Skip to main content

Project vs Server Scoped Users

Server Scoped Users

Server scoped Users can be used across multiple projects across the Medplum Server. Server scoped Users should be used for developers and administrators that need to interact with multiple projects (e.g. staging and production). By default, Practitioners are scoped to server.

Project Scoped Users

Project scoped Users exist inside a single Project. Project scoped Users should be used for real practicing clinicians and patients that will primarily interact with a single production project. By default, Patients are scoped to project. If you want to include a project scoped User in multiple projects, you will need to invite them to each Project separately.

You can specify the scope of a User by adding the scope parameter to the Invite User endpoint.

const response = await medplum.post('/admin/projects/:projectId/invite', {
  resourceType: 'Practitioner',
  firstName: 'Test',
  lastName: 'User',
  email: 'test@example.com',
  scope: 'project' // or 'server'
})
info

For hosted customers, you will only have control over the User resources for your project scoped users, but hosted customers can access server scoped users from their super admin project.

note

If you want to create a custom email flow for your Practitioners, they will need to be invited as a Project Scoped Users so that the UserSecurityRequest resources are also scoped to the project.