Simon Nguyen
Oct 17, 2018, 5:42:37 PM10/17/18
to Cerner FHIR Developers
Hi,
Also If a user needs to be authenticated in my SMART app, can that user do so through your SSO, assuming user is registered in our server database?
Another approach that I saw was to use id_token and/or the tenant id. Is there a way to verify the integrity of the user requesting to access our app?
Many thanks,
Simon
Michele Mottini
Oct 17, 2018, 7:51:17 PM10/17/18
to Cerner FHIR Developers
Hi,After reading https://fhir.cerner.com/smart/, I would like to know more about the Single Sign On. What is the Single Sign On (SSO) system are you using in order to authenticate to our application within your EHR embedded browser? Do we have access to such system's documentation to know how it works?
It is OpenID Connect - i.e. use of the the openid profile scopes
Also If a user needs to be authenticated in my SMART app, can that user do so through your SSO, assuming user is registered in our server database?
Yes
Another approach that I saw was to use id_token and/or the tenant id. Is there a way to verify the integrity of the user requesting to access our app?
id_token contains the user data returned by the single sign on system - your app should validate the token and then use its data to login in your system (possibly creating an account in your system in the process)
- Michele
CareEvolution Inc
Simon Nguyen
Oct 18, 2018, 4:49:09 PM10/18/18
to Cerner FHIR Developers
Thank you, Michele!
I found good posts on this forum concerning this issue. Some linked to this authorization tutorial https://github.com/whitehatguy/smart-authorization-lab
The Lab 6 is about OpenId and using the id_token like you mentioned.
It is also useful to know that the id_token is a JSON Web Token (JWT) to decode and validate. Thanks for inviting me to explore those fields.
Reply all
Reply to author
Forward
0 new messages