Use Cases

• Auth Server
  • (existing) A user of the Auth server is able to register a client with scopes specified by the user
• Sandbox
  
  • A user of the Sandbox is able to create a sandbox account that has an isolated FHIR resource server datasource (personal datasource)
  • A user of the Sandbox is able to select a public datasource
    • The initial public datasource is the HSPC FHIR API Server
  • A user of the Sandbox is able to launch a SMART application that will run using the selected datasource 
    • The selected datasource is passed to the application using the "iss" parameter
• Logical API Server
  • Defined: A Logical API Server is a FHIR API Server for a FHIR resource server datasource.  It may be:
    • A physical deployment of an HSPC Reference API instance that specifies a database and schema (traditional)
    • A shared deployment of an HSPC Reference API instance that uses a router and multi-tenant database strategy to offer a single FHIR API interaction
    • Other technique offering a single FHIR API interaction
  • A user of the API server is able to perform the full FHIR REST API interaction according to the FHIR specification and SMART security model (no additional HTTP headers or parameters needed)
    • OAuth2 token extensions are permissible
    • Base URL path parameters are permissible
  • A user a SMART application is restricted by a provisioning layer by scope (ex: app wants write scope but API server does not support write)
  • A user of the API server is restricted from accessing a private/personal FHIR server that is not shared with them
• Datasource publication and sharing
  • A user of the Sandbox is able to register a datasource as a publicly available datasource (no provisioning required)
  • A user of the Sandbox is able to share a personal datasource with another user of the Sandbox

Database

Architecture