Smile CDR v2023.05.PRE
On this page:
   41.105    SMART Login Terms of Service 41.107    SMART Definitions Seeding   

41.106SMART Authorization

 

The SMART Authorization configuration category includes the following configurable options:

  • Allowed Audience List

  • Email From Address

  • Enforce Approved Scopes to Restrict Permissions

  • Scopes Supported

41.106.1Property: Allowed Audience List

 
Property Name Allowed Audience List
Property Key
Property Type STRING
Description Space-separated list of allowed resource URLs as the 'audience' parameter during authentication flow. If left empty, no validation is performed.
Applies to Modules
  • SMART Outbound Security
Default Value (no default)
Example Property
module.[MODULE_ID].config.allowed_audience_list = 

41.106.2Property: Email From Address

 
Property Name Email From Address
Property Key
Property Type STRING
Description Forgotten password related emails will be sent from this email address.
Applies to Modules
  • Payer to Payer
  • SMART Outbound Security
  • appSphere
Default Value noreply@unknown.com
Example Property
module.[MODULE_ID].config.email.from_address = noreply@unknown.com

41.106.3Property: Enforce Approved Scopes to Restrict Permissions

 
Property Name Enforce Approved Scopes to Restrict Permissions
Property Key
Property Type BOOLEAN
Description When enabled, permission will be stripped from a user's session if they are not supported by an approved SMART on FHIR scope. For example, any FHIR write permissions will be removed from a session if the user has not approved (or a client is set to auto-approve) a scope such as Patient/*.write.
Applies to Modules
  • SMART Inbound Security
  • SMART Outbound Security
Default Value true
Example Property
module.[MODULE_ID].config.enforce_approved_scopes_to_restrict_permissions = true

41.106.4Property: Scopes Supported

 
Property Name Scopes Supported
Property Key
Property Type STRING
Description A space separated list of scopes to advertise as supported in the .well-known/smart-configuration
Applies to Modules
  • FHIR Gateway REST Endpoint
  • FHIR REST Endpoint (DSTU2)
  • FHIR REST Endpoint (R3)
  • FHIR REST Endpoint (R4)
  • Hybrid Providers REST Endpoint
  • SMART Inbound Security
  • SMART Outbound Security
Default Value openid fhirUser
Example Property
module.[MODULE_ID].config.smart_configuration.scopes_supported = openid fhirUser
   41.105    SMART Login Terms of Service 41.107    SMART Definitions Seeding