locked
can offline access be granted to an application without setting offline rules in Configuration center? RRS feed

  • Question

  • Steps followed to access Heathvault information in offline mode(using Healthvault Java SDK):

    1)created an applicationId using Configuration center

    2)uploaded public key,generated keystore

    3)configured offline rules

    4)obtained PersonId,RecordId after authorizing application using a Live Id(using webapp)

    5)able to access Healthvault information in offline mode using obtained information(PersonId,RecordId)

    Used the same webapp(same appId,keystore) to authorize the application to access health records of another Live Id,and fetched PersonId,RecordId.

    if i use this set of PersonId,RecordId(obtained using second LiveId),I am able to update health information of this second LiveId in offline mode.

    Shouldnt offline access to second liveId be denied as I havent set offline rules for second live Id in configuration center to grant access to standalone application?

    Thursday, June 16, 2011 7:11 AM

Answers

  • Hello Arun Sundar,

    You don't need to set the offline rules for each and every user who authorizes your application because the application will have all the configuration information like rules, access permissions,.. etc. In your scenario the second live Id should not get access denied once that user authorize the application for the first time. You can use that user's personID and recordID in the subsequent offline calls with out any issue. You can look into this URL for more information on offline access.

    The application Id will be created in the certificate store and will be uploaded with one live Id (Administrator of the application ID). Using the administrator account you can add or delete or update any configuration of the application ID in Configuration center. Then any number of users can authorize that application.

    Hope this helps,

    Regards,

    Madan Kamuju

    • Proposed as answer by Madan kamuju Thursday, June 16, 2011 2:12 PM
    • Marked as answer by S Arun Sundar Friday, June 17, 2011 10:38 AM
    Thursday, June 16, 2011 2:12 PM

All replies

  • Hello Arun Sundar,

    You don't need to set the offline rules for each and every user who authorizes your application because the application will have all the configuration information like rules, access permissions,.. etc. In your scenario the second live Id should not get access denied once that user authorize the application for the first time. You can use that user's personID and recordID in the subsequent offline calls with out any issue. You can look into this URL for more information on offline access.

    The application Id will be created in the certificate store and will be uploaded with one live Id (Administrator of the application ID). Using the administrator account you can add or delete or update any configuration of the application ID in Configuration center. Then any number of users can authorize that application.

    Hope this helps,

    Regards,

    Madan Kamuju

    • Proposed as answer by Madan kamuju Thursday, June 16, 2011 2:12 PM
    • Marked as answer by S Arun Sundar Friday, June 17, 2011 10:38 AM
    Thursday, June 16, 2011 2:12 PM
  • Hi Madan,

    Thanks for your explanation,got few more questions.

    Can second Live Id user have option to decide if application can be granted offline access?,in present scenario second Live Id user grants online access to application,since application has offline access to first LiveId health information,it has offline access to second Live Id health information too,second Live Id user may not be aware application has offline access to users's health information.isnt that not right?

    Thanks,

    Arun

     

    • Marked as answer by S Arun Sundar Friday, June 17, 2011 10:35 AM
    • Unmarked as answer by S Arun Sundar Friday, June 17, 2011 10:38 AM
    Friday, June 17, 2011 6:12 AM
  • Hello ,

    I have discussed this issue through Phone with Arun and i have explained the complete flow of offline access. The issue is resolved now.

    Regards,

    Madan Kamuju

    Friday, June 17, 2011 10:22 AM
  • thanks Madan for explaining in detail the flow of offline access.

     

    Thanks,

    Arun

    Friday, June 17, 2011 10:35 AM
  • Hi,

       Healthvault provide two type of mode for auth online and offline. Online i have tested which comes in sample of sdk 1.6. But i am stuck to authentication and authorization healthvault from offline mode.

    Followed offline steps:

    1)created an applicationId using Configuration center

    2)uploaded public key,generated keystore

    3)configured offline rules

    Ques 1: If i am taking the login credential (email/password) in client app ,how to authenticate Health Vault with these credential-either first time login or re-login while the user have an account on health vault platform? How can i got personId and recordId for first time login. Scenario multiple Physicians and multiple  Patients.

    Ques 2: As above quote i saw , there is comment that we can get personId, recodId by online app. But it is not a good way, So could you please explore it? How could we get it while we have scenario for multiple Physicians and Patients?



     




     

    Tuesday, December 29, 2015 12:25 PM