Question posted in 
Is it possible to create an application the uses B2C identity provider and writes to the Azure FHIR service?
All the B2C examples I have encountered only read for the FHIR service (e.g. https://learn.microsoft.com/en-us/azure/healthcare-apis/fhir/azure-ad-b2c-setup), and the FHIR service configuration only allows Read data actions/scopes (see after step 10 here: https://learn.microsoft.com/en-us/azure/healthcare-apis/fhir/troubleshoot-identity-provider-configuration).
Is there a way around this? I would like my B2C users to be able to write data to FHIR.
2
Answers
I have never used FIHR, but this post shows how to write to it.
This is via API, and B2C can call API.
However, I’m unsure if FIHR will accept a B2C access token.
Limiting access to the FHIR service via a generic API is a good way to get full control and customizability over the Access-Control, validation, and any other intermediary function.
You can then configure this service to access the FHIR store and insert the middleware necessary in it to handle your tokens.
The FHIR service is secured by Microsoft Entra ID that can’t be disabled. To access the service API, you must create a client application (also referred to as a service principal) in Microsoft Entra ID,
and grant it the right permissions.