EHR evaluates authorization request, asking for end-user input
The authorization decision is up to the EHR authorization server, which may request authorization from the end-user. The EHR authorization server will enforce access rules based on local policies and optionally direct end-user input. If an EHR launches the app for an authenticated user who has explicitly requested the launch, asking for the end user's authorization is optional; else the user's authorization SHOULD be requested. The user should be given information regarding the client requesting the access, the request, the scope, and the time access is needed.
The EHR decides whether to grant or deny access. This decision is
communicated to the app when the EHR authorization server returns an
authorization code. Authorization codes are short-lived, usually expiring
within around one minute. The code is sent when the EHR authorization server
redirects the browser to the app's redirect_uri, with the
following URL parameters:
| Parameters | ||
|---|---|---|
code |
required | The authorization code generated by the authorization server. The authorization code *must* expire shortly after it is issued to mitigate the risk of leaks. |
state |
required | The exact value received from the client. |
For example
Based on the client_id, current EHR user, configured policy, and perhaps
direct user input, the EHR makes a decision to approve or deny access. This
decision is communicated to the app by redirection to the app's registered
redirect_uri:
Location: https://app/after-auth?
code=123abc&
state=98wrghuwuogerg97