fhir-works-on-aws-deployment icon indicating copy to clipboard operation
fhir-works-on-aws-deployment copied to clipboard

Published 20 hours ago verified publisher icon awslabs

Make email attribute optional to unblock federated ID integration with FHIR Works

Open channaba opened this issue 2 years ago • 2 comments

Is your feature request related to a problem? Please describe. An advanced AWS partner use FHIR Works for one of their customers, and created the Cognito based configuration. However this customer uses a different IDP so we had to enable Federation in Cognito. The problem is that the current FHIR Works stack creates the pool with email required which means that email attribute is immutable. Cognito however when using federation updates all attributes for the user on each successful login, hence why the errors of not being able to change an immutable attribute.

Describe the solution you'd like FHIR Works can make the email as not-required (optional)?

Describe alternatives you've considered Nothing is found to be a reasonable alternative as most require recreate of the user pool in Cognito..

Additional context Because email is required on the pool Cognito cannot properly work with federation. We have opened a ticket through the AWS console and the response we got back is that we need to re-create the pool. That’s not really an option for us since that pool has both federated and internal users and second is part of the FHIR Works stack.

channaba avatar Jul 13 '22 18:07 channaba

Thanks for your request. I've added this feature request to our backlog. We'll keep this ticket updated with any news related to the feature.

nguyen102 avatar Jul 18 '22 01:07 nguyen102

Thank you for the update. Can you please let me know approximately when we can expect this request is up for review/implementation?

channaba avatar Aug 16 '22 13:08 channaba

+1 Same use case as @channaba

atrudeau-vitall avatar Feb 22 '23 17:02 atrudeau-vitall

FHIR Works on AWS has been moved to maintenance mode. While in maintenance, we will not add any new features to this solution. All security issues should be reported directly to AWS Security at [[email protected]] (mailto:[email protected]). If you are new to this solution, we advise you to explore using [HealthLake] (https://aws.amazon.com/healthlake), which is our managed service for building FHIR based transactional and analytics applications. You can get started by contacting your AWS Account team. If you are an existing customer of FHIR Works on AWS, and have additional questions or need immediate help, please reach out to [email protected] or contact your AWS Account team.

nisankep avatar Apr 03 '23 22:04 nisankep