Technical Specifications > SMART Integration
Specification - SMART Integrations
This section of the IG defines specific requirements for implementers who aim to establish the SMART integration defined in this implementation guide (IG). The focus is on the expected use of the SMART App Launch Framework and a RESTful FHIR API to launch a "SMART App" (or "App"), typically a Referral Management System (RMS), from a Point of Service (POS) or another RMS to help users select an appropriate Healthcare Service and/or auto-populate forms needed to submit a referral request electronically (eReferral).
The requirements and expectations described here are not intended to be exhaustive. This IG establishes a baseline of expected behavior that communication partners can rely on and then build upon without standardizing referral pathways or defining what clinical data must be exchanged when referring patients. Therefore, implementers SHALL anticipate the need to discuss and mutually agree on the end user workflow that a SMART integration will enable, including:
- any forms, supporting information or functionality that will be provided by the SMART App to support the workflow;
- how the application will be launched from the POS or RMS ("SMART Server" or "Server");
- information that will be needed from the Server to populate forms or otherwise support the workflow and/or App;
- the FHIR Resources that will be used to retrieve information required from the Server;
- the RESTful FHIR endpoint that will be used to access the information; and
- the RESTful interactions that will be used to retrieve information from the endpoint.
Future iterations of this IG are expected to build upon this baseline based on implementer experience.
Context
Prerequisites
Before reading this formal specification, implementers are encouraged to first familiarize themselves with other key portions of this IG, specifically:
The Business Context for information about what this IG aims to accomplish including an overview of the business solution and process flow this specification will enable.
The Technical Background page for information about the underlying specifications this IG builds upon including references to sections that implementers should read to establish a necessary foundation to understand the constraints and usage guidance described here.
IMPORTANT: In addition to an understanding of FHIR concepts, familiarity with the OAuth2 Authorization Framework and OpenID Connect and their use within the SMART App Launch Framework (SMART on FHIR) will be necessary to successfully implement the SMART integration specified on this page.
Conventions
This implementation guide uses specific terminology to flag statements that have relevance when evaluating a solution's conformance with the guide:
SHALL indicates requirements that must be met to be conformant with the specification.
SHOULD indicates behaviors that are strongly recommended (and which could result in interoperability issues or sub-optimal behavior if not adhered to), but which do not, for this version of the specification, affect the determination of specification conformance.
MAY describes optional behaviors that implementers are free to consider but where there is no recommendation for or against adoption.
Participating Systems
A SMART integration provides a standard way for implementers of eServices solutions to establish a user interface level integration with shared context (both user and patient) between two software applications with a secure data connection in the background to share information.
Two different software applications participate in a SMART integration. In an eServices context these are typically:
- a POS or RMS application that has been configured as a SMART Server (
EHR launch
) so it can be extended with the functionality of one or more SMART Apps; and - an RMS application that can be launched from a SMART Server as a SMART App (
confidential app
) to assist users with the creation, management or fulfillment of electronic referrals, using the RESTful FHIR API to retrieve information.
Use of FHIR Artifacts
This specification makes significant use of FHIR Artifacts to describe the behaviour of the participating systems as well as the information to be exchanged.
Artifact Type | Use |
---|---|
CapabilityStatements | Specify the minimum conformance requirements (i.e. Capabilities and expected RESTful Interactions) for the systems participating in a SMART integration. |
StructureDefinitions (Profiles and Extensions) |
Specify use case specific constraints and extensions on the FHIR Resources to be exchanged within RESTful interactions. |
ValueSets | Specify the appropriate values to use within a given element within a FHIR profile. |
SMART integrations
This IG uses a subset of the functionality described in the SMART App Launch Framework (SMART on FHIR) to establish a secure, lightweight, web browser based user interface level integration with shared context (both user and patient) between two software applications with a data connection in the background.
An overview of the SMART Integration is provided below to provide readers with context for the requirements that follow. Links to relevant sections of the SMART App Launch Framework (SMART on FHIR) are provided throughout.
App Registration
To be used as a SMART App, an RMS must first be registered with an POS or RMS that is configured as a SMART Server. Registration of Apps will typically be a manual process.
SMART App Launch (using OAuth2)
To function as a SMART Server, a POS or RMS must present multiple endpoints to a SMART app:
- a FHIR server where the SMART App will access patient and user information
- an authorization server to authorize the SMART App to access to the FHIR endpoint (authorization code)
- a token endpoint to exchange authorization for tokens needed to access information from the FHIR endpoint
An App will typically be 'launched' in response to a user action performed in the SMART Server's user interface. Applications conformant to this IG SHALL use the SMART EHR launch sequence and SMART authorization sequence to launch and access data from a SMART Server. The steps in the launch process are illustrated below.
Notes:
- Step 4: SMART Servers conformant with this IG SHOULD publish endpoint information in their CapabilityStatement to enable conformance testing
- Step 4: SMART App providers MAY choose to configure systems with static endpoint information shared during the app registration instead of retrieving the information dynamically
- Step 5: a SMART App must communicate its access requirements to the SMART Server, this is discussed below
Retrieving Data (using RESTFul FHIR)
Once an App has been successfully launched and authorized to access the server, it will have launch context information from the Server including:
- an
access_token
that can be used to retrieve protected information from the Server's FHIR endpoint; fhiruser
context that can be used to retrieve information about the person who initiated the App launch;patient
context that can be used to retrieve information from the patient record the user was viewing when the App was launched.
These parameters SHOULD be used by the App to retrieve the information it needs to align its context (user and patient) with the Server, as well as to collect information needed to create and submit the referral request.
