Fetching the SMART on FHIR Discovery Document
SMART defines a Discovery Document that allows clients to learn the authorization endpoint URLs and features a HealthLake data store supports. This information helps clients direct authorization requests to the right endpoint and construct authorization requests the HealthLake data store supports.
For a client application to make a successful FHIR REST request to HealthLake, it must gather the authorization requirements defined by the HealthLake data store. A bearer token (authorization) is not required for this request to succeed..
To request the Discovery Document for a HealthLake data store
-
Collect HealthLake
regionanddatastoreIdvalues. For more information, see Getting data store properties. -
Construct a URL for the request using the collected values for HealthLake
regionanddatastoreId. Append/.well-known/smart-configurationto the endpoint of the URL. To view the entire URL path in the following example, scroll over the Copy button.https://healthlake.region.amazonaws.com/datastore/datastoreId/r4/.well-known/smart-configuration -
Send the request using
GETwith AWS Signature Version 4 signing protocol. To view the entire example, scroll over the Copy button.The Discovery Document for the HealthLake data store returns as a JSON blob, where you can find the
authorization_endpointand thetoken_endpoint, along with the specifications and defined capabilities for the data store.{ "authorization_endpoint":"https://oidc.example.com/authorize", "token_endpoint":"https://oidc.example.com/oauth/token", "capabilities": [ "launch-ehr", "client-public" ] }Both the
authorization_endpointand thetoken_endpointare required to launch a client application.-
Authorization endpoint — The URL needed to authorize a client application or user.
-
Token endpoint — The endpoint of the authorization server the client application uses to communicate with.
-
