Skip to content

jimfuqian/BB2-3798 Update readme to reflect smart app v2 scope usage #65

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
JFU-NAVA-PBC merged 8 commits into from
May 13, 2025
Merged

jimfuqian/BB2-3798 Update readme to reflect smart app v2 scope usage #65

Changes from 3 commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
d677c25
update readme scopes related text to reflect smart app v2 scopes per AC.
JFU-NAVA-PBC Apr 10, 2025
053e2ad
add link to SMART App v2 scopes spec.
JFU-NAVA-PBC Apr 14, 2025
1c225cd
add limk to 'scopes' in bb2 dev doc
JFU-NAVA-PBC Apr 15, 2025
99f8d3d
minor edit
JFU-NAVA-PBC Apr 21, 2025
b52f7fc
minor edits
JFU-NAVA-PBC Apr 21, 2025
13e4356
re-gen docs, merge master into this pr.
JFU-NAVA-PBC Apr 29, 2025
e1e80a2
sync with main
JFU-NAVA-PBC Apr 30, 2025
f8eead4
make sure sdk version points to 1.0.5, ready for publish
JFU-NAVA-PBC May 1, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
59 changes: 37 additions & 22 deletions readme.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -176,7 +176,7 @@ Example:

The following code shows the SDK used with a Node JS Express server. This code walks through:

- Obtaining an access token with scope chosen by a user
- Obtaining an access token with scope ([Scopes](https://bluebutton.cms.gov/developers/#scopes)) chosen by a user
- Passing the token to query for FHIR data
- Using URL links from the response to page through data
- Using the SDK paging support to return all data in one call
Expand Down Expand Up @@ -215,29 +215,44 @@ app.get('api/bluebutton/callback', async (req: Request, res: Response) => {
// Check the scope of the current access token:
const scopes: string[] = authToken.scope;
// iterate scope entries here or check if a permission is in the scope
if (authToken.scope.index("patient/Patient.read") > -1) {
// patient info access granted
if (authToken.scope.index("patient/Patient.r") > -1) {
// patient read access (patient/Patient.r) granted,
// similarly can check patient search permission: patient/Patient.s, or
// patient read and search permission: patient/Patient.rs
}

/**
* 1. Access token scope with demographic info:
*
* scope: [
* "patient/Coverage.read",
* "patient/ExplanationOfBenefit.read",
* "patient/Patient.read",
* "profile",
* "openid",
* ]
*
* 2. Access token scope without demographic info:
*
* scope: [
* "patient/Coverage.read",
* "patient/ExplanationOfBenefit.read",
* "openid",
* ]
*/
/** Example scopes (SMART App v2 scopes)
*
* 1. Access token scope with demographic info:
*
* scope: [
* "profile",
* "openid",
* "patient/Patient.r",
* "patient/Patient.s",
* "patient/Patient.rs",
* "patient/ExplanationOfBenefit.r",
* "patient/ExplanationOfBenefit.s",
* "patient/ExplanationOfBenefit.rs",
* "patient/Coverage.r",
* "patient/Coverage.s",
* "patient/Coverage.rs",
* "launch/patient",
* ]
*
* 2. Access token scope without demographic info:
*
* scope: [
* "openid",
* "patient/ExplanationOfBenefit.r",
* "patient/ExplanationOfBenefit.s",
* "patient/ExplanationOfBenefit.rs",
* "patient/Coverage.r",
* "patient/Coverage.s",
* "patient/Coverage.rs",
* "launch/patient",
* ]
*/

// Data flow: After access granted,
// your app logic can fetch the beneficiary's data in specific ways.
Expand Down