At hackathons that InterSystems participated and I supported, many students were asking how all their teammates could use the same IRIS database that they spun up in a container. I suggested using ngrok to expose their localhost IRIS and realized we don't have documentation on that. Hence, I thought this would be great to let more people knwo about this powerful technique for enhancing collaboration during development and testing.
Over the past couple of months, I have been working on the SMART on FHIR EHR Launch to test the capabilities of IRIS for Health using two open-source apps from CSIRO: SMART-EHR-Launcher and SMART Forms App. This journey has been incredibly interesting, and I’m truly grateful for the opportunity to work on this task and explore more of IRIS for Health’s potential.
I want to integrate IRIS with Keycloak OAuth2 provider to use delegated authentication everywhere and to secure everything - sys*/Portal applications, REST services, FHIR server and so on. If an unathenticated user tries to access any IRIS URL - he or she should be redirected to Keycloak. After the user has successfully authenticated, i would like to access his requistes (username, email, roles, scopes) extracted from the JWT token, programmatically. What should be done to achieve that?
I'm trying to call a SOAP web service which is implemented in .NET Classic and requires NTLM authentication. The client class was generated by %SOAP.WSDL.Reader. The problem is that neither NTLM authentication works nor can I handle the exception since VSCode debugger says that all meaningful fields and properties are empty (the same request works fine in Postman):
I finally figured out how to get JWT token using set x = ##class(%SYS.OAuth2.Authorization).GetAccessTokenClient("medbank","openid fhirUser",.prop,.err).
I also found iris-fhir-client app on Open Exchange. I registered Epic sandbox server, but I cannot list resources. I suspect I need to integrate authorization / authentication. How do I do this with irisfhirclient py?
I have an API set up in IRIS which is secured using an IRIS authentication service, so there is a bearer token being passed down in the request header.
I'm trying to use JWT authentication on a REST application in IRIS. The login API are correctly "injected" into the application. Login works fine with Postman and other REST clients, and subsequent calls to my REST API using the bearer token work fine (correctly authenticated). So far, so good.
I am trying to use IRIS for Health as a Facade for an external FHIR Server, where IRIS provides the proper authentication.
The client authenticates using a bearer token obtained from the IRIS OAuth2 server via a jwt client assertion.
The IRIS endpoint, however, returns a 401 as soon as I remove the Unauthenticated access
Is there w way to make this work through configuration?
Recently I got into a situation where a user had some roles, which granted additional roles, and so on.
As I did not understand where a particular permission came from, I wrote this code which gets an initial set of roles and unwraps them recursively, accounting for any repeats.
I am currently part of a team that is developing an application using Microsoft PowerApps as the front end and IRIS as the backend. Effectively that frontend screens, which are house and an Azure serve, call a series of REST interfaces exposed by IRIS from a physical Microsoft server. During the development stage we have not had any security in place but now we need to secure the application using a single sign on. PowerApps relies on Microsoft Entra for its security both LDAP and OAuth. Has anyone in the community connected IRIS to Microsoft Entra?
One of the most common kinds of integration we are asked to do is emailing. One of the most typical email services our customers use is Microsoft’s Office 365. After setting up the right configuration on the Microsoft side, we can email from IRIS with two HTTP requests.
As a part of the IRIS Python 2024 contest, my colleague Damir and I went with an idea to build a platform called ShelterShare for connecting victims and volunteers for shelter requests .
I have a question about using OnInit() within a Ens.BusinessOperation.
When you include OnInit(), does OnInit() only execute when you start a Business Operation? Or does it execute OnInit () every time you send a REST request to the operation. I am trying to pinpoint when the best time is to execute the POST command to get the Token
I am needing to get a Bearer Token from a REST POST call and return the Authorization key prior to making the rest of the REST calls to pull down data.
My SOAP functions were working perfectly before enabling basic authentication. To set up basic authentication, I created web applications for the SOAP service, checked the password option, and assigned a user to this web application. However, after enabling basic authentication, the SOAP service stopped working.
We recently moved from using the Private Web Server, to using an Apache/Web Gateway setup and moved towards using the built in LDAP functionality within IRIS. Since then, we have 1 user that uses VSCode (/api/atelier) heavily that continues to have issues signing into IRIS through VS Code and the /api/atelier extension.
In this article we are going to see how we can use the WhatsApp instant messaging service from InterSystems IRIS to send messages to different recipients. To do this we must create and configure an account in Meta and configure a Business Operation to send the messages we want.
Let's look at each of these steps in more detail.
Setting up an account on Meta
This is possibly the most complicated point of the entire configuration, since we will have to configure a series of accounts until we can have the messaging functionality.
I am attempting to configure an inbound service that utilizes the EnsLib.SOAP.GenericService class. This service receives HL7-v3 content wrapped in SOAP requests. Despite reading the documentation on configuring SOAP services, I am still confused.
In my current configuration item "Fr_Centrak_RTLS", I have ‘Enable Standard Requests’ checked, ‘Pool Size’ set to 0, and the port is unspecified.
In the modern digital age, securing applications, particularly those handling sensitive health data, is paramount. The confidentiality, integrity, and availability of such data are crucial, necessitating robust security measures. Two-factor authentication (2FA) stands out as a critical enhancement in safeguarding access, adding an extra layer of security beyond just passwords. Recognizing the significance of this feature, InterSystems provides built-in support for 2FA in its database solutions. This tutorial aims to guide you through the process of configuring two-factor authentication in your InterSystems environment, ensuring that your data remains secure and accessible only to authorized users.
I am trying to use postman to start the restapi classes from a json openapi2.0.0 file.
POST: https://myserver.com/api/mgmnt/v2/requestAPI. The body contains the openapi2.0.0. The application api/mgmnt has in security settings: password. JWT is not selected. I set postman authentication to basis authentication and gave username and password. I also set in headers IRISUsername and IRISPassword. I have 401 Unauthorized.
Is the only way to go through is to build an oauth token? or do I miss something?
When trying to save ZAUTHENTICATE.mac the following error occurs
If it is wrongly named as like ZATHIENTICATE.mac in the %SYS namespace it saves ok so it is something blocking saving a new fresh ZAUTH code of the correct name- we have no other delegated auth that I am aware of.
Your may not realize it, but your InterSystems Login Account can be used to access a very wide array of InterSystems services to help you learn and use InterSystems IRIS and other InterSystems technologies more effectively. Continue reading to learn more about how to unlock new technical knowledge and tools using your InterSystems Login account. Also - after reading, please participate in the Poll at the bottom, so we can see how this article was useful to you!
The %CSP.Login class is the utility class provided by InterSystems IRIS to do custom login pages. If you want to control your IRIS application authentication UI, you must extend %CSP.Login and override some methods according to your needs. This article is going to detail those methods and what you can do with them. In addition to that, you will get an explanation of the delegated authentication mechanism provided by ZAUTHENTICATE.mac routine.
Hi, I need to make a prompt for a password and to not display what the user is typing in a CMD. I want to use the read command but i'm not sure if it is possible with it.
By update
Open Exchange app.png)
