Sorry if this is a bit long, but this is complex scenario and I'm trying to be as clear as possible.
I'm testing a SMART app that will launch for the patient after they authenticate via Healthelife. I'm currently testing "proxy" workflows, so for example, the sandbox user Smart, Nancy is choosing one of the patients under their care while launching the app. For example, choosing Timmy.
What I would like an opinion on is what is the best/ideal way to get further information about the proxy Nancy at this point? Nancy will be the primary user in our application, answering questions on behalf of Timmy so we would like some basic info about them.
The access token generated will be for Timmy so using the RelatedPerson.Read endpoint could be an option. The challenge however is that the tokens do not provide a direct resource ID for the Nancy-Timmy RelatedPerson resource as far as I can tell. I could query all RelatedPerson for Timmy but that could get messy if they have many relationships.
I do notice that some basic info about the Nancy user is provided in the Id Token since they are the FHIR User. Pasted a partial example showing the Nancy data returned in that ID token.
{
...
"name":"SMART, NANCY",
"exp":1629402200,
"iat":1629401600,
}
Any suggestions appreciated!