SMART Authorization
The SMART Authorization configuration category includes the following configurable options:
|
Enforce Approved Scopes to Restrict Permissions |
|
|
BOOLEAN | |
When enabled, permission will be stripped from a user's session if they are not supported by an approved SMART on FHIR scope. For example, any FHIR write permissions will be removed from a session if the user has not approved (or a client is set to auto-approve) a scope such as Patient/*.write .
|
|
true
|
|
|