Skip to main content

Creating an OAuth 2.0 Server for the Bulk FHIR Coordinator

If you wish to use OAuth 2.0 for authentication between bulk FHIR REST clients and the Bulk FHIR Coordinator and you do not already have an OAuth 2.0 server, InterSystems IRIS for Health includes a utility that will create an OAuth 2.0 server on your local instance specifically to support SMART Backend Services AuthorizationOpens in a new tab for Bulk FHIR Coordinator endpoints. This OAuth server is configured to support dynamic client registration.

Several prerequisites must be met before you can successfully run this utility:

  1. Your web server is configured for SSL/TLS.

  2. You have created an SSL/TLS configuration for your instance.

  3. In the Configure Secure Communication dialog in the Installer Wizard, you have created and activated a secure communication configuration.

  4. After configuring secure communications in the Installer Wizard, you have configured and activated a Foundation namespace where you will create your bulk FHIR configurations.

The OAuth 2.0 server utility consists of two methods in the class HS.BulkFHIR.OAuth2InstallerOpens in a new tab. Call these methods from your Foundation namespace.

SetupOAuthServer()Opens in a new tab

Configures an IRIS OAuth 2.0 authorization server in the local IRIS instance for bulk FHIR and creates a service registry entry that points to the OAuth server issuer endpoint. This method depends on class parameters OAuthSSLConfigName and OAuthIssuerServiceName for the values of those two items.

Arguments:

  • pForceDelete

    0 = abort and return fail if an existing OAuth server is found (default)

    1 = delete existing OAuth server and its clients before re-creating

  • pVerbose

    0 = do not display method outcome text

    1 = display method outcome text (default)

SetupServiceEntry()Opens in a new tab

Creates a service registry entry in the current namespace that points to the issuer endpoint for the OAuth server in the current IRIS instance. This method depends on class parameters OAuthSSLConfigName and OAuthIssuerServiceName for the values of those two items.

This method is only necessary if your OAuth server is already set up as desired and the you want to create a bulk FHIR configuration in a second Foundation namespace.

Arguments:

  • pVerbose:

    0 = do not display method outcome text

    1 = display method outcome text (default)

Note:

Setup of the OAuth 2.0 client configuration can be done automatically, when you create and save your bulk FHIR configuration.

Bulk FHIR Setup ChecklistNext section
Previous sectionBulk FHIR Roles and Resources
FeedbackOpens in a new tab