Allowed
The Allowed validator passes every request through without restrictions. Use it to grant access to any authenticated client.
Forbidden
The Forbidden validator rejects every request unconditionally. Use it as the default rule to implement a deny-all policy.
DeviceCompartment
The DeviceCompartment validator restricts Device-role clients to resources within their own FHIR device compartment.
PatientCompartment
The PatientCompartment validator restricts Patient-role clients to resources within their own FHIR patient compartment.
PractitionerCompartment
The PractitionerCompartment validator restricts Practitioner-role clients to resources within their own FHIR practitioner compartment.
RelatedPersonCompartment
The RelatedPersonCompartment validator restricts RelatedPerson-role clients to resources within their own FHIR related person compartment.
GeneralPractitioner
The GeneralPractitioner validator limits access to resources referenced in a patient's generalPractitioner field.
OrganizationCompartment
The OrganizationCompartment validator restricts access to resources tagged with a Fire Arrow organization compartment extension.
LegitimateInterest
The LegitimateInterest validator grants access based on organizational affiliation with role code support and inheritance.