We’re excited to announce that healthcare organizations can now use the FHIR service in Azure Health Data Services with Azure Active Directory B2C (Azure AD B2C). This capability gives organizations a secure and convenient way to grant access to the FHIR service in Azure Health Data Services with fine-grained access control for different users or groups, without creating or comingling user accounts in their organization’s Microsoft Entra ID tenant.
With this integration, organizations can:
- Use additional identity providers to authenticate and access FHIR resources with SMART on FHIR scopes.
- Manage and customize user access rights or permissions with SMART on FHIR scopes that support fine-grained access control, FHIR resource types and interactions, and a user’s underlying privileges.
To set up the integration, you need to:
- Create an Azure AD B2C tenant for the FHIR service.
- Configure the identity provider settings for the FHIR service.
- Register your applications and users with Azure AD B2C.
- Use access tokens issued by Azure AD B2C to access FHIR service resources.
Read more here: Source link