Skip to main content

Login

Login event and session details.

Properties

NameRequiredTypeDescription
clientReference<ClientApplication>

Details

The client requesting the code.

profileTypecode

Details

Optional required profile resource type.

projectReference<Project>

Details

Optional required project for the login.

userReference< Bot | ClientApplication | User >

Details

The user requesting the code.

membershipReference<ProjectMembership>

Details

Reference to the project membership which includes FHIR identity (patient, practitioner, etc), access policy, and user configuration.

scopestring

Details

OAuth scope or scopes.

authMethodstring

Details

The authentication method used to obtain the code (password or google).

authTimeinstant

Details

Time when the End-User authentication occurred.

cookiestring

Details

The cookie value that can be used for session management.

codestring

Details

The authorization code generated by the authorization server. The authorization code MUST expire shortly after it is issued to mitigate the risk of leaks. A maximum authorization code lifetime of 10 minutes is RECOMMENDED. The client MUST NOT use the authorization code more than once. If an authorization code is used more than once, the authorization server MUST deny the request and SHOULD revoke (when possible) all tokens previously issued based on that authorization code. The authorization code is bound to the client identifier and redirection URI.

codeChallengestring

Details

PKCE code challenge presented in the authorization request.

codeChallengeMethodstring

Details

OPTIONAL, defaults to "plain" if not present in the request. Code verifier transformation method is "S256" or "plain".

refreshSecretstring

Details

Optional secure random string that can be used in an OAuth refresh token.

noncestring

Details

Optional cryptographically random string that your app adds to the initial request and the authorization server includes inside the ID Token, used to prevent token replay attacks.

mfaVerifiedboolean

Details

Whether the user has verified using multi-factor authentication (MFA). This will only be set is the user has MFA enabled (see User.mfaEnrolled).

grantedboolean

Details

Whether a token has been granted for this login.

revokedboolean

Details

Whether this login has been revoked or invalidated.

adminboolean

Details

DEPRECATED

superAdminboolean

Details

Whether this login has super administrator privileges.

launchReference<SmartAppLaunch>

Details

Optional SMART App Launch context for this login.

remoteAddressstring

Details

The Internet Protocol (IP) address of the client or last proxy that sent the request.

userAgentstring

Details

The User-Agent request header as sent by the client.

Search Parameters

NameTypeDescriptionExpression
codereferenceThe user of the loginLogin.user
codetokenThe code of the loginLogin.code
cookietokenThe cookie code of the loginLogin.cookie

Inherited Properties

NameRequiredTypeDescription
idstring

Logical id of this artifact

Details

The logical id of the resource, as used in the URL for the resource. Once assigned, this value never changes.

metaMeta

Details

The metadata about the resource. This is content that is maintained by the infrastructure. Changes to the content might not always be associated with version changes to the resource.

implicitRulesuri

Details

A reference to a set of rules that were followed when the resource was constructed, and which must be understood when processing the content. Often, this is a reference to an implementation guide that defines the special rules along with other profiles etc.

languagecode

Details

The base language in which the resource is written.