Options
All
  • Public
  • Public/Protected
  • All
Menu

Interface AuthorizeParams

Authorization parameters that can be passed to authorize or init

Hierarchy

  • AuthorizeParams

Index

Properties

Properties

Optional clientId

clientId?: string

The client_id that you have obtained while registering your app in the EHR. This is not required if you only intend to communicate with open FHIR servers. Note: For backwards compatibility reasons we also accept client_id instead of clientId!

alias

client_id

Optional clientPrivateJwk

clientPrivateJwk?: JWK

If you have registered a confidential client, you should pass your clientPrivateJwk here. Note: ONLY use this on the server, as the browsers are considered incapable of keeping a secret.

Optional clientPublicKeySetUrl

clientPublicKeySetUrl?: string

If you have registered a confidential client and you host your public key online, you can pass your JWKS URL here Note: ONLY use this on the server, as the browsers are considered incapable of keeping a secret.

Optional clientSecret

clientSecret?: string

If you have registered a confidential client, you should pass your clientSecret here. Note: ONLY use this on the server, as the browsers are considered incapable of keeping a secret.

Optional client_id

client_id?: string

The client_id that you have obtained while registering your app in the EHR. This is not required if you only intend to communicate with open FHIR servers. Note: For backwards compatibility reasons we accept client_id as an alias of clientId!

alias

clientId

deprecated

Optional completeInTarget

completeInTarget?: boolean

If true, the app will be initialized in the specified AuthorizeParams.target. Otherwise, the app will be initialized in the window in which authorize was called.

Optional encounterId

encounterId?: string

The ID of the selected encounter. If you are launching against an open FHIR server, there is no way to obtain the launch context that would (in some EHRs) include the selected encounter ID. This way you can "inject" that ID and make the client behave as if this is the currently active encounter.

Optional fakeTokenResponse

fakeTokenResponse?: object

Useful for testing. This object can contain any properties that are typically contained in an access token response. These properties will be stored into the client state, as if it has been authorized.

Optional fhirServiceUrl

fhirServiceUrl?: string

The base URL of the FHIR server to use. This is just like the iss option, except that it is designed to bypass the authentication. If fhirServiceUrl is passed, the authorize function will NOT actually attempt to authorize. It will skip that and redirect you to your redirect_uri.

Optional height

height?: number

The height of the authorization popup window. Only used in browsers and if the AuthorizeParams.target option is set to "popup".

Optional iss

iss?: string

This is the URL of the service you are connecting to. For EHR Launch you MUST NOT provide this option. It will be passed by the EHR as url parameter instead. Using iss as an option will "lock" your app to that service provider. In other words, passing an iss option is how you can do Standalone Launch.

Optional issMatch

issMatch?: string | RegExp | ((iss: string) => boolean)

Can be used to verify that the app is being launched against certain servers. This is especially useful when working with multiple EHR configurations. Can be a string (in which case it will be expected to match the provided ISS exactly), a regular expression to test against the current ISS, or a function that will be called with the current ISS and should return true or false to signify if that ISS is acceptable.

Optional launch

launch?: string

Do not pass use this option, unless you want to test it. It should come as url parameter from the SMART authorization server as part of the EHR launch sequence

Optional noRedirect

noRedirect?: boolean

Optional patientId

patientId?: string

The ID of the selected patient. If you are launching against an open FHIR server, there is no way to obtain the launch context that would include the selected patient ID. This way you can "inject" that ID and make the client behave as if that is the currently active patient.

Optional pkceMode

pkceMode?: PkceMode

Client expectations for PKCE (Proof Key for Code Exchange). Can be one of:

  • ifSupported Use if a matching code challenge method is available (default)
  • required Do not attempt authorization to servers without support
  • disabled Do not use PKCE
  • unsafeV1 Use against Smart v1 servers. Smart v1 does not define conformance, so validate your server supports PKCE before using this setting

Optional redirectUri

redirectUri?: string

Defaults to the current directory (it's index file)

alias

redirect_uri

Optional redirect_uri

redirect_uri?: string

Same as redirectUri

alias

redirectUri

deprecated

Optional scope

scope?: string

One or more space-separated scopes that you would like to request from the EHR. Learn more

Optional target

target?: WindowTarget

Where to start the auth flow. This option is only applicable in browsers and is ignored on the server. Can be one of:

  • _self Authorize in the same window (default)
  • _top Authorize in the topmost window
  • _parent Authorize in the parent window
  • _blank Authorize in new tab or window
  • "popup" Open a popup, authorize in it and close it when done
  • String Frame name (string index in window.frames)
  • Number Numeric index in window.frames
  • Object Window reference (must have the same origin)
  • Function A function that returns one of the above values or a promise that will resolve to such value.

Optional width

width?: number

The width of the authorization popup window. Only used in browsers and if the AuthorizeParams.target option is set to "popup".

Generated using TypeDoc