Allowed
This validator allows every request to pass through verbatim. It does not support the requiredrolesystem and requiredrolecode options.
Forbidden
Rejects every request unconditionally. Use this validator as default validation rule to ensure that no data unintentionally becomes public.
DeviceCompartment
The DeviceCompartment validator will redirect every request to the client's corresponding device compartment. If the client doesn't have the Device role, the validator will throw an error.
PatientCompartment
The PatientCompartment validator will redirect every request to the client's corresponding patient compartment. If the client doesn't have the Patient role, the validator will throw an error.
PractitionerCompartment
The PractitionerCompartment validator will redirect every request to the client's corresponding practitioner compartment. If the client doesn't have the Practitioner role, the validator will throw an error.
RelatedPersonCompartment
The RelatedPersonCompartment validator will redirect every request to the client's corresponding related person compartment. If the client doesn't have the RelatedPerson role, the validator will throw an error.
GeneralPractitioner
This validator ensures that a patient can access only the resources referenced in their general practitioner field. It supports access to three entity types: Practitioner, PractitionerRole, and Organization. Any attempt to access other entity types will result in a GraphQL error.
OrganizationCompartment
The organization compartment validator creates an artificial compartment by tagging resources with an extension.
LegitimateInterest
This validator checks if the client has a legitimate interest to the resource that it is requesting. The checks for this depend on the client's role.