If you want to generate JWT from x509 cert/key, any operation (including reading) on requires U on %Admin_Secure resource.%Admin_Secure is required because is persistent, and it's implemented this way to prevent all users from accessing private keys.

If  resource is not available at runtime, you can use the following workaround.

Upon reviewing the code for JWT generation, I discovered that the JWT code utilizes solely as a source of runtime data for PrivateKey, PrivateKeyPassword, and  As a workaround, you can use a runtime non-persistent implementation of the X.

SETassigns value to the variable at RUNTIME.

#DIM declare the variable and it's Data Type at COMPILE TIME.

As%String

or #DIM? Your design, your rules.

Managing InterSystems ServersManaging InterSystems Servers – Virtual  February 2-6, 2026

• Configure, manage, plan, and monitor system operations of InterSystems Data Platform technology
• This 5-day course teaches system and database administrators how to manage InterSystems® Data Platform technology which powers all of our products.
• Learn to install, configure and secure the data platform, configure for high availability and disaster recovery, and monitor the system.
• Students also learn troubleshooting techniques.

SELF REGISTER HERE

I’m working on XML Digital Signature in InterSystems IRIS using %XML.Security.Signature

I start with an XML document that is created by parsing an input XML string, and I want to digitally sign this document using an X509 certificate.

Set##class%SYS.X

During signing, I got the below error:

Canonicalize error: Signature not found

From debugging, it appears that the signing process attempts to locate a <Signature> element in the XML document by its Id, but no such element exists at that point.

This leads to my main question:

Is it expected that XML doc already contains a <Signature>

Hey Community,

Enjoy the new video on InterSystems Developers YouTube:

⏯ Advancing Healthcare Interoperability - Strategy and Vision @ Ready 2025

I have a business service that actively reads data from a remote Postgres database. OnProcessInput opens a XDBC (actually JDBC) connection, executes an SQL query, fetches several thousand rows, iterates the resultset, and closes the connection. On each iteration I also need to update each source row in the remote database using PreparedStatement.

In other words, in every OnProcessInput call I have a long running SELECT statement and several thousands small UPDATE statements.

InterSystems IRIS is built on an architecture that separates the logical organization of data (namespaces) from its physical storage location (databases). Understanding this separation and the distinction between Namespaces and Databases is crucial for effective data management, security, and especially, high-performance data sharing.

In this article, I will discuss these foundational components and provide a practical guide on leveraging global mappings to share native data structures (globals) across different logical environments.

Databases: Physical Reality

A database represents the physical reality of where the data is stored on the disk. First and foremost, it’s a file in a file system called IRIS.dat (e.g., <Install folder>\mgr\user\IRIS.DAT). The maximum size of this file is 32TB. It is the container for all the actual data and the code. Databases are managed by the IRIS kernel, which handles caching, journaling, and transaction logging at the physical file level.

When you install InterSystems IRIS DBMS, the following databases are installed automatically:

I have a new project to store information from REST responses into an IRIS database. I’ll need to sync information from at least two dozen separate REST endpoints, which means creating nearly that many ObjectScript classes to store the results from those endpoints.

Could I use ChatGPT to get a headstart on creating these classes? The answer is “Yes”, which is great since this is my first attempt at using generative AI for something useful. Generating pictures of giraffes eating soup was getting kind of old….

Sometimes it is more convenient, more efficient, and more secure, to limit FHIR Searches per pre-defined "Lists" of Resources.

Since v2025.1 we support several List-related features in our FHIR Server.

I will highlight these here, and provide some samples.

I have see this discussed on the community but I'm not quite finding an answer. 

I have a method that is called in the OnPreHttp() method of a CSP page.  That method returns a dynamic object and a set a new variable to the %ToJSON method of the object so I can use it in my JavaScript code later to init a table of data (using the #(variable)# syntax).  This creates a MAXSTRING error.  So I changed it to return a %Stream.TmpCharacter.  But if I call Read($$$MaxStringLenght) I only get part of the data.

I have a Photo that is stored as an VARBINARY within MS SQL. I would like to Select the data into a EnsLib.SQL.Snapshot, is that possible? I would take it out of the Snapshot and send it to a %Stream so it can be written out to a file.

