SMART Outbound Security: Context Selection
When a user performs a SMART on FHIR authorization flow, details about the session context are shared with the app and often implicit in the session as well.
For example, when an application requests and is approved for the
patient/*.read scope, the SMART on FHIR specification states that this grants the app Permission to read any resource for the current patient. This means explicitly that the token issued for the app by the IDP can be used to access data about one patient, and one patient only.
In many cases, the user using an app that requests a patient/ scope is a Patient who is accessing their own data. This isn't always the case however: consider use cases such as parents accessing data about their children, or other such cases where a delegate is allowed to see data about another person. These use cases often refer to the user as an Authorized Representative.
The SMART Outbound Security module can optionally present the user with a selection screen as a part of the login process. This selection screen is called the Context Selection Screen and adds a workflow step to interactive authorization flows where the user may select the context of the login.
The following screenshot shows the built-in context selection screen. This screen can also be customized using a skin.
After the user has authenticated, the system will call the onSmartLoginPreContextSelection(..) function. This function supplies the available contexts that the user will choose from.