Idea on tokenizing FHIR’s comma separated values to use in AccessPolicies. For instance:
url: 'http://localhost:8080/fhir/Coverage',
method: 'get',
params: { beneficiary: 'bart,lisa' },
When a request comes in, we put all the dependents of a user in its jwt as a claims array, including himself (homer): deps: [homer, bart, lisa,marge, maggie]
If we could get the params as:
params: { beneficiary: [bart, lisa] } then we could do perhaps a json schema array enum check. What do you guys think?
We want to check that bart and lisa is inside the JWT array.
SQL is going to be horrible slow for this.
Idea on tokenizing FHIR’s comma separated values to use in AccessPolicies. For instance: url: 'http://localhost:8080/fhir/Coverage', method: 'get', params: { beneficiary: 'bart,lisa' }, When a request comes in, we put all the dependents of a user in its jwt as a claims array, including himself (homer): deps: [homer, bart, lisa,marge, maggie] If we could get the params as: params: { beneficiary: [bart, lisa] } then we could do perhaps a json schema array enum check. What do you guys think? We want to check that bart and lisa is inside the JWT array. SQL is going to be horrible slow for this.