Smile CDR v2024.05.PRE
On this page:

16.3.1SMART on FHIR: Endpoints

 

The Authorization Server has several endpoints that are used for various purposes. Note that in the examples below, the server is shown at the address http://myserver:9200. The actual hostname and port for your module may be different.

16.3.2Server Metadata Endpoint

 

The server exposes a standard OpenID Connect metadata endpoint that shows the URLs for the various endpoints it supports at the following URL: http://myserver:9200/.well-known/openid-configuration

This endpoint is not password protected, and it will return a response such as the following:

{
  "issuer": "http://myserver:9200",
  "authorization_endpoint": "http://myserver:9200/oauth/authorize",
  "token_endpoint": "http://myserver:9200/token",
  "userinfo_endpoint": "http://myserver:9200/userinfo",
  "introspection_endpoint": "http://myserver:9200/oauth/token/introspect",
  "code_challenge_methods_supported": [
	 "plain",
	 "S256"
  ],
  "response_types_supported": [
    "code",
    "token"
  ],
  "jwks_uri": "http://myserver:9200/jwk"
}

16.3.3UserInfo Endpoint

 

The UserInfo endpoint may be invoked by a client to learn more about the user and session associated with a given access token.

The URL for the UserInfo endpoint can be found using the server metadata endpoint via the userinfo_endpoint attribute.

16.3.3.1Invoking the UserInfo Endpoint

The following example shows a request to the userinfo endpoint:

GET /userinfo
Authorization: Bearer fo8err3gfskgsefihd[..trimmed..]

The following example shows a corresponding response:

200 OK
Content-Type: application/json

{
   "profile": "http://myserver:9200/fhir/RelatedPerson/myusername",
   "sub": "myusername",
   "name": "John Smith",
   "family_name": "John",
   "given_name": "Smith"
}