Recommendation: Have the Data Receiver register its JWKS URL with the Data Submitter to secure the data download

[mshgithub]

We have feedback on how HRSA server retrieve / download the ndjson files.

It is our recommendation for HRSA to register its JWKS url and query for token each time a ndjson file needs to be download just like vendors / Health Center systems are querying for tokens when submitting the manifest file or check processing status.
Passing access token in the manifest file is not secure.

[cooperthompson]

I agree with your proposed approach. This seems related to a similar issue I submitted: #11.

[nbashyam]

Currently we are not looking at registering the HRSA client with any EHR. The connection is a TLS connection similar to all FHIR transactions and is neither more or less secure from a connection standpoint. The information transmitted through this session is expected to be secure similar to all other FHIR transactions where data is retrieved.
In terms of the access token itself and requiring more security around the access tokens other approaches such as whitelisting the HRSA servers along with making the links themselves secure using other technologies could be all considered to ensure you are protecting the health center data appropriately.
The server is similar to a confidential client and is capable of storing the secrets/access tokens securely for subsequent access.