#OAuth2

I am in need of a routine or class method to generate an Oauth 1.0 signature. I was about to code this myself, but thought to check first to see if anyone has already done this and is willing to share.

Thanks in advance for any help.

[UPDATE 06/28/2016]

Is this available anywhere (for Health Connect)? I've found a few presentations but they are aimed at entry level.

We're looking at supporting more and more FHIR, REST plus OAuth interfaces in future. I've built some of this into older versions of HealthShare and Ensemble but it's desirable to move to supported versions.

We would be using Healthshare as a facade to other systems.

Click here to view our OAuth 2.0 Overview

InterSystems created this video as a high-level overview of OAuth 2.0 technology, geared toward developers looking to learn the basics of OAuth 2.0. It will teach you how OAuth 2.0 works, what roles are involved, what benefits it can provide, and how InterSystems Caché can be used with this technology.

I have an OAuth 2.0 development environment where Caché is serving all three roles as the Authorization Server, Client and Resource Server based on a great 3-part series on OAuth 2.0 by @Daniel Kutac. I have a simple password grant type where an x-www-form-urlencoded body (as described in this post) is sent as a POST to the token endpoint at https://localhost:57773/oauth2/token and a response body with a HTTP Response 200 header is returned. The response body looks something like this.

Hello,

I have been tinkering with FHIR recently and tried to update the FHIR servers Capability Statement after I made some changes. I updated an OAuth2.Issuer Service Registry entrys URL and needed to update the metadata which the FHIR server sends to the client so they can get the updated URL for the authorization server we use.

However, when I run the Console Setup tool with

Dear All,

I am currently part of a team that is developing an application using Microsoft PowerApps as the front end and IRIS as the backend. Effectively that frontend screens, which are house and an Azure serve, call a series of REST interfaces exposed by IRIS from a physical Microsoft server. During the development stage we have not had any security in place but now we need to secure the application using a single sign on. PowerApps relies on Microsoft Entra for its security both LDAP and OAuth. Has anyone in the community connected IRIS to Microsoft Entra?

Hi Team

i want to implement an Oauth 2.0 framework in my application , i define my connexion IHM, i want to check if the login and password are right when a user connect

do you've any idea ?

thank's

I'm trying to authorise my app using OAuth 2.0 i Cache. Sadly I'm unable to exchange the authorization code for an access token.

I am able to redirect user to the /authorize page, where the user can login and approve my app. The user is then correctly redirected back to my app and a ?code parameter is sent back.

Say I've been developing a web application that uses IRIS as the back end. I've been working on it with unauthenticated access. It's getting to the point where I would like to deploy it to users, but first I need to add authentication. Rather than using the default IRIS password authentication, I'd like users to sign in with my organization's Single Sign On, or some other popular identity provider like Google or GitHub. I've read that OpenID Connect is a common authentication standard, and it's supported by IRIS. What is the simplest way to get up and running?

I have just learned about configuration merge. However I see there is no option to configure OAuth2 with CPF. Any hopes to get that covered some day?

I have created an OAuth Client and have created the credentials etc successfully.

I have tested using the curl command and have received the token back from the Server using the terminal.

I now need to create an Operation to use my client credentials to connect to the Server and receive the token back.

In .NET Core you have an option to extend a session using a "sliding expiration". This means that if over half the time has passed and the user actively uses their session then the expiry timer gets reset and the user remains logged in. This can lead to the curious situation where you have an active authenticated user with an expired access token being used in data-access requests.

How can you allow computers to trust one another in your absence while maintaining security and privacy?

“A Dry Martini”, he said. “One. In a deep champagne goblet.”
“Oui, monsieur.”
“Just a moment. Three measures of Gordons, one of vodka, half a measure of Kina Lillet. Shake it very well until it’s ice-cold, then add a large thin slice of lemon peel. Got it?”
"Certainly, monsieur." The barman seemed pleased with the idea.
Casino Royale, Ian Fleming, 1953

OAuth helps to separate services with user credentials from “working” databases, both physically and geographically. It thereby strengthens the protection of identification data and, if necessary, helps you comply with the requirements of countries' data protection laws.

With OAuth, you can provide the user with the ability to work safely from multiple devices at once, while "exposing" personal data to various services and applications as little as possible. You can also avoid taking on "excess" data about users of your services (i.e. you can process data in a depersonalized form).

In this 3-part series of articles, is shown how you can use IAM to simply add security, according to OAuth 2.0 standards, to a previously unauthenticated service deployed in IRIS.

In the first part, was provided some OAuth 2.0 background together with some IRIS and IAM initial definitions and configurations in order to facilitate the understanding of the whole process of securing your services.