[Openid-specs-heart] Public FHIR Endpoints - are there any OAUTH endpoints to register and test

Debbie Bucci debbucci at gmail.com
Tue Jul 21 13:47:21 UTC 2015


Eve posted a great visual a few weeks back.  Both UMA and OpenID Connect
are layered on TOP of OAuth.

We need to start somewhere and focusing on the base seems the appropriate
place to start from my POV.

I personally need to build to see...in order to understand the
changes/adjustments that may need to be made to the base as we build upon
it.

Agile right?
On Jul 21, 2015 8:51 AM, "Aaron Seib" <aaron.seib at nate-trust.org> wrote:

> I am in the same boat as Justin – Dragon and I had a sidebar about this a
> week or so back and came to the same conclusion.
>
>
>
> The Use case should determine what is employed.  I am a visual guy – if we
> had a set of concentric circles OAUTH would be the center, a band of both
> OAUTH and UMA would surround that and then UMA would be the outer band.
>
>
>
> Probably not helpful without some arrows that label the use case supported
> by each band but that is the way I have pictured it.  I am not sure that
> visualization stands up as I don’t know that you ever have a use case with
> UMA in isolation of OAUTH.  Can someone correct me?
>
>
>
> It might help to spell out a specific use case in the legacy language of
> disclosure based on push:
>
>
>
> 1.      EMR1 sends protected health data to PHRA;
>
> 2.      Consumer using PHRA sends content from (1) to EMR2
>
> 3.      EMR2 receives content and its workflow can differentiate between
> PGHD and data that is unchanged since it left EMR1.
>
>
>
> Could anyone on this thread convert this transaction into the OAUTH\UMA
> domain so that a layman would understand?
>
>
>
>
>
> Aaron Seib, CEO
>
> @CaptBlueButton
>
>  (o) 301-540-2311
>
> (m) 301-326-6843
>
> <http://nate-trust.org>
>
>
>
> *From:* Openid-specs-heart [mailto:
> openid-specs-heart-bounces at lists.openid.net] *On Behalf Of *Justin Richer
> *Sent:* Tuesday, July 21, 2015 3:54 AM
> *To:* Adrian Gropper
> *Cc:* openid-specs-heart at lists.openid.net
> *Subject:* Re: [Openid-specs-heart] Public FHIR Endpoints - are there any
> OAUTH endpoints to register and test
>
>
>
> That’s not true: We’re doing UMA where UMA makes sense. We’re doing OAuth
> where OAuth makes sense. We’re doing both in parallel when both in parallel
> make sense.
>
>
>
> At least, that’s what I got from the discussion of the previous thread of
> options, though I’m potentially biased because this is the direction that I
> thought we should go.
>
>
>
>  — Justin
>
>
>
> On Jul 21, 2015, at 12:52 AM, Adrian Gropper <agropper at healthurl.com>
> wrote:
>
>
>
> I'm confused. Either HEART is doing UMA or we're not. OAuth alone, at
> least as I understand it does not meet key issues of the HEART Charter.
>
>
>
> What am I missing here? Is HEART just going to tag along behind FHIR or
> are we going to lead?
>
>
>
> Adrian
>
> On Monday, July 20, 2015, Debbie Bucci <debbucci at gmail.com> wrote:
>
> I would also like to propose that we look at the Argonaut backend services
> because it's closest to our profiles .  Let's pretend a phr is a trusted
> back end service.
>
> If I am way off base - correct me.
>
> On Jul 20, 2015 5:42 PM, "Debbie Bucci" <debbucci at gmail.com> wrote:
>
> Hi everyone
>
>
>
> I see this is the current list
>
>
>
>
> http://wiki.hl7.org/index.php?title=Publicly_Available_FHIR_Servers_for_testing
>
>
>
>
> I know for certain some of you are building your own Sandboxes (+1).  Is
> it possible to get an informal interop going?   May help us with the
> profile discussions.
>
>
>
>
>
> Deb
>
>
>
>
>
> --
>
> Adrian Gropper MD
> Ensure Health Information Privacy. Support Patient Privacy Rights.
> http://patientprivacyrights.org/donate-2/
>
>
>
>
> _______________________________________________
> Openid-specs-heart mailing list
> Openid-specs-heart at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-heart
>
>
>
> _______________________________________________
> Openid-specs-heart mailing list
> Openid-specs-heart at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-heart
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-heart/attachments/20150721/dd595af3/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.jpg
Type: image/jpeg
Size: 3142 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs-heart/attachments/20150721/dd595af3/attachment.jpg>


More information about the Openid-specs-heart mailing list