Backend Services
A Backend Services client is non-interactive: a server authenticates with the client_credentials grant, no user involved. Use it for bulk export and server-to-server access. Register one from the Backend Services section of the Developer Portal dashboard.
Register a Backend Service
- From the dashboard, click Register New under Backend Services
- Fill in the service details
- Pick an Authentication method:
- JWKS URI: host a public JWKS; the service signs a
private_key_jwtassertion. The SMART Backend Services method, required for ONC G10 / certified bulk data. - Client secret: the portal generates a
client_id+client_secret, shown once. Simpler, but not SMART Backend Services / G10 compliant. Rotate it from the service's detail page.
- JWKS URI: host a public JWKS; the service signs a
- Set the system scopes: the subject is always
System. Choose scope version (v1 or v2), FHIR resource, and operations (Create, Read, Update, Delete, Search). Produces scope strings likesystem/Patient.rsorsystem/*.read. - In multi-organization (OrgBAC) deployments, select the Organization whose data the service may access
- Click Create
Token exchange: Authentication.
Sandbox and production
Draft and under-review services run against the sandbox (developer Aidbox, sample data). On approval the client is copied to production (Payerbox PHI Aidbox) and its access policy is derived from the scopes. The service's detail page shows the environment constants (FHIR base URL, SMART configuration, token URL, capability statement); production URLs appear once approved.
Submit for review
When the service is ready:
- Open the service's draft page
- Click Submit for Review
- Status changes to Under Review
Administrators review it from the Admin Portal and approve or reject. On approval the service moves to production (Sandbox and production).
Service status
| Status | Description |
|---|---|
| Draft | Created, not yet submitted |
| Under Review | Submitted, waiting for admin decision |
| Active | Approved and live in production |
| Rejected | Declined at review, or deactivated after going live |