Proxy or RelatedPerson access for SMART patient launch

[Andrew Hosokawa]

Hi,

Sorry if this is a bit long, but this is complex scenario and I'm trying to be as clear as possible.

I'm testing a SMART app that will launch for the patient after they authenticate via Healthelife. I'm currently testing "proxy" workflows, so for example, the sandbox user Smart, Nancy is choosing one of the patients under their care while launching the app. For example, choosing Timmy.

What I would like an opinion on is what is the best/ideal way to get further information about the proxy Nancy at this point? Nancy will be the primary user in our application, answering questions on behalf of Timmy so we would like some basic info about them.

The access token generated will be for Timmy so using the RelatedPerson.Read endpoint could be an option. The challenge however is that the tokens do not provide a direct resource ID for the Nancy-Timmy RelatedPerson resource as far as I can tell. I could query all RelatedPerson for Timmy but that could get messy if they have many relationships.

I do notice that some basic info about the Nancy user is provided in the Id Token since they are the FHIR User. Pasted a partial example showing the Nancy data returned in that ID token.

{

   ...

   "name":"SMART, NANCY",

   "exp":1629402200,

   "iat":1629401600,

   "fhirUser":"https://fhir-myrecord.cerner.com/r4/ec2458f2-1e24-41c8-b71b-0e701af7583d/Patient/12724066",

   "email":"he...@a.com"

}

Any suggestions appreciated!

[Andrew Hosokawa]

Wondering if anyone from Cerner could weigh in on options here or if my question is clear enough. Another EMR I have worked with does something like include the relevant resource ID of the RelatedPerson resource for the specific proxy/patient in the ID Token under the "sub" property.

[Fenil Desani (Cerner)]

Hello,

You can use idToken to find more information for the FHIRUser logged in.

Thanks,

Fenil

[Andrew Hosokawa]

Fenil, can you specify all the portions of the idToken that can be used in this scenario and how they're expected to be used? I did find the idToken info as mentioned in my first post but it seems limited. I noticed the following elements of "name", "email", and "fhirUser" however they mostly seem either inaccessible or problematic to use.

- Name: is a full name string. We could attempt to parse this but that's very risky since multi-part names exist and I also noticed in the sandbox that the middle initial is also sometimes included. Also not sure if this format differs between Cerner customers.

- fhirUser: This a direct link to the user's patient resource. Unfortunately this isn't that useful in the context of a proxy workflow since the launch access token will be for the actual patient. For example a child of Nancy's like Timmy or Baby Boy etc. The Nancy patient resource won't be accessible (see my first post for details on how we're launching). If there's someway to modify the launch to have access to Nancy as well, please let me know. Also is this guaranteed to be a patient resource link?

- email: No issues here this one is definitely useful right away, but is there any logic we should know about how this populated for patients with multiple emails on record?

Is there anything else in the idToken that would be useful that I'm missing? I noticed that there is a "sub" item as well but I wasn't quite sure what it represented in this case. If those three elements are the only three we get then how do we safely use the "name" element and how do we even access the "fhirUser" one?

partial example of an idToken:

{

   ...

   "name":"SMART, NANCY",

   "exp":1629402200,

   "iat":1629401600,

   "fhirUser":"https://fhir-myrecord.cerner.com/r4/ec2458f2-1e24-41c8-b71b-0e701af7583d/Patient/12724066",

   "email":"he...@a.com"

}

Thanks!