In this video we review Asymmetric Authentication in SMART V2. After evaluating the basic operation and some of the limitations of SMART V1-style symmetric authentication, we review the V2 protocol for asymmetric authentication including 1) how a server advertises support, 2) how clients can register their keys with a server, and 3) how a client can use their keys to generate one-time authentication assertions.
Links:
* https://hl7.org/fhir/smart-app-launch/client-confidential-symmetric.html
* https://hl7.org/fhir/smart-app-launch/client-confidential-asymmetric.html
* https://tools.ietf.org/html/rfc7523
