I am trying to use IRIS for Health as a Facade for an external FHIR Server, where IRIS provides the proper authentication.
The client authenticates using a bearer token obtained from the IRIS OAuth2 server via a jwt client assertion.
The IRIS endpoint, however, returns a 401 as soon as I remove the Unauthenticated access

Is there w way to make this work through configuration?

0 1
0 32

Dear All,

I am currently part of a team that is developing an application using Microsoft PowerApps as the front end and IRIS as the backend. Effectively that frontend screens, which are house and an Azure serve, call a series of REST interfaces exposed by IRIS from a physical Microsoft server. During the development stage we have not had any security in place but now we need to secure the application using a single sign on. PowerApps relies on Microsoft Entra for its security both LDAP and OAuth. Has anyone in the community connected IRIS to Microsoft Entra?

0 2
0 126

I have a question about using OnInit() within a Ens.BusinessOperation.

When you include OnInit(), does OnInit() only execute when you start a Business Operation? Or does it execute OnInit () every time you send a REST request to the operation. I am trying to pinpoint when the best time is to execute the POST command to get the Token

I am needing to get a Bearer Token from a REST POST call and return the Authorization key prior to making the rest of the REST calls to pull down data.

0 13
0 153
Question
· Jul 23
JWT and CORS

Hi

I'm trying to use JWT authentication on a REST application in IRIS. The login API are correctly "injected" into the application. Login works fine with Postman and other REST clients, and subsequent calls to my REST API using the bearer token work fine (correctly authenticated). So far, so good.

0 8
0 118

We recently moved from using the Private Web Server, to using an Apache/Web Gateway setup and moved towards using the built in LDAP functionality within IRIS. Since then, we have 1 user that uses VSCode (/api/atelier) heavily that continues to have issues signing into IRIS through VS Code and the /api/atelier extension.

I am trying to troubleshoot two issues..

0 8
0 1.3K

I am attempting to configure an inbound service that utilizes the EnsLib.SOAP.GenericService class. This service receives HL7-v3 content wrapped in SOAP requests. Despite reading the documentation on configuring SOAP services, I am still confused.

In my current configuration item "Fr_Centrak_RTLS", I have ‘Enable Standard Requests’ checked, ‘Pool Size’ set to 0, and the port is unspecified.

0 7
0 198

I am trying to use postman to start the restapi classes from a json openapi2.0.0 file.

POST: https://myserver.com/api/mgmnt/v2/requestAPI. The body contains the openapi2.0.0. The application api/mgmnt has in security settings: password. JWT is not selected. I set postman authentication to basis authentication and gave username and password. I also set in headers IRISUsername and IRISPassword. I have 401 Unauthorized.

Is the only way to go through is to build an oauth token? or do I miss something?

1 2
0 121

Is it possible to authenticate an xDBC (ODBC/JDBC) connection to InterSystems IRIS via (a 3rd party) OAuth server?

For REST APIs this is possible, but could this be achieved with OAuth?

Out-of-the-box the ODBC/JDBC Drivers don't seem to have this option, but maybe some custom code could enable this? perhaps via Delegated Authentication and some OAuth classes customization, or some other way?

Has anyone done this already and can share how it was implemented, or someone with some guideline suggestions?

1 0
0 135
Question
· Oct 22, 2023
JWT enabled Web Application

Hello Community,

I've enabled the JWT Authentication in my web application. I invoked the /login page to get the JWT and it creates an entry in %SYS.TokenAuth table. Is there any time span for the entries will rid out from the table automatically or It's a manual process? Where can I find the JWT signature private/public key

settings screenshot

web application

0 0
0 175

Our client says the call to send email (method (%Net.SMTP).Send) started returning error # 6167 (Authentication expected but failed.) after installing IRIS 2022.1.2; email had worked before. Properties (%Net.Authenticator).UserName and .Password were configured. We can get email to work when we don't set property (%Net.SMTP).authenticator.

Any ideas what is going on? Thanks.

0 2
0 325

Hello Everyone,

We currently have CSP application that runs under 2 servers(usually primary), and every month the server reboots for patching SERVER1(primary) in the morning and SERVER2(backup) at night.

Whenever the SERVER1 reboots SERVER2 behaves as primary and when SERVER1 comes back up it will act as backup server.

First Patching:

So, when SERVER1 is down, I need to start httpd service for SERVER2 and stop httpd service for SERVER1 (which is now backup server).

0 5
0 241

Hello,

I have a EnsLib.HL7.Operation.FTPOperation that uses SFTP protocol and public/private key to connect to an external vendor moveitcloud.

Issue: The vendor is planning to enable Multi Factor Authentication for this file transfer account.

Question: Have you configured a SFTP operation to use Multi factor Authentication? If not, is there another way?

Thank you,

0 1
0 324

Hi community,

I have an incorrect InterSystems Server Credentials password stored by the Workstation Keychain in VS Code. VS Code is trying to use this incorrect stored credential to access the server and does not prompt or allow me to input a different password. I do not see any settings associated with the Keychain or resetting those credentials. Does anyone know of the process to delete or replace a stored password here?

Thanks!

Hannah

2 1
0 564

We've implemented SAML authentication for our application where we are the service provider and various other entities are the identity providers. We've done successful connections with several identity providers including Okta, Duo Mobile, Ping Identity, and Azure. Validating the SAML response with signed assertions has been working great. Now, I am trying implement support for the SAML assertions in the response being encrypted for a new identity provider and struggling to understand procedurally how to go about this.

0 0
0 323

Hi experts

I'm trying to configure an IRIS ODBC connection with "Windows NT authentication using the network login ID". I have created the System DSN as below:

and user (PROD\test) in the SQL Gateway connection

However, as the error message suggests, IRIS is trying to connect with PROD\svc_mist, rather than PROD\test configured above.

0 2
0 137

Recently i've been using Restforms2 to create a CRUD API for a project. But it lacks some advanced functionality that we need, so we have created a production with a REST WS which handles those advanced methods. That works great but there's a drawback, it does not have authentication.

I would want to use the same authentication method as Restforms2 which is a basic auth using IRIS users and passwords.

0 4
0 620