SMART Usage
From Hiasobi - FHIR
Revision as of 22:58, 18 April 2016 by Brett Esler (Talk | contribs)
Parameters - id_token
- id_token contains a JWT (JSON web token)
- See: https://github.com/smart-on-fhir/smart-on-fhir.github.io/blob/master/authorization/smart-on-fhir-jwt-examples.ipynb
- Example token exchange response includes JWT in id_token
{
"access_token":"NDU5YmNkYmMtYjg3NC00OWI0LThiMjctYTBiMjhlMzQzYTM2",
"token_type":"Bearer",
"expires_in":"86399",
"scope":null,
"state":"24738283",
"patient":"2",
"encounter":null,
"location":null,
"resource":null,
"id_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwczovL2xvY2FsaG9zdDo4MTAyIiwic3ViIjoidmVyaWZpZWRcXDgwMDM2MjgyMzMzNTUyODZcXDEiLCJhdWQiOiJodHRwczovL29yaWRhc2hpLmNvbS5hdS9zaXRlL2FwcHMvc21hcnQtaW5kZXguaHRtbCIsImV4cCI6IjE0NjA5Nzk1OTIiLCJuYW1lIjoiMSIsInByb2ZpbGUiOiJodHRwczovL2xvY2FsaG9zdDo4MTAyL1ByYWN0aXRpb25lci8xIn0.2Qw3vVfPXUotNu69e28OZ7FNc0rjHnBtHC5A4ZvM6fw",
"refresh_token":null
}
decoded JWT example; this is a signed JWT
{
"iss":"https://localhost:8102",
"sub":"verified\8003628233355286\1",
"aud":"https://oridashi.com.au/site/apps/smart-index.html",
"exp":"1460979592",
"name":"1",
"profile":"https://localhost:8102/Practitioner/1"
}
"sub" is the subject of the claim globally unique user identifier
[verified|unverified|test]\<hpio>\<practitioner id>