Developing Custom Components for IntegrationsDeveloping Custom Components for Integrations – In Person (Boston, MA) February 10-12, 2026

• This 3-day course teaches implementation partners, integrators, developers, and analysts how to create custom interfaces using InterSystems integration technologies.
• Students build a Production using InterSystems® Objects, graphical tools in the Management Portal, Business Process Language (BPL), the adapter library, and an IDE.

Hi, Community!

Ready to strengthen your deployment of InterSystems IRIS® data platform?

👨‍💻See how to configure a mirrored pair to preserve the integrity of your data:

Setting Up a Mirrored Pair with Configuration Merge

I was trying to see if we could connect to another Server, we use to execute external scripts using %Net.SSH.Session.

TESTCLIN>set##class

How can I see what the SSH error was in the callback?

Hey Community,

Enjoy the new video on InterSystems Developers YouTube:

⏯ Developing on FHIR in 2025 @ Ready 2025

Hi Developers!

Sometimes we need to deal with classes/tables where the primary key and the IdKey are something that is maintained by yourself.

What is the proper way to generate a new ID in case where ID is a %BigInt?

Property id As %Library.BigInt

Are there any system methods to provide it?

There is data already imported via SQL, so there is no last ID stored in ^myclassD, so I cannot do $I(^myclassD).

Thinking of:

set$O^myclassD

What do you think?

Hello community!
I have a small challenge for you :)

One of customers is sending quite a lot of messages between interoperability components, which mix standard request content and streams representing serialized JSON objects. As these JSON streams can be quite long (but not too long, just couple hundreds of characters) they would appreciate if the JSON content of stream was displayed in a nice-to-read way, using syntax highlighting by message trace view.

Time for another round of code golf!

Develop a function that performs a two-step encryption process on a given string:

• First Step: Reverse Cipher

  • Reverse the entire input string.
  • Relocate the last character of the original string (now the first character of the reversed string) to the end.

• Second Step: Alphabetic Index Binary Encoding

  • For each alphabetic character, determine its zero-based index in the lowercase alphabet (a-z).
  • Replace odd-indexed characters with '1' and even-indexed characters with '0'.
  • Preserve non-alphabetic characters unchanged.

Example:

encrypt("Hello World!

We are implementing delegated auth between Kong Gateway and IRIS. Kong is correctly configured to forward JWT authenticated requests with consumer headers (X-Consumer-Username, etc.) to IRIS, but the ZAUTHENTICATE routine (deployed in the %SYS namespace) never executes, leaving ZW ^ZAUTHLOG empty despite successful header delivery.

401 errors response:
...
* Request completely sent off

Defining my first REST API within InterSystems using iris-rest-Api-template as a basis and I am seeing if someone could provide me some guidance to see if I can make it work.  

In some of my other posts, I have been trying to come up with a way for our Enterprise Application Development team which works with .Net to build Applications to make a REST call to our instance of InterSystems to query some of the Cache Tables we have defined. 

Using the iris-rest-api-template, I have created the osuwmc.DataLookup.REST.Base.cls

ClassExtends%CSP.REST"application/json"

Table of Contents

1. Purpose of the article
2. What containers are and why they make sense with IRIS
    2.1 Containers and images in a nutshell
    2.2 Why containers are useful for developers
    2.3 Why IRIS works well with Docker
3. Prerequisites
4. Installing the InterSystems IRIS image
    4.1 Using Docker Hub
    4.2 Pulling the image
5. Running the InterSystems IRIS image
    5.1 Starting an IRIS container
    5.2 Checking container status
    5.3 Executing code in the container terminal
    5.4 Accessing the IRIS Management Portal
    5.5 Connecting the container to VS Code
    5.6 Stopping or removing the container
    5.7 Setting a specific password with a bind mount
    5.8 Using durable %SYS volumes
     5.8.1 What gets stored with durable %SYS
     5.8.2 How to enable durable %SYS
6. Using Docker Compose
    6.1 Docker Compose example
    6.2 Running Docker Compose
7. Using a Dockerfile to run custom source code
    7.1 Dockerfile example
    7.2 Docker Compose example
    7.3 Understanding layers, image tagging and build vs. run time
    7.4 Source code and init script
    7.5 Building the image with Dockerfile
    7.6 Running instructions in the containerized IRIS terminal
8. Conclusion and what’s next

1. vscode extensions : intersystems.language-server-2.8.0@linux-arm64.vsix

2.  api/atelier web application is enabled

3. vscode connect failed.

