Nable APIs are authenticated using OAuth 2, an open authorization protocol that grants third party applications limited access to users' account. The authentication and authorization are facilitated only between the end-user and the Nable HTTPS service. OAuth 2 provides dependable security for your application data that can be accessed via web and mobile devices.
SMART client can be registered at. For example https://${Server_Name}/api/fhir_resgistration.php
You can regiseter the app by posting your client name , redirect uri for your client and weather the client will be confidential or public.
There is additional parameter for confidential clients based on their launch. If the clinet wants an EHR launch or App standalone launch.
If the registeration is completed successfully a client_id will be generated. There will also be a client secret generated if the client is confidential.
To get authorization grant from users, make a GET request to the authorization URL with associated parameters.
params:
There will be an additional parameter for EHR launch with launch and for standalone app the additional parameter would be aud
After getting an authorization grant, POST the code to the access token endpoint to get the access token and the refresh token.
params:
Once the access token expires, it can be regenerated using the refresh token by making a POST call to the access token endpoint with following parameters.
params:
You can visit token revocation endpoint to revoke a token.
You can visit token introspection endpoint to check if the token is valid or invalid.
The list of supported scopes are given below:
openid (Generic mandatory scope)fhirUseronline_accessoffline_access (Will signal server to provide a refresh token)launchlaunch/patientapi:fhir (fhir which are the /fhir/ endpoints)patient/AllergyIntolerance.readpatient/Appointment.readpatient/Binary.readpatient/CarePlan.readpatient/CareTeam.readpatient/Condition.readpatient/Device.readpatient/DiagnosticReport.readpatient/DocumentReference.readpatient/DocumentReference.$docrefpatient/Encounter.readpatient/Goal.readpatient/Immunization.readpatient/Location.readpatient/MedicationRequest.readpatient/Medication.readpatient/Observation.readpatient/Organization.readpatient/Patient.readpatient/Person.readpatient/Practitioner.readpatient/Procedure.readpatient/Provenance.readsystem/*.$exportuser/AllergyIntolerance.readuser/Binary.readuser/CarePlan.readuser/CareTeam.readuser/Condition.readuser/Device.readuser/DiagnosticReport.readuser/DocumentReference.readuser/DocumentReference.$docrefuser/Encounter.readuser/Goal.readuser/Immunization.readuser/Location.readuser/MedicationRequest.readuser/Medication.readuser/Observation.readuser/Organization.readuser/Organization.writeuser/Patient.readuser/Patient.writeuser/Practitioner.readuser/Practitioner.writeuser/PractitionerRole.readuser/Procedure.readuser/Provenance.readuser/allergy.readuser/allergy.writeuser/appointment.readuser/appointment.writeuser/document.readuser/document.writeuser/drug.readuser/encounter.readuser/encounter.writeuser/immunization.readuser/medication.readuser/medication.writeuser/patient.readuser/patient.writeuser/practitioner.readuser/practitioner.writeuser/procedure.readuser/vital.readuser/vital.writepatient/encounter.readpatient/patient.read