I am new and just beginning to explore Commure’s platform and the FHIR server etc.
From a high-level architecture pov, I am wondering about the following (which is really going to help me decide, whether I should build on top of Commure or not).
What is a compliant authentication, and other approach for a typical application scenario (not covered in Commure’s documentation anywhere), which is: a 3rd party developer, or an existing Healthcare app has its own business logic for existing applications on its own servers (w/ its own authentication and logic etc.) – that does a lot of non-Commure type of stuff (eg. sending messages to the patient population, holding telemedicine meetings, queuing etc.) … and now wishes to use the Commure platform for the FHIR aspects of their app that deals with the FHIR data access and other services being provided by Commure.
In the above case for example (which I believe is the most typical use-case), several aspects of the app logic (including the initial authentication and billing management etc.) will have to live on another set of services / servers with parts of it to be accessed via the Commure FHIR servers.