The most upvoted idea on the InterSystems Ideas Portal—garnering 74 votes—requests a lightweight version of IRIS. While the platform has grown into a powerful data engine, many projects require only its SQL database capabilities. This article demonstrates how to build an unofficial, compact IRIS Community Edition image focused solely on core database functionality, reducing the image size by over 80%.

⚠️ Disclaimer

This project produces an unofficial, experimental image of InterSystems IRIS Community Edition.

• Not supported or endorsed by InterSystems.
• Use at your own risk. The modifications remove core platform features and may break compatibility with tools, APIs, and expected behaviors.
• No warranties or guarantees apply, including fitness for production use.
• Intended only for educational and experimental purposes by advanced users.

Why a Lightweight IRIS?

While IRIS today includes rich functionality—interoperability, analytics, machine learning, system management, etc.—many projects only require its core SQL capabilities. The official Community Edition Docker image is approximately:

• Disk usage: 3.5–3.8 GB
• Compressed size: ~1.1 GB

IRIS Light reduces that to:

• Disk usage: ~575–583 MB
• Compressed size: ~144–148 MB

This makes it suitable for:

• Microservice or containerized SQL use
• CI pipelines with faster startup and pull
• Horizontal scaling where full features are unnecessary

There is a Master Table within IRIS that I am populating from Epic but want to share it with our Enterprise Application Development Team (Web). As a test I was able to use _SYSTEM from postman to execute the following.

POST /api/atelier/v1/xxxx/action/query HTTP/1.1
Host: xxxxxxxx
Content-Type: application/json
Authorization: ••••••
Cookie: CSPSESSIONID-SP-443-UP-api-atelier-=00f0000000000AKyLjBfUvU$MpFD8UT8y$EoNKNw1ixZeXN4_Q; CSPWSERVERID=hzZAT5rb
Content-Length: 86

{"query": "SELECT * FROM osuwmc_Epic_Clarity.DepartmentMaster WHERE ID = '300000000'"}

The demo is based on the raw class descriptions.
The data classes used are Address, Person, Employee, Company
For a more attractive demo, a JSONtoString method by ID was added.

Has anyone tried to authenticate IRIS client in Snowflake using Key Pair Auth as described in this doc?

I have been struggling sometime with trying to take a FHIR Bundle Response, extract the "entry.resourceType", extract the MRN and Name from the Patient FHIR Response...

Going through learning.intersystems.com, it suggested that I try using fhirPathAPI to parse and search my response for certain values, however I am not sure my syntax is correct. Using the AI code, it suggested to set my tree = "Bundle.entry.resource.resourceType"

ClassMethodAsAs

I was wondering if anyone had a way to automate creating the Query String for a FHIR Request?

Using HS.FHIRServer.Interop.Request in my development I have to specify the following...

I was wondering.... if my source had variable number of fields if there was a way to automate the build for the QueryString when doing a Patient Search?

I am trying to replicate a way to use FHIR as a way to query the EMR instead of using a MS SQL Stored Procedure that is populated via HL7 ADT to query.

I am looking for a way to capture Data Quality issues with the Source data that is populating HealthShare Provider Directory. 1 way is to use Managed Alerts, but since it could be multiple Providers and different messages it seems silly to alert on every message that has the error. Instead, I was thinking of using the Workflow Engine so it could populate a Worklist for someone to review and work.

Looking over the Demo.Workflow Engine example, I am not comprehending on how to send a task to the Workflow manager to populate the worklist from a DTL.

According to the Documentation  EnsLib.Workflow.TaskRequest has the following fields...

• %Action
• %Command
• %FormFields
• %FormTemplate
• %FormValues
• %Message
• %Priority
• %Subjext
• %TaskHandler
• %Title
• %UserName

I want to be able to capture the Source, Session ID, and any other Identifiers outside of the Error so it will show up on the Task List.