Skip to main content

Part of Authoring FHIR terminology resources

Resource community permission strategies

Previous Chapter

Securing a FHIR resource for a community

Current Chapter

Current chapter – Resource community permission strategies

View all

Next Chapter

Removing community permissions from a resource
Page contents

Before you start

When you upload a FHIR Resource to the Terminology Server it is available to everyone to read (and update it if they also have the author role).  If you want to limit who can read and update a resource, you can limit access to the resource by assigning rights to a community. So only members of that community will be able to access the resource.

You can do this by adding FHIR Security Labels to a resources, which Snapper has user interface features to support.

Community rights

There are two rights that you can assign to a community read and write.

A read permission to a resource allows members of a community with author or consumer access to search for, view, and validate that resource.

A write permission to a resource allows members of a community with consumer access to read the resource, and members with author access to update the resource.

Within a community, members will be designated as a community consumer or a community author so what a user can do with a FHIR Resource is determined by a combination of the rights you assign to the community, and a user's role within a community.

If a resource has multiple security labels attached, then a user need only be a member of any of the communities for the associated permission to apply.

For example,  a resource with security labels: admin.read, admin.write, pathology.read and imaging.read, so a user in any of the admin, pathology, or imaging communities with consumer or author permissions to read the resource, but only users in the admin community with author permissions can update it. 

Assigning rights to communities when you are not a member

You do not need to be a member of a community to assign rights to a resource.  Before assigning rights to a community you are not a member of, ensure you have set up rights (read and/or write) for the resource in one of your own communities.

You can allow members of a particular community to read your resource even though you are not a member of that community. However, be aware if you assign rights to a community that you are not member of for a resource that has no other FHIR security labels set, you will lose read and write access to the resource.

Problems

The base installation includes a community content administrator user who has the power to fix community permission issues if you run into permission problems.

They are a super user who have access to all resources, regardless of community permissions, and can remove or add security tags to restore access if a resource becomes inaccessible to normal uses by mistake. Please email [email protected] to request any fixes.

Last edited: 4 June 2025 9:06 am

Previous Chapter

Securing a FHIR resource for a community

Next Chapter

Removing community permissions from a resource

Chapters

  1. Authoring FHIR terminology resources
  2. Create a new code system
  3. How to create a new value set
  4. Make a value set that contains an entire code system
  5. Create a new concept map
  6. How to import your resource as a JSON file into Snapper
  7. How to delete a FHIR resource
  8. Modify an existing FHIR resource
  9. Securing a FHIR resource for a community
  10. Resource community permission strategies
  11. Removing community permissions from a resource
  12. Anonymous global read access to a resource
  13. Create a post co-ordinated expression library
  14. Using a post co-ordinated expression library
  15. Batch adding resources in FHIR Bundles
  16. Using system-to-system account credentials