CharmHealth · OAuth Scopes

CharmHealth OAuth Scopes

OAuth 2.0 derived

CharmHealth publishes 7 OAuth 2.0 scopes via the authorizationCode and clientCredentials flows. Scopes are the fine-grained permissions an application requests at authorization time to act against the CharmHealth API on a user’s behalf.

Tokens are issued from https://ehr2.charmtracker.com/oauth/v2/token.

This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.

EHREMRFHIRHealthcareHL7Patient EngagementPatientsSMART on FHIRUS Core
Scopes: 7 Flows: authorizationCode, clientCredentials Method: derived

OAuth endpoints

Authorization URL
https://ehr2.charmtracker.com/oauth/v2/auth
Token URL
https://ehr2.charmtracker.com/oauth/v2/token
Flows
authorizationCodeclientCredentials

Scopes (7)

ScopeDescriptionFlows
launch/patient Patient context launch authorizationCode
patient/Condition.read Read conditions authorizationCode
patient/MedicationRequest.read Read medication orders authorizationCode
patient/Observation.read Read observations authorizationCode
patient/Patient.read Read patient demographic data authorizationCode
system/*.read Backend services read access clientCredentials
user/*.read Read all user-accessible resources authorizationCode

Source

OAuth Scopes

charmhealth-scopes.yml Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/charmhealth-fhir-api-openapi.yml
schemes:
- name: smartOnFhir
  source: openapi/charmhealth-fhir-api-openapi.yml
  flows:
  - flow: authorizationCode
    authorizationUrl: https://ehr2.charmtracker.com/oauth/v2/auth
    tokenUrl: https://ehr2.charmtracker.com/oauth/v2/token
  - flow: clientCredentials
    tokenUrl: https://ehr2.charmtracker.com/oauth/v2/token
  description: SMART on FHIR authorization with patient/, user/, and system/ scopes.
scopes:
- scope: launch/patient
  description: Patient context launch
  flows:
  - authorizationCode
  sources:
  - openapi/charmhealth-fhir-api-openapi.yml
- scope: patient/Condition.read
  description: Read conditions
  flows:
  - authorizationCode
  sources:
  - openapi/charmhealth-fhir-api-openapi.yml
- scope: patient/MedicationRequest.read
  description: Read medication orders
  flows:
  - authorizationCode
  sources:
  - openapi/charmhealth-fhir-api-openapi.yml
- scope: patient/Observation.read
  description: Read observations
  flows:
  - authorizationCode
  sources:
  - openapi/charmhealth-fhir-api-openapi.yml
- scope: patient/Patient.read
  description: Read patient demographic data
  flows:
  - authorizationCode
  sources:
  - openapi/charmhealth-fhir-api-openapi.yml
- scope: system/*.read
  description: Backend services read access
  flows:
  - clientCredentials
  sources:
  - openapi/charmhealth-fhir-api-openapi.yml
- scope: user/*.read
  description: Read all user-accessible resources
  flows:
  - authorizationCode
  sources:
  - openapi/charmhealth-fhir-api-openapi.yml