EpicSMART

Authentication

Authentication Overview

SMART on FHIR uses OAuth 2.0 for authorization and OpenID Connect for authentication.

The Flow

  1. Launch: The EHR launches your app.
  2. Discovery: Your app discovers the EHR’s authorization endpoints.
  3. Authorize: Your app requests authorization from the user.
  4. Token: Your app exchanges the authorization code for an access token.
  5. Access: Your app uses the access token to access FHIR data.
← Previous setup