#OAuth2

2 Followers · 116 Posts

Articles and Questions regarding OAuth2 Authentication.

Year

Question Shane M Elliott · Apr 28

FHIR Server OAUTH2 with Microsoft Entra Intersystems Health 2025.3

I am working on setting up OAUTH with FHIR and Microsoft Entra. I have configured the Client and configured it in the FHIR Server successfully. However, I get 401 when authenticating with a token. Looking at ^ISCLOG I see:
^ISCLOG("Data",9,0)="accessToken=<jwt token>, scope=, aud="
^ISCLOG("Data",10)=$lb(3,"OAuth2","[OAuth2.ServerDefinition:ValidateJWT]","171430","%SYS","2026-04-28 17:41:25.305549397","OAuth2.ServerDefinition.1","","zwKKakZZZx2")
^ISCLOG("Data",10,0)="JWT valid? sc=1"
^ISCLOG("Data",11)=$lb(3,"HSFHIRServer","[HS.FHIRServer.

#InterSystems IRIS #FHIR #OAuth2

0 5

0 67

Question Oliver Wilms · Mar 23

Token Endpoint for OAuth2

Hello, I am working with @Alberto Fuentes https://openexchange.intersystems.com/package/workshop-iris-oauth2.

I wonder how do I get a token to send to the resserver?

I tried calling "token_endpoint" : "https://webserver/authserver/oauth2/token"

The response was "error":"invalid_request","error_description":"Unknown grant_type"

I wonder what needs to be in the request body? Is it a GET or POST?

#InterSystems IRIS for Health #OAuth2

0 1

0 47

Question Scott Roth · Dec 29, 2025

%SYS.OAuth2.AccessToken - Retrieval

I built a BP, that every time that a message is received from a BS, it executes

 set##class

To save time, I was thinking of just creating a BS that goes out and gets the Authorization Token every hour. However then how to do I pull that Token into the BO to ensure that the Token is included in the Request that is sent to the HS.FHIRServer.Interop.HTTPOperation?

#HealthShare #InterSystems IRIS for Health #Health Connect #InterSystems IRIS #Business Process (BPL) #FHIR #OAuth2

0 3

0 107

Question Dmitrii Baranov · Dec 9, 2025

IRIS OAuth2 Client - "openid" scope error

I need to connect IRIS to a third-party FHIR server which in turn is connected to Keycloak.

For machine-to-machine communications, client credentials grants should be used. I don't know why exactly but the FHIR server requires access tokens to contain the "openid" scope, otherwise it returns 401 (unauthorized).

If the access token returned by Keycloak contains that scope, IRIS complains about ""ERROR #8859: Unsupported response to access token request: OpenID Connect is not supported for password and client credentials grant type". The error is produced by the OAuth2.

#InterSystems IRIS for Health #OAuth2

0 2

0 99

Question TAZ.R · Jul 16, 2025

Issue Injecting OAuth Secrets (client_id/client_secret) into IRIS Productions in Docker

Hello Community,

I’m working on an InterSystems IRIS production that needs to call an external API using OAuth client credentials (client_id and client_secret). For security reasons, I must pass these credentials via environment variables in my Docker container.

In the IRIS terminal, I can successfully retrieve these environment variables using $System.Util.GetEnviron("api-clientid") and $System.Util.GetEnviron("api-clientsecret"). However, inside my Business Operation class (OnMessage method), these environment variables return empty strings.

#InterSystems IRIS for Health #OAuth2 #REST API #Security

0 13

1 192

Dev Community resources

InterSystems resources

#OAuth2

FHIR Server OAUTH2 with Microsoft Entra Intersystems Health 2025.3

Token Endpoint for OAuth2

%SYS.OAuth2.AccessToken - Retrieval

IRIS OAuth2 Client - "openid" scope error

Issue Injecting OAuth Secrets (client_id/client_secret) into IRIS Productions in Docker

Community in numbers

Dev Community resources

InterSystems resources

Our social networks

#OAuth2

Trending apps

Community in numbers