Login from Web App Outside of Cerner

127 views
Skip to first unread message

Mark Hatoum

unread,
May 25, 2018, 11:06:51 AM5/25/18
to Cerner FHIR Developers
Hi,

I have been able to successfully setup and load a couple of sample SMART on FHIR apps in Cerner's Code console.  One of them uses the Provider App Type configuration, and the other is a System App Type.

I would like to try to embed SMART on FHIR within a Web Application outside of Cerner.

How would I be able to authenticate the user (Cerner login) and/or the system prior to loading the applicable launch page? ( similar to the test environments where user=portal for the Provider Test App or the hardcoded client id and secret for the System Test App)

Is there any documentation or examples available for this scenario?

-Mark

Mark Hatoum

unread,
May 28, 2018, 2:19:12 PM5/28/18
to Cerner FHIR Developers
Are there any options to integration with Cerner Hosted Open ID Authorization?

-Mark

Kevin Shekleton (Cerner)

unread,
May 29, 2018, 6:57:52 AM5/29/18
to Cerner FHIR Developers
Mark,

When your SMART app launches as a standalone app outside of the EHR, our authorization server will automatically redirect to our OpenID provider to authenticate the user. So, you don't need to do anything. This is exactly what happens when you launch a SMART app from within the code Console.

-Kevin (Cerner)

Mark Hatoum

unread,
May 29, 2018, 11:02:51 AM5/29/18
to Cerner FHIR Developers
Hi Kevin,

Just to clarify for me, when the client app "launch" page is requested, in addition to authorizing, will the FHIR.oauth2.authorize call bring up a Cerner login form if the user does not have a valid existing session? Is that how it would work?

-Mark

Kevin Shekleton (Cerner)

unread,
May 29, 2018, 12:22:48 PM5/29/18
to Cerner FHIR Developers
Yes. When the SMART app requests authorization to launch from the Cerner Authorization Server (AS), the AS will ensure that an existing valid session exists in the browser. As a standalone app, there won't be a session so the AS will redirect to the client's OpenID provider to allow the user to authenticate. After authenticating an establishing a session, the OpenID provider redirects back to the AS and then ultimately back to your SMART app.

This workflow I just described is exactly how you're seeing things today when you launch your SMART app from the code Console.

If you haven't already, check out our documentation on authorization in a SMART on FHIR environment here:

-Kevin (Cerner)

Mark Hatoum

unread,
May 29, 2018, 2:04:59 PM5/29/18
to Cerner FHIR Developers
Awesome - thanks Kevin. I just wanted to be sure that the FHIR.oauth2.authorize call would incorporate the authentication call (if needed) as well as authorization.

-Mark

Kevin Maloy

unread,
May 29, 2018, 2:16:40 PM5/29/18
to Cerner FHIR Developers
Mark --

I also have some simple code on repl.it and a short video about making a stand alone app (patient facing for the video) if you want to check it out ... 

It took me a while to figure out how to do stand alone so I thought I would contribute ... the github pages thing was hard for me to setup/understand ... 


Mark Hatoum

unread,
May 30, 2018, 10:45:10 AM5/30/18
to Cerner FHIR Developers
Very nice. Thanks Kevin for the additional knowledge.

-Mark
Reply all
Reply to author
Forward
0 new messages