New post

#Authentication

4

Authentication in Computing is the process or action of verifying the identity of a user or process.

Authentication in InterSystems Data Platform Documentation.

What is JWT?

JWT (JSON Web Token) is an open standard (RFC 7519) that offers a lightweight, compact, and self-contained method for securely transmitting information between two parties. It is commonly used in web applications for authentication, authorization, and information exchange.

A JWT is typically composed of three parts:

1. JOSE (JSON Object Signing and Encryption) Header
2. Payload
3. Signature

Open Exchange app
13 4
9 532

What is TLS?

TLS, the successor to SSL, stands for Transport Layer Security and provides security (i.e. encryption and authentication) over a TCP/IP connection. If you have ever noticed the "s" on "https" URLs, you have recognized an HTTP connection "secured" by SSL/TLS. In the past, only login/authorization pages on the web would use TLS, but in today's hostile internet environment, best practice indicates that we should secure all connections with TLS.

18 1
7 585

Over the past couple of months, I have been working on the SMART on FHIR EHR Launch to test the capabilities of IRIS for Health using two open-source apps from CSIRO: SMART-EHR-Launcher and SMART Forms App. This journey has been incredibly interesting, and I’m truly grateful for the opportunity to work on this task and explore more of IRIS for Health’s potential.

11 1
2 371

Hi:

I see a lot of cool REST apps and i'm trying to host something in the TIE using REST/Axios with VITE.

At the moment i will probably host the application in web applications in Intersytems.

For authorisation and getting the logged in user and password to any app, is there a standard people are doing?

I.e. for axios you might have this from the app

0 8
0 152

At hackathons that InterSystems participated and I supported, many students were asking how all their teammates could use the same IRIS database that they spun up in a container. I suggested using ngrok to expose their localhost IRIS and realized we don't have documentation on that. Hence, I thought this would be great to let more people knwo about this powerful technique for enhancing collaboration during development and testing.

6 0
1 160
Question
· Apr 16, 2025
FTP Inbound Errors

I need to connect to a SFTP server and I seem to connect and timeout have tested the connection using File-zilla and the connection was successful but the problem is when I try to connect using the FTP in bound adapter service I get the following errors.

ERROR <Ens>ErrOutConnectExpired: FTP Connect timeout period (120) expired for ***************.com:990/******/SSL='********* + ERROR <Ens>ErrFTPConnectFailed: FTP: Failed to connect to server ***************.com:990/******/SSL='********* (msg='Timeout waiting for response',code=529)

0 1
0 154

I am building a web application that uses JWT for authentication. I would like to pass the token in cookies instead of the Authorization header.
Is there a way to intercept the request and check the token from the cookies instead of the header? I tried overriding the OnPreDispatch() method and adding it to my dispatch class, but it seems like it never gets executed, as the response returns "Unauthorized" before reaching it.

2 2
0 124

Hi community,

A colleague gets ERROR #822: Access denied every time he tries to log in via Management portal. It is NOT the case of wrong credentials: I reset his password password to a temporary one so it would prompt him to create a new one upon first login. He did get the prompt, changed his password and his next attempt at logging in displayed the same error.

1 3
0 89
Contestant

This article is intended as a beginner level article for people that want to learn how to use OAuth2 in their web applications natively.

There is an accompanying video/demo that may be helpful here:

https://www.youtube.com/embed/4mfWQwcKcMI
[This is an embedded link, but you cannot view embedded content directly on the site because you have declined the cookies necessary to access it. To view embedded content, you would need to accept all cookies in your Cookies Settings]

and you can reproduce this locally with the Open Exchange application attached.

Open Exchange app
6 0
0 14