[Openid-specs-heart] Draft HEART Meeting Notes 2017-04-17

Sarah Squire sarah at engageidentity.com
Mon Apr 17 22:43:42 UTC 2017 

Attending:

Debbie Bucci

Cait Ryan

Celestin Bitjonck

Edmund Jay

Jim Kragh

Justin Richer

Luis Maas

Sarah Squire

Thomas Sullivan

Thompson Boyd


Sarah:

Regarding the OAuth 2 FHIR profile, I think the section on scope examples
is so similar to our scope types that it’s misleading.

Justin:

Yeah, that makes sense. We should delete or reword that section.

Sarah:

And what about the “aud” parameter for bulk use cases?

Justin:

It wouldn’t be used for bulk cases. Then the audience would be indicated in
the scopes.

Luis:

Permission is misleading in section 2.1

Also the resource list has been updated. Maybe we should point to a
specific version of FHIR?

Justin:

The intent is to accommodate any version of FHIR going forward, but for
purposes of examples we can point to a specific version, so we can explain
how to construct these.

So I’ll change this so that we reference the non-versioned registry first,
and then we’ll say that these are common examples from a specific version.

Luis:

So in the UMA FHIR profile, would a patient have to register 40 separate
resources or can a patient register an entire compartment?

Justin:

We could have a structure where we allow people to register compartments
and then just say you can use whatever FHIR resource you want as a scope.
I’ll write that up and send it out to the list.

Debbie:

So this allows us to say I want everything?

Justin:

Right

Thomas:

So if we allow an “I want everything”? What if the patient doesn’t want to
show everything?

Sarah:

In this case, it’s the patient saying “I want everything”

Thomas:

Ah, okay. I’d still like to talk more about breaking the glass, but we can
talk about that more later.

Luis:

Also in Appendix B of the OAuth FHIR profile, can we let folks know that
these are examples of a specific version of FHIR?

Justin:

In the UMA FHIR spec, there are two lists that are surrounded by brackets.
We need to define or reference a list for these. If people could send
suggestions to the list, that would be very helpful.


Sarah Squire
Engage Identity
http://engageidentity.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-heart/attachments/20170417/33421354/attachment.html>

More information about the Openid-specs-heart mailing list