In order to use access control you need an authorization server that can provide OAuth2 tokens with claims that conform to SMART on FHIR. In a production scenario, you typically already have at least an identity provider, i.e. authentication server, in place. It could be the EHR system, a Active Directory, or a provider set up specifically for let’s say a Patient Portal.
Creating SMART on FHIR conformant tokens and handling all protocol details related to a SMART app launch requires dedicated support which generic authorization servers do not offer. Firely provides Firely Auth, an external authorization service optimized for SMART on FHIR, which enables a out-of-the-box experience with your existing authentication services.
Firely Auth is licensed separately from the core Firely Server distribution. Please contact Firely to get the license.
Your license already permits the usage of Firely Auth if it contains
http://fire.ly/server/auth. You can also try out Firely Auth using an evaluation license with a limited uptime.
To allow you to test access control, we provide you with instructions to build and run Firely Auth in which you can configure the necessary clients, claims and users yourself to test different scenarios.