Authorize

Developing

Sandbox

https://fhir-dev.edvak.com

GET

/realms/EDVAK/protocol/openid-connect/auth

This endpoint initiates the authorization process by directing the user to the EHR system's authorization service. It is used to obtain an authorization code as part of the OAuth 2.0 flow.

Request

Query Params

response_type

string

required

Must be set to code to indicate that the application is initiating an authorization code request.

client_id

string

required

The unique identifier issued to the client during the registration process.

redirect_uri

string

required

One of the URIs previously registered with the authorization server. It’s where the server will send the user after authorization.

launch

string

optional

Required when using an EHR Launch sequence. This value must match the one provided by the EHR. It is not used in Standalone Launch scenarios.

scope

string

required

Specifies the data access the app is requesting. This includes permissions like patient/*.read, openid, and fhirUser. It may also include launch context indicators such as launch or launch/patient.

state

string

required

A unique, unpredictable value that preserves request integrity and prevents CSRF attacks. It should have at least 122 bits of entropy, such as a securely generated UUID.

aud

string

required

The base URL of the EHR’s FHIR server. This tells the authorization server which resource server the app intends to interact with and helps avoid sending tokens to untrusted endpoints.

code_challenge

string

required

A value derived from the code_verifier, used in conjunction with the PKCE protocol to strengthen security.

code_challenge_method

string

required

ndicates the transformation method used to generate the code_challenge, typically S256.

Responses

🟢200Success

application/json

Body

object {0}

Example

{}

Well-known configuration

Request