I have created a fhir server using Azure API for FHIR. I have created a smartclient in azure using the MS open source smart on fhir proxy.(https://github.com/microsoft/fhir-proxy/tree/main/scripts) I basically got standalone launch working using the this proxy.
I have used MSI as an authentication system and AAD as an identity provider.
The azure AD consent prompt is all or nothing (the app asks the user to consent to a list of permissions, the user can accept or deny all). The limited access scenario (g)(10)(v)(A)(10,11,12) seems to require that the user is presented with a list of permissions with the ability to accept or deny each one.
How can I achieve this using AAD?
I have seen something like this azure graph explorer(Please see the ss), but I'm not sure how I can achieve this here in AAD.
Here is the more detail information about my case:-
smartclient name :-proxy10391-smart-client-1212 fhir server:- fhirstandalonecli fhir proxy:-sfp-proxy10391.azurewebsites.net
I have assigned these permissions to my smartclient:- enter image description here
Whenever I'm using Oauth2.0 flow user is automatically getting permissions to access all of the above resources. For Limited App case I want user to select individual permissions at run time. Suppose user has not selected Observation resource then user can't access that resource.
Any idea how can I achieve this using azure AAD?
I will really appreciate your help.
