On this page:

14.1Getting Started


Assuming that users have already installed SmileCDR, the following steps describe how a customer can begin to use the App Management Tools.

  • Log in to the Smile CDR Web Admin Console (the administration UI for configuring the system)
  • Enter username and password

On the landing page, "Config" will be visible on the header's navigation menu. The "Config" page enables users to configure storage modules, endpoints, security and other features as SmileCDR is divided into modules that are individually configured according to the needs of the deployment. The following steps describe how to add and configure the app gallery module:

  • Select "Config" from the landing page

  • On the “Config” page, under “Manage Node Modules”, select “Application Gallery” from the “Add Module of Type” drop-down list
  • Click “Add” at the right end corner of the selection bar

Afterward, you should see the app gallery module added to the list of modules in the Master node.

The following page will open after clicking "Add" which allows the user to enter additional configurations under “Application Gallery” and “Dependencies” for authenticating and authorizing users of the module using OpenID Connect Authentication.

The configurable fields include Logo URL for the location of the logo you’d like to show on the Admin Console. Smile CDR’s logo is a placeholder by default. Appropriate domain and context path should be used to configure the URLs. There are examples of the URLs for each field.


The AUTH URL, FHIR URL, and JSON URL must match those used in the respective modules. Similarly, the ** Client ID** name used in this section must match the name of the OpenID Connect Client that needs to be created, which is described later in this user guide. The names of each of the components can also be changed to suit your preferences.

In the Initial Application Gallery Seedingfield, the Attestation Title and HTML file for both the legal and plain version are already added by default for the first version. Ensure that the necessary details are provided for the following fields as described below:

  • In the Listener Port field, enter an appropriate port number (e.g., 19300).
  • In the Context Path field, enter a name you’d like to use for the URL path (e.g., /app-gallery/). IMPORTANT NOTE: the / at the end of the context path is necessary.
  • Toggle Respect Forward Headers and CORS Enabled to Yes
  • Under the Dependencies section, select a SMART Outbound Security module, e.g. smart_auth (SMART Outbound Security), from the dropdown.

After entering the necessary details, click “Save” and the following page will appear with a confirmation for the module added. On the same page, you should see app_gallery added to the list of modules in the Master node, under the ** Administrative Modules** section in the menu pane on the left. It is recommended to “Restart” the module if any changes are made. A green checkmark :heavy_check_mark: icon indicates a correctly functioning module.

The app_gallery module can then be selected from the list of modules listed under “Manage Node Module” on the "Config" page to make changes in the configurations, save the changes made, and archive them

Configuration of JSON Admin API module

The admin_json module is typically included in a standard Smile installation. If it does not come pre-installed, learn more about installing it here The admin_json module has the following configurable sections:

  • HTTP Listener
  • TLS / SSL (Encryption)
  • HTTP Request Pool
  • Cross-Origin Resource Sharing (CORS)
  • HTTP Security
  • HTTP Access Log
  • Auth: General for APIs
  • Auth: HTTP Basic
  • Auth: OpenID Connect
  • Additional Configuration
  • Dependencies

Ensure the following settings are assigned:

HTTP Listener

  • Listener Port (e.g., 19000)
  • Context Path (e.g., /json-admin)
  • Endpoint Health Path (e.g., /endpoint-health)
  • Respect Forward Headers toggled to “Yes”

Cross-Origin Resource Sharing (CORS)

  • CORS Enabled toggled to “Yes”
  • CORS Origins: [comma-separated list of allowable URLs is recommended, however the wildcard value “*” can be used for testing]

Auth: General for APIs:

  • Allow Anonymous Access toggled to “Yes”
  • Anonymous Account Username: “ANONYMOUS”

Auth: HTTP Basic

  • HTTP Basic Security toggled to “Yes”
  • HTTP Basic Realm: Smile CDR (by default but configurable; learn more here

Auth: OpenID Connect

  • OpenID Connect Security toggled to “Yes”


  • Username/Password Authentication: from the dropdown, select local_security (Local Inbound Security)
  • OpenID Connect Authentication: from the dropdown, select smart_auth (SMART Outbound Security)

After the configurations have been made, select “Save” at the top of the page to get redirected to the “Config” page. A confirmation message would be displayed for the newly added module. It is recommended to “Restart” the module if any changes are made.

On the same page, the newly added admin_json module will be displayed under the “Manage Node Modules” table and in the Administrative Modules section in the menu pane on the left with a green checkmark :heavy_check_mark: icon to indicate a correctly functioning module.