Aidbox currently directly returns pre-signed URLs (downloadable files) with no access token required on top of them. The ask is to return a URL that requires auth check and generate pre-signed URLs only when asked for a specific file
Solution I see
In the bulk export API response, instead of a downloadable link with (24hr validity in the case of AWS), where the link can be accessed by anyone with or without access, rather return a URL that is behind auth checks and download the file on a request with the token.
Problem I need to solve
While using bulk export, it is optional whether downloading the generated files requires a bearer access token, which is denoted by requiresAccessToken key in the response as mentioned here: https://hl7.org/fhir/uv/bulkdata/export/index.html#response---complete-status
Aidbox currently directly returns pre-signed URLs (downloadable files) with no access token required on top of them. The ask is to return a URL that requires auth check and generate pre-signed URLs only when asked for a specific file
Solution I see
In the bulk export API response, instead of a downloadable link with (24hr validity in the case of AWS), where the link can be accessed by anyone with or without access, rather return a URL that is behind auth checks and download the file on a request with the token.
Alternatives I've considered, but they don't work
Additional context