System Apps

[Gerald Lewis]

Hi Cerner team,

I saw this note in the documentation (emphasis mine):

Each resource interaction documents the type of authentication acceptable (patient, provider, and/or system). While an interaction may list system authentication, this is currently available only in sandbox for beta testing and is not available in production yet.

I read that to mean that Cerner does not yet support System apps -- is that correct?

Thanks,

Gerald

[Yegor Hanov (Cerner)]

Hi, Gerald!

Thank you for the question.  As it happens our website documentation on this topic is a bit outdated.  We have rolled out support for system access to production, but it is available only to members of our developer program.  Apps requiring system access undergo additional scrutiny to ensure that system access is appropriate for the particular use case and additional concerns (eg audit logging, etc) are appropriately covered by the developer.

Thanks,

-Yegor (Cerner) 

[Yong Wu]

Hi Yegor,

I have a followup question on this. If the app is patient-facing and only uses MU3 defined resources, which does not require joining the developer program, it will not be able to use system account. Is that correct? 

If that's case, how do you support ONC upcoming regulation for refresh token, which will need client secret? Based on the previous conversation, system account is the only way to do that. 

Thanks,

Yong

--
You received this message because you are subscribed to the Google Groups "Cerner FHIR Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cerner-fhir-devel...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/cerner-fhir-developers/7ad9d252-b186-46e2-a844-8c77c75b9a3a%40googlegroups.com.

[Jenni Syed (Cerner)]

Hi Yong,

System access and a System account (in that application) are not the same thing. Our system account application is how you register for a client secret (and get privs to rotate that secret as needed/view that secret). Patient access with offline_access refresh tokens are done as access on behalf of the patient and a confidential application. Once you get the system account/secret, you would complete the application registration in our code console as described here: http://fhir.cerner.com/authorization/#registering-a-system-account

Regards,

Jenni

[Gerald Lewis]

Thanks Yegor! You mentioned "only to members of our developer program" -- is there information on how one goes about becoming a member of the dev program?

Thanks,

Gerald

[Benjamin Eichhorn (Cerner)]

Hi Gerald,

Please read through our FAQs at https://code.cerner.com/faqs.

This should hopefully start to answer some of your questions in regards to our Developer Program.

Thanks,

Ben (Cerner)

[Gerald Lewis]

Hi Ben,

I've (re)-read the FAQ and do not see information on how to become a member of the Developer Program.

The closest I could find was the section "What resources are available for Cerner client developers? ", which contained a link "accessible only for Cerner associates and Clients". I don't know if one needs to be a client before they're in the Developer Program/if that section is relevant.

Thanks,
Gerald

[Jenni Syed (Cerner)]

Hi Gerald, 

The more pertinent section if you've already read through that is "I have an app in use already and I am ready to work with Cerner" that Dev/Ops section also answers some of the process and validation questions involved in becoming a member. The business section talks about other prereqs etc. That page links to: https://code.cerner.com/submit

Regards,

Jenni