In the example, a SMART App retrieves information about a Patient
from the SMART Server's FHIR endpoint using patient
context ("patient": "123"
) recevied from the SMART Server.
Single Sign On (using an OpenID Token)
To provide a seamless user experience, an OpenID Token (id_token
) and fhiruser
context issued by the (token) Server during the launch process SHOULD be used by a RMS to validate the user's identity so access to the application can be granted without requiring the user to log in each time the RMS is launched.
A SMART App can retrieve identity information about the user (typically a Practitioner
for referrals) from the FHIR endpoint using the fhiruser
context recevied from the SMART Server.
Note: An RMS will typically need to provide a one-time process to associatate EHR user identity with RMS user identity, for each user.
For more information see scopes for requesting identity data and steps for using an ID token.
Use of the SMART integration
The SMART Integration provides a framework for launching a SMART App with access to restricted information available from the SMART Server's FHIR endpoint. The level of access that will be granted and information available will depend on the capabilities of the system hosting the FHIR endpoint and the level of access (scope) requested by and granted to the App.
This section specifies the minimum capabilites expected of SMART Servers that declare conformance with this IG as well as guidance for implementers of SMART Apps.
Scope and Launch Context
The SMART App Launch Framework (SMART on FHIR) specifies that OAuth scopes be used for Apps to communicate (and negotiate) their access requirements with Servers. Scopes defined within the framework correspond to different types of data that are relevant to this IG.
Category | Relevance to use case | Recommended approach |
---|---|---|
contextual data | Is provided to the App with the grant information so it knows which patient (and potentially which ServiceRequest) the user was viewing when the App was launched. | Referencing the EHR launch process illustrated above: - the SMART Server SHALL pass the launch context URL parameter (e.g. launch=abc123 ) to a SMART App at the time of launch (step 3) - the SMART App SHALL pass the URL parameter it received at launch ( launch=abc123 ) to the SMART Server's authorization endpoint as an URL parameter with its request for launch scope (step 5) - if access to the FHIR endpoint is granted, the SMART Server's token endpoint SHALL return appropriate launch context parameters to the SMART App when it exchanges authorization with an access_token in Step 10. |
clinical data | Will be accessed by the App using the RESTful FHIR API. | The App SHOULD include a request for patient/Patient.read 1 access in it's scope request to the authorization server (step 5) so it has the ability to query for patient information needed to create a referral request. If approved, granted scope SHALL be returned from the Server with the access_token in step 10. |
user identity data | Will be provided in a separate id_token from the server so the App can authenticate the user and grant access to its functionality. |
If the App requires user authentication, it SHALL request a pair of OpenID Connect scopes openid and fhirUser in it's scope request to the authorization server (step 5). If approved, identify information SHALL be returned from the Server in an id_token sent with the access_token in step 10. |
1 As a best practice, SMART Apps SHALL request only the scopes and permissions they need to function. Scopes requested will often be broader than above.
Retrieving Information from a FHIR Server
Using inforamtion received through the launch process (e.g.: "access_token"="i8hweunweunweofiwweoijewiwe"
, "scope": "patient/Patient.read"
and "patient": "123"
context), a SMART App can access protected information about the patient by issuing a FHIR API calls to the SMART Server's FHIR endpoint.
Each request SHALL include an Authorization
header that presents the access_token
as a “Bearer” token.
For example, the request
GET [base]/Patient/123
Authorization: Bearer i8hweunweunweofiwweoijewiwe
would return
{
"resourceType": "Patient",
"id": "123",
...
"identifier": [
...
],
"active": true,
"name": [
{
"family": "Doe",
"given": [
"Jane"
...
}
link to a complete example of the Patient resource
Example instances of each of the different FHIR Profiles defined in this IG are available from the Structures: Resource Profiles section of the FHIR Artifacts page. (See right column.)
Expectations of the SMART Server
A SMART Server declaring conformance with this specification SHALL support the SMART on FHIR interface, SHALL allow launching of SMART apps from within their application, and SHALL be capable of providing the SMART app access to information from a FHIR endpoint. Every SMART Server conforming to this specification:
SHALL specify the resource types, profiles and operations that are supported by its FHIR Endpoint by providing a CapabilityStatement (
kind=instance
) at[base]/metadata
SHALL convey the FHIR OAuth authorization endpoints, core capabilities and capability sets to SMART App developers using both:
SHALL be capable of granting
patient/Patient.read
scope withpatient
context information to enable authorized SMART Apps to access information about Patients that may become thesubject
of ServiceRequests created on the appSHALL be capable of granting
openid
andfhiruser
scope withfhiruser
context to enable authorized SMART Apps to access information about Practitioners who use the app to enable single sign on using OpenID connect, etc.SHALL enable a SMART App to validate the signatures of OpenID Tokens (
id_token
) issued by its token server, see: steps for using an ID token.
Expectations of the SMART App
A SMART App declaring conformance to this specification:
SHALL conform to the SMART launch framework confidential app profile and SHALL therefore be able to protect a
client_secret
SHALL conform to all App protection requirements in the SMART App launch framework
SHALL be able to request and use
patient/Patient.read
scope using thepatient
context granted by a SMART Server to enable the app to retrieve Patient demographic information that will be needed to support the completion of forms used for referral (where applicable, a SMART App SHOULD also be capable of supporting other resources defined in this IG)SHALL to be able to request and use
openid
andfhiruser
scope withfhiruser
context granted by a SMART Server to enable retrieve Provider identity information needed to support single sign on using OpenID connect, etc.