Is it possible to authenticate an xDBC (ODBC/JDBC) connection to InterSystems IRIS via (a 3rd party) OAuth server?

For REST APIs this is possible, but could this be achieved with OAuth?

Out-of-the-box the ODBC/JDBC Drivers don't seem to have this option, but maybe some custom code could enable this? perhaps via Delegated Authentication and some OAuth classes customization, or some other way?

Has anyone done this already and can share how it was implemented, or someone with some guideline suggestions?

1 0
0 153

Here in %SYS, we have already examined users, resources, and roles. Now that we know how to set all of that up, we should give it a purpose. Next we will talk about applications! As you may expect, we will see various identical class methods defined here that we have seen in the previous classes. However, some of them will have some tiny yet significant differences.

5 1
2 379
Question
· Oct 22, 2023
JWT enabled Web Application

Hello Community,

I've enabled the JWT Authentication in my web application. I invoked the /login page to get the JWT and it creates an entry in %SYS.TokenAuth table. Is there any time span for the entries will rid out from the table automatically or It's a manual process? Where can I find the JWT signature private/public key

settings screenshot

web application

0 0
0 192

In this article I will explain how to Authenticate, Authorize and Audit by code by using CSP Web Application along with Enabling /Disabling and Authenticate/Unauthenticate any Web Application.

Application Layout

8 5
1 1.3K

Our client says the call to send email (method (%Net.SMTP).Send) started returning error # 6167 (Authentication expected but failed.) after installing IRIS 2022.1.2; email had worked before. Properties (%Net.Authenticator).UserName and .Password were configured. We can get email to work when we don't set property (%Net.SMTP).authenticator.

Any ideas what is going on? Thanks.

0 2
0 360

Hello Everyone,

We currently have CSP application that runs under 2 servers(usually primary), and every month the server reboots for patching SERVER1(primary) in the morning and SERVER2(backup) at night.

Whenever the SERVER1 reboots SERVER2 behaves as primary and when SERVER1 comes back up it will act as backup server.

First Patching:

So, when SERVER1 is down, I need to start httpd service for SERVER2 and stop httpd service for SERVER1 (which is now backup server).

0 5
0 259

Hello,

I have a EnsLib.HL7.Operation.FTPOperation that uses SFTP protocol and public/private key to connect to an external vendor moveitcloud.

Issue: The vendor is planning to enable Multi Factor Authentication for this file transfer account.

Question: Have you configured a SFTP operation to use Multi factor Authentication? If not, is there another way?

Thank you,

0 1
0 346

Hi community,

I have an incorrect InterSystems Server Credentials password stored by the Workstation Keychain in VS Code. VS Code is trying to use this incorrect stored credential to access the server and does not prompt or allow me to input a different password. I do not see any settings associated with the Keychain or resetting those credentials. Does anyone know of the process to delete or replace a stored password here?

Thanks!

Hannah

2 1
0 711

We've implemented SAML authentication for our application where we are the service provider and various other entities are the identity providers. We've done successful connections with several identity providers including Okta, Duo Mobile, Ping Identity, and Azure. Validating the SAML response with signed assertions has been working great. Now, I am trying implement support for the SAML assertions in the response being encrypted for a new identity provider and struggling to understand procedurally how to go about this.

0 0
0 360

Hi experts

I'm trying to configure an IRIS ODBC connection with "Windows NT authentication using the network login ID". I have created the System DSN as below:

and user (PROD\test) in the SQL Gateway connection

However, as the error message suggests, IRIS is trying to connect with PROD\svc_mist, rather than PROD\test configured above.

0 2
0 157

It is a recommended security practice to login into sensitive Administrator Portals without any input passwords. Thus, it is necessary to identify and authenticate the users correctly. A common technique employed by web portals and mobile applications is to use Google social login. Today, Google Gmail has 2 billion users (source: https://www.usesignhouse.com/blog/gmail-stats). Therefore, it is a perfect shared login service to utilize to login InterSystems IRIS users when they need to manage their instances. This article will detail all the steps to embed Google Login into your InterSystems Management Portal.


Register your InterSystems instance in the Google Console

1. Go to https://console.cloud.google.com and log in with your Google user account.
2. On the header click Select a project:

10 7
4 840

Hey Community,

Tired of entering login-password during the docker build with your InterSystems IRIS every time?

There is a handy way to turn it on and off – use the passwordless zpm module.

Watch this video to explore how to use the passwordless ipm module to turn on and off entering login-password during docker build with your InterSystems IRIS:

⏯️ Passwordless mode for development with InterSystems IRIS

https://www.youtube.com/embed/ygIJsTMO0Gw?controls=0
[This is an embedded link, but you cannot view embedded content directly on the site because you have declined the cookies necessary to access it. To view embedded content, you would need to accept all cookies in your Cookies Settings]

1 0
0 375

Hey Developers,

Enjoy watching the new video on InterSystems Developers YouTube:

Achieving Single Sign-On: External Providers, HealthShare Unified Care Record, Clinical Viewer @ Global Summit 2022

https://www.youtube.com/embed/BjIeR3EXPUA
[This is an embedded link, but you cannot view embedded content directly on the site because you have declined the cookies necessary to access it. To view embedded content, you would need to accept all cookies in your Cookies Settings]

0 0
0 512

Recently i've been using Restforms2 to create a CRUD API for a project. But it lacks some advanced functionality that we need, so we have created a production with a REST WS which handles those advanced methods. That works great but there's a drawback, it does not have authentication.

I would want to use the same authentication method as Restforms2 which is a basic auth using IRIS users and passwords.

0 4
0 696

Why I decided to write this

Recently I had the challenge to create a secure authentication method to authorize access to some data, but unfortunately I had zero experience with those security configurations and I felt that I was missing some basic concepts to have a better understanding of the official documentation.

After studying and managing to deliver the classes that I was asked to develop, I'd like to share a little bit of my new knowledge, which helped me follow the topics in the documentation.

6 0
1 424
Question
· Nov 30, 2022
Delegated Users

In our current UCR arhcitecture, we use two installations. We have one machine with Access, Registry and Edges and one machine with the ODS. On the machine with the Registry, I can create a user/clinician. When I log into the management portal with this user, a so-called delegated user is created in the cached users table. So far everything is going well.

When I try the same on the machine with the ODS I get the message : 'ERROR #822: Access Denied' . so no delegated user is created.... Does anyone have any idea where I can find the solution?

1 1
0 331