Add support for SMART on FHIR to HAPI FHIR with APISIX and Keycloak
Rob Ferguson
Introduction
In a previous post, I wrote about the steps I followed to add Authentication (AuthN) to HAPI FHIR by utilising APISIX and Keycloak.
In this post we are going to look at adding support for SMART on FHIR to HAPI FHIR.
SMART on FHIRSMART on FHIR (Substitutable Medical Applications and Reusable Technologies on FHIR) is a healthcare standard that promotes interoperability between client applications and FHIR-enabled systems.
SMART on FHIR ScopesSMART on FHIR defines OAuth 2.0 scopes that allow client applications to request a specific set of access rights. The client conveys this information to the authorization server in the form of a 'scope' request parameter.
For example:
- system/Patient.read
- system/Patient.write
We can configure the OpenID Connect plugin's required_scopes attribute to require one or more scopes.
...
Italo Macêdo
Italo Costa, HL7 Brazil.
--
You received this message because you are subscribed to the Google Groups "HAPI FHIR" group.
To unsubscribe from this group and stop receiving emails from it, send an email to hapi-fhir+...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/hapi-fhir/7e8379a2-f607-432f-9be5-6b352d217e42n%40googlegroups.com.
Rob Ferguson
Here's another post you might like: https://rob-ferguson.me/getting-started-with-the-apisix-authz-keycloak-plugin/
Introduction
In a previous post, I wrote about how to use Keycloak and the APISIX openid_connect plugin to add support for SMART on FHIR to HAPI FHIR.
In this post we are going to look at how to use Keycloak and the authz-keycloak plugin to add support for SMART on FHIR to HAPI FHIR.
Keycloak Authorization ServicesFine-grained Authorisation
You must allow the 'Authorization' capability config setting in order to enable support for fine-grained authorisation.
...