An update to the SMART client

Just a quick note the say that I’ve made a couple of changes to the SMART client we discussed in a previous post.

There’s now an option to start the login process in a separate tab. This is needed because a number of sites I’ve been testing won’t let the login page open in an iFrame (it’s a security thing). When you configure the server, select the ‘separate tab’ option under ‘Where to open Browser’ at the bottom of the first page. Read more of this post

Delving into SMART

While FHIR is not a security standard ‘per se’, there are numerous references in the spec to security related matters – including a specific module in the specification. One of the recommendations made is about SMART – a defined way to use the OAuth2 Authorization framework in FHIR. I recently gave a webinar on SMART, and part of the feedback was that it wasn’t enough detail for a developer to implement a solution – while this wasn’t really the focus of the presentation, it did make me realize that there will be a lot of interest in this from developers, so thought it might be useful to develop a SMART application – and call out the significant parts as we go.

Read more of this post