Hi Kol Kheang,
The way our application will communicate with the Cerner system. They will be using APIs.
Would you help us to clarify some concerns!
1. Authorization strategy
Likely, the "Requesting Authorization on Behalf of a System" is the only way in this case.
2. Each hospital/practice has his/her tenant Id
Where shall we get this value?
For example, we have an account id "ed9830bd-07b8-475c-b756-1813511c6262" in the Cerner system, so what is our tenant id? :)
From your document, I see an URL: https://authorization.cerner.com/tenants/ec2458f2-1e24-41c8-b71b-0e701af7583d/protocols/oauth2/profiles/smart-v1/token
I think "ec2458f2-1e24-41c8-b71b-0e701af7583d" is a tenant id. Is it correct?
3. Will Clearwave use its system app + practice's tenant Id to request API?
4. Will Clearwave use practice's credentials (tenant id, client id, client secret, scope) to request API?