Login

Login event and session details.

Schema

Elements

Name	Required	Type	Description
client		Reference<ClientApplication>	Details The client requesting the code.
profileType		code	Details Optional required profile resource type.
project		Reference<Project>	Details Optional required project for the login.
user	✓	Reference< Bot | ClientApplication | User >	Details The user requesting the code.
membership		Reference<ProjectMembership>	Details Reference to the project membership which includes FHIR identity (patient, practitioner, etc), access policy, and user configuration.
scope		string	Details OAuth scope or scopes.
authMethod	✓	code	Details The authentication method used to obtain the code (password or google).
authTime	✓	instant	Details Time when the End-User authentication occurred.
cookie		string	Details The cookie value that can be used for session management.
code		string	Details The authorization code generated by the authorization server. The authorization code MUST expire shortly after it is issued to mitigate the risk of leaks. A maximum authorization code lifetime of 10 minutes is RECOMMENDED. The client MUST NOT use the authorization code more than once. If an authorization code is used more than once, the authorization server MUST deny the request and SHOULD revoke (when possible) all tokens previously issued based on that authorization code. The authorization code is bound to the client identifier and redirection URI.
codeChallenge		string	Details PKCE code challenge presented in the authorization request.
codeChallengeMethod		code	Details OPTIONAL, defaults to "plain" if not present in the request. Code verifier transformation method is "S256" or "plain".
refreshSecret		string	Details Optional secure random string that can be used in an OAuth refresh token.
nonce		string	Details Optional cryptographically random string that your app adds to the initial request and the authorization server includes inside the ID Token, used to prevent token replay attacks.
mfaVerified		boolean	Details Whether the user has verified using multi-factor authentication (MFA). This will only be set is the user has MFA enabled (see User.mfaEnrolled).
granted		boolean	Details Whether a token has been granted for this login.
revoked		boolean	Details Whether this login has been revoked or invalidated.
admin		boolean	Details @deprecated
superAdmin		boolean	Details @deprecated
launch		Reference<SmartAppLaunch>	Details Optional SMART App Launch context for this login.
remoteAddress		string	Details The Internet Protocol (IP) address of the client or last proxy that sent the request.
userAgent		string	Details The User-Agent request header as sent by the client.

Search Parameters

Name	Type	Description	Expression
user	reference	The user of the login	Login.user
code	token	The code of the login	Login.code
cookie	token	The cookie code of the login	Login.cookie

Inherited Elements

Name	Required	Type	Description
id		string	Logical id of this artifact Details The logical id of the resource, as used in the URL for the resource. Once assigned, this value never changes.
meta		Meta	Details The metadata about the resource. This is content that is maintained by the infrastructure. Changes to the content might not always be associated with version changes to the resource.
implicitRules		uri	Details A reference to a set of rules that were followed when the resource was constructed, and which must be understood when processing the content. Often, this is a reference to an implementation guide that defines the special rules along with other profiles etc.
language		code	Details The base language in which the resource is written.
text		Narrative	Text summary of the resource, for human interpretation Details A human-readable narrative that contains a summary of the resource and can be used to represent the content of the resource to a human. The narrative need not encode all the structured data, but is required to contain sufficient detail to make it "clinically safe" for a human to just read the narrative. Resource definitions may define what content should be represented in the narrative to ensure clinical safety.
contained		Resource[]	Contained, inline Resources Details These resources do not have an independent existence apart from the resource that contains them - they cannot be identified independently, and nor can they have their own independent transaction scope.
extension		Extension[]	Additional content defined by implementations Details May be used to represent additional information that is not part of the basic definition of the resource. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.
modifierExtension		Extension[]	Extensions that cannot be ignored Details May be used to represent additional information that is not part of the basic definition of the resource and that modifies the understanding of the element that contains it and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer is allowed to define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions. Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).