Client Creation and Configuration
An additional OIDC client is required so that the appSphere functions correctly. Client creation and configuration can be done as follows:
- Log-in to the Smile CDR Web Admin Console (the administration UI for configuring the system)
- Enter username and password
- On the landing page, select “Config” from the header’s navigation menu
- Under “Config” select “OpenID Connect Clients” from the dropdown list
- In the “OpenID Connect Clients” page, select “Create Client” to create authorized OpenID Connect Clients
The following page allows OAuth2 Properties, SMART Scopes and Client Permissions to be set by entering required details or via the toggle switch. Ensure the following are assigned for the respective configurable sections.
- Ensure that the ClientID mentioned matches that set in the appSphere module
- In the Authorized Grant Types field, toggle to “Yes” for Authorization Code and select from the other grant types that need to be enabled
- In the Authorized Redirect URLs field include links to the console and portal. NOTE: including the
/ the end of the URL is important.
- For example:
** IMPORTANT NOTE **
Ensure that the name entered for the Context Path field while configuring the appSphere module (see Getting Started) is correctly reflected in the Authorized Redirect URLs (for console and portal).
- In the Scopes field, enter the scopes (whitespace separated) that are permitted to be requested (e.g., online_access openid profile). Refer to Supported Scopes Documentation
- In the Auto-Approve Scopes field, enter the scopes to be auto-approved so that the user does not need to manually approve them (e.g., cdr_all_user_authorities online_access openid profile).
- In the Auto-Grant Scopes field, enter the scopes to be granted after client authorization without the need for user approval (e.g., cdr_all_user_authorities)
Toggle to “Yes” for the following permissions:
Under “Client Permissions”, each ID can be selected to get more information about a given role or permission. After the required configurations have been set, click “Create” at the top of the page to be redirected to the “OpenID Connect Clients” page. In the “OpenID Connect Clients” page, a confirmation message will be displayed for the client created.
In the "Clients" table, the newly added client will be listed with the option to select “Modify” to make changes to the previously set OAuth2 Properties, SMART Scopes, and Client Permissions.