Made with ❤️ by Anton Vasetenkov
Mastering SMART on FHIR scopes
Mar 30, 2023

Mastering SMART on FHIR scopes

What are SMART on FHIR scopes and how do they work?

SMART on FHIR is a standard for integrating healthcare applications with electronic health records (EHRs) using a secure, token-based authentication mechanism. SMART on FHIR scopes define the level of access that an application has to a patient's health information within an EHR system.

What are SMART on FHIR scopes?

SMART on FHIR scopes are a set of permissions that an application can be granted when it connects to an EHR system using the SMART on FHIR protocol. These scopes define what data the application can access and what operations it can perform on the user's behalf. For example, an application might request read-only access to the patient's medication list, or it might request write access to add new medications to the list.

Each SMART on FHIR scope corresponds to a specific resource type in the FHIR data model. For example, the patient/Observation.rs scope allows the application to read and search the observations for the current patient, while the user/*.cruds scope allows the application to manage all resources on behalf of the authorizing user.

How do SMART on FHIR scopes work?

When an application needs access to a patient's health information, it sends an authorization request to the EHR system's authorization server. This request includes a list of scopes that the application is requesting. If the request is approved, the authorization server provides an access token that the application can use to query the resources.

Why are SMART on FHIR scopes important?

SMART on FHIR scopes are an essential part of the SMART on FHIR standard because they provide granular control over patient health information access. By limiting the scope of an application's access, patients can trust that their data is being used only for the purposes they have explicitly consented to.


SMART on FHIR scopes enforce fine-grained access controls and prevent applications from accessing more data than they need which greatly enhances patient privacy and security.

See also
CQL-to-ELM Converter
Convert CQL to ELM online.
CQL Testing Tool
Test Clinical Quality Language against mock FHIR resources.
FHIR Terminology Service Client
An online tool for querying FHIR terminology services.
CDS Hooks Testing Tool
Test and debug CDS Hooks flows online.
Cloud-based FHIR IG Publisher
A zero-setup way to generate FHIR Implementation Guides from source.
FHIR Converter
Convert FHIR documents from XML to JSON and from JSON to XML.
Help: FSH Editor
An introduction to FSH Editor.
CQL Editor
An online editor for the Clinical Quality Language.
FHIR R5 is now fully released
The fifth major release of the FHIR standard is here.