Fetching a SMART on FHIR enabled HealthLake data store's Discovery Document

For a client application to make a successful FHIR REST request, it needs to gather the authorization requirements defined in the HealthLake data store. No authorization (bearer token) is required for this request to succeed.

To do so, make a GET request and append /.well-known/smart-configuration to the endpoint of the data store


GET https://healthlake.your-region.amazonaws.com/datastore/your-datastore-id/r4/.well-known/smart-configuration

This returns the HealthLake data store's Discovery Document as a JSON blob. In it, you will find the authorization_endpoint and the token_endpoint along with the specifications and capabilities defined in the HealthLake data store.


{
  "authorization_endpoint": "https://oidc.example.com/authorize",
  "token_endpoint": "https://oidc.example.com/oauth/token",
  "capabilities": [
    "launch-ehr",
    "client-public"
  ]
}

URLs needed for launching a client application successfully

Authorization endpoint: The URL needed to authorize a client application or user.
Token endpoint: The endpoint of the authorization server that the client application uses to communicate with it.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Enabling fine-grained authorization

Example FHIR REST request