How does OperationOutcome communicate limitations imposed by security?

XMLWordPrintableJSON

    • Type: Change Request
    • Resolution: Persuasive with Modification
    • Priority: Medium
    • FHIR Core (FHIR)
    • DSTU1 [deprecated]
    • FHIR Infrastructure
    • STU
    • OperationOutcome
    • Hide

      Add example of using break the glass based on existing break the glass definitions on security page to operation outcome itself, and reference that from this paragraph

      Show
      Add example of using break the glass based on existing break the glass definitions on security page to operation outcome itself, and reference that from this paragraph
    • Grahame Grieve / Ewout Kramer : 7-0-1
    • Enhancement
    • Non-substantive
    • DSTU1 [deprecated]

      http://hl7-fhir.github.io/security.html says:

      Chained search implementations need to observe the restrictions on a user in the chained search, and that it would be normal to simply omit resources from the search if the user is not authorized, but a server may elect to add an operationOutcome to indicate that additional resources may be available if other access tokens are used (e.g. break the glass).


      ... but how does this happen? Where does it go? Example? And what value of Bundle.entry.search.mode is assigned to such an OperationOutcome response?

            Assignee:
            Unassigned
            Reporter:
            Josh Mandel
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: