Supported SMART on FHIR OAuth scopes by HealthLake - AWS HealthLake

Supported SMART on FHIR OAuth scopes by HealthLake

HealthLake uses OAuth 2.0 as an authorization protocol. Using this protocol on your authorization server allows you to define what FHIR resources in your HealthLake data store a client application can have read and/or write access too.

The SMART on FHIR framework defines a set of scopes that can be requested from the authorization server. To view the scope definitions in the SMART on FHIR framework, see SMART on FHIR Scopes in the HL7 FHIR Resource Guide.

For example, a client application that is only designed to allow patients to view their lab results or view their contact details should only be authorized to request (via FHIR REST request) read scopes. To define these as scope you would provide a string like the following patient/Observation.read. This would allow the client application to request access to the Observation resource type in a read-only manner on the Patient resource type.

Standalone launch scope

HealthLake supports the standalone launch mode scope launch/patient.

In standalone launch mode a client application requests access to patient's clinical data because the user and patient are not known to the client application. Thus, the client application's authorization request explicitly requests the patient scope be returned. After successful authentication, the authorization server issues a access token containing the requested launch patient scope. The needed patient context is provided alongside the access token in the authorization server's response.

Supported launch mode scopes
ScopeDescription

launch/patient

A parameter in a OAuth 2.0 authorization request requesting that patient data be returned in the authorization response.

HealthLake data store FHIR resource specific scopes

HealthLake defines three levels of scopes.

  • Patient-specific scopes grant access to specific data about a single patient. Which patient is specified in the launch context.

  • User-level scopes grant access to specific data that a user can access.

  • System-level scopes grant read/write access to all FHIR resource found in the HealthLake data store.

The following table shows the syntax for constructing FHIR resource related scopes that are supported by HealthLake. The general format is the following:

( 'patient' | 'user' | 'system' ) '/' ( fhir-resource | '*' ) '.' ( 'read' | 'write' | '*' )
Supported authorization scopes on HealthLake data stores
Scope syntaxExample scopeResult

patient/(fhir-resource | '*').('read' | 'write' | '*')

patient/AllergyIntolerance.*A client application would have read/write access to allergies.

user/(fhir-resource | '*').('read' | 'write' | '*')

user/Observation.readA client application would have read access to all recorded observations.
system/('read' | 'write' | *)system/*.*A client application would have read/write access to all data.