Configuring a FHIR Authentication Resource

A FHIR authentication resource is used to store the information that would be required to authenticate the system with an authorization server. This resource must be configured before using the Get OAuth Token activity.

Step 1 - Creating a new FHIR Authentication Resource

You can specify the location of the server with which you want to communicate and exchange information when configuring the FHIR authentication resource. This shared resource is typically used to store the data required for client credentials grant type of authorization and then by using the Get OAuth Token activity of FHIR palette to get the access token for the plug-in.

  1. Access the FHIR authentication - to create a new FHIR Authentication Resource wizard by going to Resource > New > FHIR Authentication.

    .

  2. In the Creates a new FHIR Shared Resource dialog box, enter the identifying information about the shared resource as can be seen in the following table:
    Field Literal Value/Module Property/Process Property? Description
    Resource Folder No Path to the resource folder.

    Enter a path or use the Browse button to navigate to a folder by using File Explorer.

    Package No Package name to be used in the resource folder.

    Enter a name or use the Browse button to navigate to a file by using File Explorer.

    Resource Name No Name of the resource

  3. To create the shared resource, click Finish. The FHIR Authentication page opens.

Step 2 - Configuring a new FHIR Authentication Resource

On the FHIR Authentication page, enter the following configuration information about the shared resource.

Field Literal Value/Module Property/Process Property? Description
Package No Populated from Creates a new FHIR Authentication Resource
Name Populated from Creates a new FHIR Authentication Resource
Description Optional. Descriptive text about the shared resource.
Client ID No Unique identifier for the given client.
Client Secret No Used to authenticate with the authorization server.
Scope No Specific scope that is being requested.

For example, patient/*.read, patient/*.write

Token Endpoint No A service endpoint that the application might communicate with, to get the token. For example, https://localhost:9200/oauth/token.