize" endpoint for this FHIR server.
.... id 0..1stringUnique id for inter-element referencing
.... extension 0..0
.... url 1..1uri"authorize"
.... value[x] 0..1uriValue of extension
.... id 0..1stringUnique id for inter-element referencing
.... extension 0..0
.... url 1..1uri"token"
.... value[x] 0..1uriValue of extension
... extension:register S0..1ExtensionURL indicating the OAuth2 dynamic registration endpoint for this FHIR server, if supported.
.... id 0..1stringUnique id for inter-element referencing
.... extension 0..0
.... url 1..1uri"register"
.... value[x] 0..1uriValue of extension
... extension:manage S0..1ExtensionURL where an end-user can view which applications have access to data and make adjustments to these access rights.
.... id 0..1stringUnique id for inter-element referencing
.... extension 0..0
.... url 1..1uri"manage"
.... value[x] 0..1uriValue of extension
... extension:introspect S0..1ExtensionURL indicating the introspection endpoint that can be used to validate a token.
.... id 0..1stringUnique id for inter-element referencing
.... extension 0..0
.... url 1..1uri"introspect"
.... value[x] 0..1uriValue of extension
... extension:revoke S0..1ExtensionURL indicating the endpoint that can be used to revoke a token.
.... id 0..1stringUnique id for inter-element referencing
.... extension 0..0
.... url 1..1uri"revoke"
.... value[x] 0..1uriValue of extension
... url 1..1uri"http://fhir-registry.smarthealthit.org/StructureDefinition/oauth-uris"

doco Documentation for this format

 

Other representations of extension: Schematron

Constraints

IdPathDetailsRequirements
ele-1ExtensionAll FHIR elements must have a @value or children
: hasValue() or (children().count() > id.count())
ext-1ExtensionMust have either extensions or value[x], not both
: extension.exists() != value.exists()
ele-1Extension.extensionAll FHIR elements must have a @value or children
: hasValue() or (children().count() > id.count())
ext-1Extension.extensionMust have either extensions or value[x], not both
: extension.exists() != value.exists()
ele-1Extension.extension:authorizeAll FHIR elements must have a @value or children
: hasValue() or (children().count() > id.count())
ext-1Extension.extension:authorizeMust have either extensions or value[x], not both
: extension.exists() != value.exists()
ele-1Extension.extension:authorize.value[x]All FHIR elements must have a @value or children
: hasValue() or (children().count() > id.count())
ele-1Extension.extension:tokenAll FHIR elements must have a @value or children
: hasValue() or (children().count() > id.count())
ext-1Extension.extension:tokenMust have either extensions or value[x], not both
: extension.exists() != value.exists()
ele-1Extension.extension:token.value[x]All FHIR elements must have a @value or children
: hasValue() or (children().count() > id.count())
ele-1Extension.extension:registerAll FHIR elements must have a @value or children
: hasValue() or (children().count() > id.count())
ext-1Extension.extension:registerMust have either extensions or value[x], not both
: extension.exists() != value.exists()
ele-1Extension.extension:register.value[x]All FHIR elements must have a @value or children
: hasValue() or (children().count() > id.count())
ele-1Extension.extension:manageAll FHIR elements must have a @value or children
: hasValue() or (children().count() > id.count())
ext-1Extension.extension:manageMust have either extensions or value[x], not both
: extension.exists() != value.exists()
ele-1Extension.extension:manage.value[x]All FHIR elements must have a @value or children
: hasValue() or (children().count() > id.count())
ele-1Extension.extension:introspectAll FHIR elements must have a @value or children
: hasValue() or (children().count() > id.count())
ext-1Extension.extension:introspectMust have either extensions or value[x], not both
: extension.exists() != value.exists()
ele-1Extension.extension:introspect.value[x]All FHIR elements must have a @value or children
: hasValue() or (children().count() > id.count())
ele-1Extension.extension:revokeAll FHIR elements must have a @value or children
: hasValue() or (children().count() > id.count())
ext-1Extension.extension:revokeMust have either extensions or value[x], not both
: extension.exists() != value.exists()
ele-1Extension.extension:revoke.value[x]All FHIR elements must have a @value or children
: hasValue() or (children().count() > id.count())