MuleSoft Accelerator for Healthcare
SMART on FHIR with Okta
See the Okta SMART on FHIR setup guide, which walks you through how to set up this reference SMART on FHIR implementation on Anypoint Platform using Okta as the identity provider.
The Substitutable Medical Applications and Reusable Technology (SMART) is a web/mobile app, which is typically embedded in EHR but can also serve as a standalone smartphone app. SMART on FHIR provides a consistent approach to security and data requirements for health applications. It also provides a workflow to securely request access to data, receive the data, and use the data.
SMART on FHIR addresses the following three key aspects:
- Identity and access management by using the OpenID Connect identity management protocol with different categories of scopes
- Clinical data (e.g., patient/Observation.read)
- Contextual data (e.g., launch/patient)
- Identity data (e.g., openid fhirUser)
- Access to the data using FHIR based APIs
- Launch workflow for different use cases such as:
- Patient apps that launch standalone
- Patient apps that launch from an EHR portal
- Provider apps that launch standalone
- Provider apps that launch from an EHR portal
Anypoint platform supports SMART on FHIR in the following ways:
- Identity and access management
- Provisioning third-party OIDC client provider like Okta for identity management
- Out-of-the-box OpenID Connect token enforcement policy
- Leverage OAuth provider information in the ‘authentication’ object for custom policy
- Access to the data using FHIR based APIs
- MuleSoft Accelerator for Healthcare provides FHIR R4 specifications for all the FHIR resources
- Out-of-the-box cross origin resource sharing (CORS) policy enables cross origin data exchange.