What is SMART on FHIR?
SMART on FHIR (Substitutable Medical Applications, Reusable Technologies) is an authorization framework that defines how apps connect to FHIR servers on behalf of patients or clinicians. It combines OAuth 2.0 for authorization and OpenID Connect for authentication, with FHIR-specific extensions.
SMART is how the Apple Health app reads your medical records from hospital EHRs. In the US, it is mandated by the 21st Century Cures Act. In Europe, it is specified in the EHDS framework for patient-facing access to health data.
SMART launch types
- EHR Launch: The app is launched from within the EHR (embedded in the clinical workflow). The EHR passes context (patient ID, encounter ID) to the app at launch.
- Standalone Launch: The app launches independently and connects to a FHIR server using standard OAuth2. Used for patient-facing apps and mobile apps.
- Backend Services: Server-to-server authorization using JWT client credentials — no user interaction. Used for data pipelines, analytics, bulk data access.
SMART scopes
| Scope | Meaning |
|---|---|
| patient/Patient.read | Read Patient resources in the patient context |
| patient/*.read | Read all resource types in the patient context |
| user/Observation.read | Read Observations the clinician can access |
| system/*.read | Backend service — all resources, no user |
| launch/patient | Request that EHR provides patient context at launch |
| openid profile | OpenID Connect — user identity |
SMART discovery
A FHIR server advertises SMART support via its CapabilityStatement and a well-known endpoint at [base]/.well-known/smart-configuration. This tells apps where the authorization server is, what scopes it supports, and what PKCE requirements apply.