Authorization using OAuth2

Owned by Travis Cummings
Last updated: Aug 12, 2016 by Kira Wagner
1 min read

Introduction

This sample will demonstrate how to request authorization for an app, using the SMART on FHIR JavaScript Client.

SMART on FHIR Authorization

Request Authorization

The fhir-client.js JavaScript library from SMART contains methods to help you handle the SMART on FHIR Authorization workflow with in your app. Include fhir-client.js in a file which will be loaded when your app is launched. In this snippet, we are showing an example of initiating SMART on FHIR authorization within HTML code. To request authorization, call the FHIR.oauth2.authorize method:  

Authorize
<html>
<head>
	<script src="fhir-client.js"></script>
</head>
<body>  
<script type="text/javascript">
    FHIR.oauth2.authorize({
        client_id: "my_client_id",
        redirect_uri: "https://mydomain.com/app/index.html",
        scope: "patient/*.read"
    });

</script>
...
</body>
</html>

Authorization Success

Include fhir-client.js and jquery in a file which will be redirected to after successful authorization. This snippet is in an HTML file. Call the FHIR.oauth2.ready method to complete the authorization process and retrieve an access token for interacting with the FHIR server. The resulting SMART FHIR Client (named fhirClient in this example) contains the access token and uses it during interactions with the FHIR server. 

Authorization Success
<html>
<head>
	<script src="fhir-client.js"></script>
    <script src="http://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js"></script>
</head>    
<body>
<script type="text/javascript">
	FHIR.oauth2.ready(function(fhirClient){
    	...use fhirClient to interact with the FHIR server...
    });
</script>
</body>
</html>