Hi,
Per folk' suggestion from SMART ON FHIR group, I am sending the question here.
With new proposed ONC rule, it may require refresh token for 3 months. The question is "do I need to register as a confidential client or public client"?
Refresh token usually requires client secret to be issued so that it is used to request access token as well as refresh token or refresh token to access. If I check online_access in registration, there is no place to add client secret. If I need to register as a confidential app, I won't be able to answer some of the question to apply for a system account, like which Cerner associate I am working with, and which Cerner client it is because I am just doing proof-of-concept development and testing.
Would anyone be able to shine some lights on this?