On this page:
   24.63    Security Inbound Script
  • Configuration Categories
  • 24.0 Web Admin Console Settings
  • 24.1 Authentication Callback Scripts
  • 24.2 Auth: General for APIs
  • 24.3 Auth: General for Web
  • 24.4 Auth: HTTP Basic
  • 24.5 Auth: OpenID Connect
  • 24.6 Browser Syntax Highlighting
  • 24.7 Capability Statement (metadata)
  • 24.8 Cluster Manager Subscription Messaging
  • 24.9 Cluster Manager Maintenance
  • 24.10 Cluster Manager Message Broker
  • 24.11 Cluster Manager Kafka
  • 24.12 Credentials
  • 24.13 Cross-Origin Resource Sharing (CORS)
  • 24.14 Database
  • 24.15 ETL Import: CSV Properties
  • 24.16 ETL Import: Source
  • 24.17 FHIR Binary Storage
  • 24.18 FHIR Bulk Operations
  • 24.19 FHIR Configuration
  • 24.20 FHIR Consent Service
  • 24.21 FHIR LiveBundle Service
  • 24.22 FHIR EMPI Server
  • 24.23 FHIR Endpoint Conversion
  • 24.24 FHIR Endpoint Security
  • 24.25 Interceptors
  • 24.26 FHIR Gateway Target
  • 24.27 FHIR Gateway Cache
  • 24.28 FHIR Multitenancy
  • 24.29 FHIR Performance
  • 24.30 FHIR Performance Tracing
  • 24.31 FHIR Resource Types
  • 24.32 FHIR REST Endpoint
  • 24.33 FHIR Search
  • 24.34 FHIR Interceptors
  • 24.35 FHIR Subscription Persistence
  • 24.36 FHIR Subscription Delivery
  • 24.37 FHIR Validation: Remote Terminology Service
  • 24.38 HL7 v2.x to FHIR Mapper - Forced Namespace Mode
  • 24.39 HL7 v2.x to FHIR Mapper - General
  • 24.40 HL7 v2.x Mapper - Medications
  • 24.41 HL7 v2.x to FHIR Mapper - OBR
  • 24.42 HL7 v2.x to FHIR Mapper - OBSERVATION Group
  • 24.43 HL7 v2.x to FHIR Mapper - ORDER_OBSERVATION Group
  • 24.44 HL7 v2.x to FHIR Mapper - PV1
  • 24.45 HL7 v2.x Listener Script
  • 24.46 HL7 v2.x MLLP Listener
  • 24.47 FHIR to HL7 v2.x Mapper Script
  • 24.48 HL7 v2.x MLLP Sender
  • 24.49 HTTP Access Log
  • 24.50 HTTP Listener
  • 24.51 HTTP Request Pool
  • 24.52 HTTP Security
  • 24.53 Hybrid Providers Definitions
  • 24.54 Initial User Seeding
  • 24.55 JSON Web KeySet (JWKS)
  • 24.56 LDAP Authentication
  • 24.57 Lucene FullText Indexing
  • 24.58 Narrative Generator
  • 24.59 OpenID Connect (OIC)
  • 24.60 Request Validating
  • 24.61 Inbound SMART on FHIR Authentication
  • 24.62 Inbound SMART on FHIR Endpoints
  • 24.63 Security Inbound Script
  • 24.64 SMART Authorization
  • 24.65 Sessions
  • 24.66 SMART Outbound Security: Callback Script
  • 24.67 SMART Outbound Security: CODAP
  • 24.68 SMART Outbound Security: Login Skin
  • 24.69 Two Factor Authentication
  • 24.70 TLS / SSL (Encryption)
  • 24.71 Trusted Client
  • 24.72 Trusted Client
  • 24.73 Miscellaneous Categories
    • 24.65    Sessions   
       Table of Contents

    SMART Authorization

    24.64SMART Authorization

     

    The SMART Authorization configuration category includes the following configurable options:

