#OAuth2

Hello, developers!

In this article, I will show you how to configure FHIR repository + OAuth2 authorization server/resource server on IRIS for Health following the previous article.

In Part 1, we introduced the preliminary preparations, configuring the OAuth2 authorization server, and obtaining the access token.
Part 2 will show you how to build an FHIR repository and configure an OAuth2 client/resource server.

Hi,

I am very much a newbe on the subject of JWT, so please except my ignorance.

The Trust I am currently working for wish to create a framework whereby they can create REST API Services, within HealthConnect, and grant access to these using JSON Web Token Authorisation and Bearer Tokens. This would be similar to the way the Trust currently connects to other REST API's, i.e.: DocMan Connect and GOV.UK Notify.

Can anyone offer any advice / sample code and / or point me into the direct of suitable documentation to achieve this?

Let's imagine if you would like to write some real web application, for instance, some simple clone of medium.com. Such sort of application can be written using any different language on the backend side, or with any framework on the frontend side. So many ways to do the same application, and you can look at this project. Which offers a bunch of frontends and backends realizations for exactly the same application. And you can easily mix them, any chosen frontend should work with any backend.

Let me introduce the same application realization for InterSystems IRIS on a backend side.

Introduction

Nowadays, there is a lot of applications that are using Open Authorization framework (OAuth) to access resources from all kinds of services in a secure, reliable and efficient manner. InterSystems IRIS is already compatible with OAuth 2.0 framework, in fact, there is a great article in the community regarding OAuth 2.0 and InterSystems IRIS in the following link here.

Hi

Has anyone been able to successfully connect IRIS for Health to Cerner's Secure FHIR Sandbox?

Anyone have any easy instructions for getting this working?

In this 3-part series of articles, is shown how you can use IAM to simply add security, according to OAuth 2.0 standards, to a previously unauthenticated service deployed in IRIS.

In the first part, was provided some OAuth 2.0 background together with some IRIS and IAM initial definitions and configurations in order to facilitate the understanding of the whole process of securing your services.

OAuth server to be deployed on the IRIS learning cloud platform. Clients - one on the other instance of the learning IRIS server, the other client locally on my computer in the container docker.

Both clients get a seemingly correct link (through ##class(%SYS.OAuth2.Authorization).GetAuthorizationCodeEndpoint()) to the login request form:  

Presenter: Dan Kutac
Task: Use a common login identity and a central mechanism of authentication across environments from multiple entities
Approach: Provide examples and code samples of an application environment using OpenID Connect and OAuth 2.0
 

Description: In this session we will demonstrate an application environment using OpenID Connect and OAuth 2.0. Hear how this is done and what options you have; and yes, you get to keep the code.

Problem: How to use a a common login identity (e.g. Facebook credentials) and a central mechanism of authorization cross environments from multiple entities.

Solution: Create awareness and interest in using OAuth 2.0

Content related to this session, including slides, video and additional learning content can be found here.

I'm using Caché as an OAuth authorization server and I want to accept the password credentials grant type. I've found that if I make an authorize request, the Caché authorization server requires some URL parameters that shouldn't be required in password grant (redirect_uri, state, scope, and response_type). If I include these parameters, it calls my DirectLogin() method instead of just calling ValidateUser() as I would expect from the docs. I have two questions:

Hi.. I have an issue where we are using OAuth2.0 with the ZAUTHENTICATE routine.  Once our token is validated we are using a users lan id (passed on the ID token) to find a software defined username in a Cache Global.

That is all working fine in ZAUTHENTICATE.. I am setting the software defined username in the Properties("Comment") array and wanting to reference it in the Rest Service Dispatch class.

Hi community ,

i come back to you , i've a problem with Client description in Oauth2, when i tick the  Supported grant types and i save , there are not registred on the OAuth2_Client.Metadata table .

can you tell me where is the problem please.

you will find attached a screenshot.

thank's

Hi community

i'm working on the validation user method , i found this following  code in the  \HSIE\%SYS\Classes\%OAuth2\Server\Validate.cls  

I tried to implement the Oauth2 in google,

I got authentication, But I unable to read response class.

I got an error as:

I unable to change response Class.

Anyone help me to Change response Class in Client Configuration

                      or

Is there any option to define response URL manually?

Thanks

Hi, 

I am a beginner on intersystems technologies ! and i want implements Oauth2 for our projects ( Angular 2 + Caché REST  Backend). 

i read the article that the link  is below : 

https://community.intersystems.com/post/cach%C3%A9-open-authorization-framework-oauth-20-implementation-part-1

But : i need to create  all servers ( Auth and Resource ) on Caché and dont' to use google server.