Technical overview: permissions

This page assumes you understand core terminology and HealthVault applications.


A HealthVault application uses the Application Configuration Center (ACC) to declare the types of data that it wishes to access (e.g., weight or blood pressure). During installation or initialization of the application, the end-user can review the requested permissions and determine whether to grant the desired access.

Authorization rules

An *authorization rule *is a collection of permissions for creating, reading, updating or deleting different data types. For example, a fitness application can define an authorization rule that specifies read-only access to demographic information but read/write access to exercise information. Most applications define one default authorization rule but multiple rules can be defined for management purposes.

Permissions screenshot

Online and offline rules

An authorization rule can be defined as online * or *offline . An online rule specifies permissions when the user has actively signed into the application (e.g., signed into a website). An offline rule specifies permissions when the application accesses the health record at other times (e.g., during nightly processing).

See offline access

Putting it together

An application declares the data types and operations that it will perform against a health record. The end-user will review the requested permissions and determine whether to grant the application access to the record.

Next, learn about connection options to the HealthVault service.

Technical overview