Make effective use of both wildcard and SMART 2.0 fine grained resource scopes to reduce the number and complexity of scopes requested. In a complex authorization scenario involving user consent, the complexity of the authorization request presented to the user should be considered and balanced against the concept of least privilege.The responsibility of supporting transparent consent falls on both the authorization server implementer as well as the client application developer. In order to collect the required consent in a transparent manner, it is important that the authorization server presents a summary of the requested scopes in concise, plain language that the user understands. In 3rd-party authorization scenarios (where the client and the resource server are not from the same organization), it is a common requirement for authorization servers to obtain the user’s consent prior to granting the scopes requested by the client.
#Similar to smartapp code
#Similar to smartapp registration
E.g., per-device dynamic client registration (see ongoing work on UDAP specifications).Consider offering clients a way to bind refresh tokens to asymmetric secrets managed in hardware.Expire an app’s authorization if a refresh token is used more than once (see OAuth 2.1 section 6.1).Mitigate threats of compromised refreshed tokens.Remind users which apps have offline access (keeping in mind that too many reminders lead to alert fatigue).For up-to-date community discussion, see SMART on FHIR Best Practices on the HL7 Confluence Site Best practices for server developers include
This page reflects non-normative best practices established at the time of publication. App and Server developers should consider trade-offs associated with confidential vs public app architectures.Best practices for app developers include.
0 kommentar(er)
