Our FHIR server has several different supported operations, but whether or not a client can invoke each operation is dependent the member’s insurance plan. As a result, a client may be able to only use some of the FHIR server’s operations but not all of them.
We would like to have a way for a client to know what operations they can execute. I have looked into creating a CapabilityStatement, but the purpose of a CapabilityStatement is to list all of the possible operations of a FHIR server, and also be publicly exposed. We would like to provide a specific list of operations that will work for the requesting client (and not a full list of operations that the server supports). Is there anything in the FHIR spec that would satisfy what we are looking for?