Generally available: FHIR service integration with Azure Active Directory B2C
Published date: January 22, 2024
We're excited to announce that healthcare organizations can now use the FHIR service in Azure Health Data Services with Azure Active Directory B2C (Azure AD B2C). This capability gives organizations a secure and convenient way to grant access to the FHIR service in Azure Health Data Services with fine-grained access control for different users or groups, without creating or comingling user accounts in their organization’s Microsoft Entra ID tenant.
With this integration, organizations can:
- Use additional identity providers to authenticate and access FHIR resources with SMART on FHIR scopes.
- Manage and customize user access rights or permissions with SMART on FHIR scopes that support fine-grained access control, FHIR resource types and interactions, and a user’s underlying privileges.
To set up the integration, you need to:
- Create an Azure AD B2C tenant for the FHIR service.
- Configure the identity provider settings for the FHIR service.
- Register your applications and users with Azure AD B2C.
- Use access tokens issued by Azure AD B2C to access FHIR service resources.
Learn more:
- Use Azure Active Directory B2C to grant access to the FHIR service in Azure Health Data Services
- Configure multiple service identity providers for the FHIR service in Azure Health Data Services
- Troubleshoot identity provider configuration for the FHIR service in Azure Health Data Services
- SMART on FHIR - Azure Health Data Services | Microsoft Learn
- Sample: Azure ONC (g)(10) SMART on FHIR