Vladimir Ignatov

If you try loading those URLs in a browser window you will get back XML. That is because browsers send some accept headers by default. Otherwise you would get JSON,...

I see that they have added CORS now, so this can be closed.

Thank you for helping me realize that all of my server examples are somehow broken in a similar way (despite being frozen). In my case, it turns out that CodeSandbox...

That is an interesting idea, but I'm afraid we do need a well-known location for our storage. Here is the gist of how that works for EHR launch (which is...

> In our project we need a separate token for mutations Can you explain how that works? Do you get different permissions based on the token you use (but still...

Sounds like an interesting use-case but I'm not sure I'm following. Can you provide a pseudo code example of what you would like to be able to do?

Well, this is how it is supposed to work, except that it uses sessionStorage in the browser instead of cookies. That "state" is created at launch time (when `authorize` is...

OK, that makes sense. It may be more complicated than it looks though. 1. If you have control over the state object, it would be your responsibility to maintain it...

I have never done it myself but I know that people are successfully using app-claimed URLs - https://www.oauth.com/oauth2-servers/redirect-uris/redirect-uris-native-apps/

Can you post the JSON response from the `MedicationDispense/${medicationDispense.id}` request (or a link to it if its an open server)?