SMART on FHIR: OAuth-Based Healthcare App Platform
SMART on FHIR is the OAuth 2.0 and OpenID Connect specification that lets third-party applications launch from EHRs (Epic, Cerner, AthenaHealth, others) with scoped, user-authorized access to FHIR resources.
How SMART on FHIR launches work
Two launch modes:
- EHR launch — clinician opens the app from inside the EHR; the EHR passes the patient context (and optionally encounter context) to the app via OAuth 2.0 token.
- Standalone launch — app launched independently; user (clinician or patient) authenticates via OAuth and authorizes data access.
Once authorized, the app calls the EHR's FHIR API with the access token to read scoped resources.
Why SMART matters for analytics integration
SMART on FHIR provides the standardized, secure, vendor-neutral way for analytics platforms and clinical apps to integrate with EHRs. The OAuth-based authorization model is the security foundation that lets read-only analytics connectors operate at scale across Epic, Cerner / Oracle Health, AthenaHealth, eClinicalWorks, and other certified EHRs.
Where Vizier fits
Vizier's direct EHR connectors use SMART on FHIR (or vendor-equivalent OAuth flows) wherever supported. Authorization is scoped to the FHIR resources the customer's IT team approves; access is read-only by grant; audit logs capture every query.