    • Enforce Approved Scopes to Restrict Permissions

    24.64.1Property: Enforce Approved Scopes to Restrict Permissions

     
    Property Key
    Property Type BOOLEAN
    Description When enabled, permission will be stripped from a user's session if they are not supported by an approved SMART on FHIR scope. For example, any FHIR write permissions will be removed from a session if the user has not approved (or a client is set to auto-approve) a scope such as Patient/*.write.
    Default Value true
    Is Optional? No
       24.63    Security Inbound Script
  • Configuration Categories
  • 24.0 Web Admin Console Settings
  • 24.1 Authentication Callback Scripts
  • 24.2 Auth: General for APIs
  • 24.3 Auth: General for Web
  • 24.4 Auth: HTTP Basic
  • 24.5 Auth: OpenID Connect
  • 24.6 Browser Syntax Highlighting
  • 24.7 Capability Statement (metadata)
  • 24.8 Cluster Manager Subscription Messaging
  • 24.9 Cluster Manager Maintenance
  • 24.10 Cluster Manager Message Broker
  • 24.11 Cluster Manager Kafka
  • 24.12 Credentials
  • 24.13 Cross-Origin Resource Sharing (CORS)
  • 24.14 Database
  • 24.15 ETL Import: CSV Properties
  • 24.16 ETL Import: Source
  • 24.17 FHIR Binary Storage
  • 24.18 FHIR Bulk Operations
  • 24.19 FHIR Configuration
  • 24.20 FHIR Consent Service
  • 24.21 FHIR LiveBundle Service
  • 24.22 FHIR EMPI Server
  • 24.23 FHIR Endpoint Conversion
  • 24.24 FHIR Endpoint Security
  • 24.25 Interceptors
  • 24.26 FHIR Gateway Target
  • 24.27 FHIR Gateway Cache
  • 24.28 FHIR Multitenancy
  • 24.29 FHIR Performance
  • 24.30 FHIR Performance Tracing
  • 24.31 FHIR Resource Types
  • 24.32 FHIR REST Endpoint
  • 24.33 FHIR Search
  • 24.34 FHIR Interceptors
  • 24.35 FHIR Subscription Persistence
  • 24.36 FHIR Subscription Delivery
  • 24.37 FHIR Validation: Remote Terminology Service
  • 24.38 HL7 v2.x to FHIR Mapper - Forced Namespace Mode
  • 24.39 HL7 v2.x to FHIR Mapper - General
  • 24.40 HL7 v2.x Mapper - Medications
  • 24.41 HL7 v2.x to FHIR Mapper - OBR
  • 24.42 HL7 v2.x to FHIR Mapper - OBSERVATION Group
  • 24.43 HL7 v2.x to FHIR Mapper - ORDER_OBSERVATION Group
  • 24.44 HL7 v2.x to FHIR Mapper - PV1
  • 24.45 HL7 v2.x Listener Script
  • 24.46 HL7 v2.x MLLP Listener
  • 24.47 FHIR to HL7 v2.x Mapper Script
  • 24.48 HL7 v2.x MLLP Sender
  • 24.49 HTTP Access Log
  • 24.50 HTTP Listener
  • 24.51 HTTP Request Pool
  • 24.52 HTTP Security
  • 24.53 Hybrid Providers Definitions
  • 24.54 Initial User Seeding
  • 24.55 JSON Web KeySet (JWKS)
  • 24.56 LDAP Authentication
  • 24.57 Lucene FullText Indexing
  • 24.58 Narrative Generator
  • 24.59 OpenID Connect (OIC)
  • 24.60 Request Validating
  • 24.61 Inbound SMART on FHIR Authentication
  • 24.62 Inbound SMART on FHIR Endpoints
  • 24.63 Security Inbound Script
  • 24.64 SMART Authorization
  • 24.65 Sessions
  • 24.66 SMART Outbound Security: Callback Script
  • 24.67 SMART Outbound Security: CODAP
  • 24.68 SMART Outbound Security: Login Skin
  • 24.69 Two Factor Authentication
  • 24.70 TLS / SSL (Encryption)
  • 24.71 Trusted Client
  • 24.72 Trusted Client
  • 24.73 Miscellaneous Categories
    • 24.65    Sessions