#OAuth2

Hello,

I am trying to get FHIR Resource using OAuth 2.0 . I get access_token sucessfully but when I use this token i get this type of error in postman. It is showing 401 Unauthorized please suggest any solution.

Thank You

LS,

Is there a samples on how to create the OAuth2 server from code? Now trying:

In this article I will demonstrate basics of OAuth2 authentication with GitHub account with the help of online demo
https://dappsecurity.demo.community.intersystems.com/csp/user/index.csp by using SuperUser | SYS

Hi Developers!

Here're the technology bonuses for the Security Contest 2021 that will give you extra points in the voting:

• Basic Authentication usage - 2
• Bearer/JWT Authentication usage - 3
• OAuth 2.0 usage - 5
• Authorization components usage - 2
• Auditing usage - 2
• Data Encryption usage - 2
• Docker container usage - 2
• ZPM Package deployment - 2
• Online Demo - 2
• Code Quality pass - 1
• Article on Developer Community - 2
• Video on YouTube - 3

See the details below.

I'm trying to implement an OAuth2 server, but I have som issues when trying to setup JWT under OAuth 2.0->Client.

I get the error message saying "No match between server name 'localhost' and SSL certificate values 'cache'". I have set up a SSL/TLS configuration as simple as possible without any certificate files. I'm accessing my server via HTTPS with an unsigned certificate.

Can anyone point me in the right direction on how to resolve the issue I'm encountering.

Hello, developers!

In this article, I will show you how to configure FHIR repository + OAuth2 authorization server/resource server on IRIS for Health following the previous article.

In Part 1, we introduced the preliminary preparations, configuring the OAuth2 authorization server, and obtaining the access token.
Part 2 will show you how to build an FHIR repository and configure an OAuth2 client/resource server.

Hi,

I am very much a newbe on the subject of JWT, so please except my ignorance.

The Trust I am currently working for wish to create a framework whereby they can create REST API Services, within HealthConnect, and grant access to these using JSON Web Token Authorisation and Bearer Tokens. This would be similar to the way the Trust currently connects to other REST API's, i.e.: DocMan Connect and GOV.UK Notify.

Can anyone offer any advice / sample code and / or point me into the direct of suitable documentation to achieve this?

Hi all,

a HealthConnect customer of ours came across with a question to use an external service via REST and OpenID within one of his HealthConnect (2020.1) productions. The overal idea is to send data to the external system after receiving a baerer token to use for the communication between HealthConnect and this system.

Hi!

we are evaluating IRIS Data Platform as an OAuth2 Authorization Server with the use of the official Docker image. We currently struggle with the OAuth2 setup, as we are required to use https:// for the /oauth2/authorize and /oauth2/token endpoints, but the Docker container exposes only http:// in its default configuration. We have tried to find any hints in the docs but were not successful. Any help is appreciated.

Thanks

Klaus & Lukas

In this 3-part series of articles, is shown how you can use IAM to simply add security, according to OAuth 2.0 standards, to a previously unauthenticated service deployed in IRIS.

In the first part, was provided some OAuth 2.0 background together with some IRIS and IAM initial definitions and configurations in order to facilitate the understanding of the whole process of securing your services.

How can you allow computers to trust one another in your absence while maintaining security and privacy?

“A Dry Martini”, he said. “One. In a deep champagne goblet.”
“Oui, monsieur.”
“Just a moment. Three measures of Gordons, one of vodka, half a measure of Kina Lillet. Shake it very well until it’s ice-cold, then add a large thin slice of lemon peel. Got it?”
"Certainly, monsieur." The barman seemed pleased with the idea.
Casino Royale, Ian Fleming, 1953

OAuth helps to separate services with user credentials from “working” databases, both physically and geographically. It thereby strengthens the protection of identification data and, if necessary, helps you comply with the requirements of countries' data protection laws.

With OAuth, you can provide the user with the ability to work safely from multiple devices at once, while "exposing" personal data to various services and applications as little as possible. You can also avoid taking on "excess" data about users of your services (i.e. you can process data in a depersonalized form).

OAuth server to be deployed on the IRIS learning cloud platform. Clients - one on the other instance of the learning IRIS server, the other client locally on my computer in the container docker.

Both clients get a seemingly correct link (through ##class(%SYS.OAuth2.Authorization).GetAuthorizationCodeEndpoint()) to the login request form:

Hi,

Most of my development experience is with HL7v2 interfaces and I don't have a background in web development and I'm very weak with javascript.

I'm looking for suggestions of learning resources to learn FHIR and 'SMART on FHIR' (JavaScript, OpenID connect, OAuth2) for developers like myself who mostly do HL7v2 integrations - but see FHIR as the future - and want to develop their skills!

I've found these

Hi.. I have an issue where we are using OAuth2.0 with the ZAUTHENTICATE routine. Once our token is validated we are using a users lan id (passed on the ID token) to find a software defined username in a Cache Global.

That is all working fine in ZAUTHENTICATE.. I am setting the software defined username in the Properties("Comment") array and wanting to reference it in the Rest Service Dispatch class.