SMART on FHIR support for AWS HealthLake
A Substitutable Medical Applications and Reusable Technologies (SMART) on FHIR enabled HealthLake data store allows access to SMART on FHIR compliant applications. HealthLake data is accessed by authenticating and authorizing requests using a third-party authorization server. So instead of managing user credentials via AWS Identity and Access Management, you are doing so using a SMART on FHIR compliant authorization server.
Note
HealthLake supports SMART on FHIR 1.0. To learn more about this framework, see SMART Application Launch Framework Implementation Guide Release
1.0
HealthLake data stores support the following authentication and authorization frameworks for SMART on FHIR requests:
-
OpenID (AuthN): for authenticating the person or client application is who (or what) they claim to be.
-
OAuth 2.0 (AuthZ): for authorizing which FHIR resources in your HealthLake data store an authenticated request can read or write to. This is defined by the scopes set up in your authorization server.
You can create a SMART on FHIR enabled data store using the AWS CLI or AWS SDKs. For more information, see Creating a HealthLake data store.
Topics
- Getting started with SMART on FHIR
- HealthLake authentication requirements for SMART on FHIR
- SMART on FHIR OAuth 2.0 scopes supported by HealthLake
- Token validation using AWS Lambda
- Using fine-grained authorization with a SMART on FHIR enabled HealthLake data store
- Fetching the SMART on FHIR Discovery Document
- Making a FHIR REST API request on a SMART-enabled HealthLake data store
