Hello,
Our organization is working towards developing a standalone app which authenticates with Authorize endpoint provided by FHIR server.
We followed
tutorial for starting with standalone apps and were able to get an app working using patient portal credentials. We currently authenticate against our CERT domain.
One of the requirements for us is to provide SSO ability to our users.
In this situation, expectation is that our app provides SSO. In other words it should work without asking for user credentials again because users have already authenticated for patient portal on same browser session.
This is where we got stuck. I tried to look at conversations in this group regarding SSO but I didn't find the answer I was looking for.
We follow steps mentioned in tutorial to launch our app with iss parameter. FHIR client js takes over the remaining authorization workflow.
Currently, if we try to access our app (in same browse session on another tab) after logging in to the patient portal, we get redirected to authorize end-point and Authorization Server asks for user credentials again.
On the other hand, If we launch our app first and go through authorization process then launch patient portal, patient portal is able to get required token/session information from authorize end point without having to ask for portal credentials again.
Patient Portal and our app get redirected to same Authorization Server (
https://sandboxcernerhealth.com/oauth/authenticate). So we are wondering if there is something that we are missing in our Authorization workflow or SSO is not available with Patient Portal ?
App Registration Details :
Thanks,
Harpreet