Welcome
Getting Started
-
Quick Start
Concepts
-
Product Concepts
-
Testing Tools
Guides
-
Installing
- Platform Requirements
- Preparing a Linux Host
- Installing Smile CDR, NGINX and PostgreSQL in a Docker Stack
- Deploying a Kubernetes Managed Cluster
- Docker Container Installation
- Configuring Smile CDR
- Unix Service Installation
- Tuning your Installation
- Designing a Cluster
- Message Brokers
- Message Broker Failure Management
- Message Broker: Kafka
- Message Broker: ActiveMQ
- Message Broker: Pulsar
- Pre-Seeding Configuration and Data
- Production Checklist
- Module Licensing
-
Upgrading
-
Planning
-
Implementation
-
Tutorials
- Introduction
- Integration Testing Tutorial
- Custom Operations Tutorial
- HL7 v2.x Ingestion Tutorial
- Federated OAuth2/OIDC Tutorial
- MDM Tutorial
- CDA Import Tutorial
- CDA Export Tutorial
- CDA Export - Custom Narrative Generation Tutorial
- CDA Import JSON example
- CDA Export Template JSON example
- Consent Tutorial
Reference
-
FHIR Storage
- FHIR Storage Modules
- FHIR Endpoint Module
- FHIRWeb Console
- OpenAPI / Swagger Support
- FHIR Endpoint Customization
- Resource IDs
- Search Parameters
- Search Parameter Features
- Phonetic Search Parameters
- Search Parameter Tuning
- Search Parameter Reindexing
- Searching for Data
- Creating Data
- Reading Data
- Updating Data
- Deleting Data
- Binary Data
- Externalized Resource Body Storage
- Working with Duplicates
- Request Tracing and Provenance
- Resource Versions and Versioned References
- Tags, Profiles, and Security Labels
- Partitioning and Multitenancy
- Custom Resource Types
- Batch and Scheduled Jobs
- Tokenization
-
FHIR Storage (MongoDB)
-
Validation and Conformance
- Introduction
- Validation Support Repository
- Validation Support Repository Options
- Conformance Data
- Repository Validation
- Repository Validation: Java
- Repository Validation: Javascript
- Repository Validation: Validation Bean
- Endpoint Validation
- Packages and Implementation Guides
- Package Registry Endpoint Module
- Remote Terminology Services
- Suppressing Messages
- Validation Performance
- Automatic Provenance Injection
-
Interceptors
- Interceptors
- Pointcuts
- Starter Project
- Examples: FHIR Endpoints
- Examples: HL7v2 Endpoints
- Examples: FHIR Storage
- Examples: FHIR Gateway
- Examples: FHIR Client
- Examples: MDM
- Examples: Subscription
- Examples: Channel Import
- Examples: Cluster Manager
- Examples: App Sphere
- Examples: System To System Data Exchange
- 2024.02.01 Migration Guide
-
Channel Import
-
Security
- Authentication Protocols
- Authorization and Consent
- Inbound Security Module
- Local Inbound Security Module
- LDAP Inbound Security Module
- Scripted Inbound Security Module
- SAML Inbound Security Module
- Trusted Client Mode
- Roles and Permissions
- Callback Scripts
- Anonymous Access
- Consent Service
- Consent Service: JavaScript API
- Consent Service: Java API
- Security Recipes
- Two Factor Authentication
- Password Hashing Algorithms
- JWT Signature Algorithms
- Troubleshooting Security
-
Consent Module
-
SMART on FHIR
- SMART on FHIR: Introduction
- SMART: Scopes
- SMART: Auth Flows
- SMART: Endpoints
- SMART: Smile CDR Support
- SMART Outbound Security: Module
- SMART Outbound Security: Skinning
- SMART Outbound Security: Context Selection
- SMART Outbound Security: SAML Bridging
- SMART: Federated OAuth2/OIDC Login
- SMART: Application Approval/Consent
- SMART Inbound Security Module
- SMART Client Definitions
- SMART Server Definitions
- SMART OIDC Keystore Definitions
- SMART: Session Management
- SMART: Assigning Permissions
- SMART: Access Tokens
- SMART: User Profile Information
- FHIR Client Authentication
- SMART: Machine to Machine Authentication
-
FHIR Hybrid Providers
-
CDS Hooks
-
IG Support
-
HL7 v2.x Support
- Introduction
- Inbound Messaging
- FHIR-Based Terminology Translation
- Outbound Messaging
- Outbound: Default Resource Conversion
- Outbound: Custom Resource Conversion
- Outbound: Verbatim Messaging
- Outbound: Transport
- Transactions
- Structure Definitions
- Segment Definitions
- Table Definitions
- Naming System Mapping
- Processing Results Feeds
- Protocol
-
CDA Exchange+ Module
-
System to System Data Exchange
-
Bulk Operations
-
Additional Features
-
Product Administration
-
JSON Admin Endpoints
- JSON Admin API
- Audit Log Endpoint
- Batch Job Endpoint
- Bulk Import Endpoint
- CDA Exchange Endpoint
- Metrics Endpoint
- Module Config Endpoint
- OpenID Connect Clients Endpoint
- OpenID Connect Keystores Endpoint
- OpenID Connect Servers Endpoint
- OpenID Connect Sessions Endpoint
- Runtime Status Endpoint
- System Config Endpoint
- Transaction Log Endpoint
- Troubleshooting Log Endpoint
- User Management Endpoint
-
HFQL: Direct SQL Access
-
Product Configuration
-
Java Execution Environment
-
JavaScript Execution Environment
- Introduction
- Specifying JavaScript in Configuration File
- Remote Debugging
- ECMA Modules (import)
- Converter API
- Environment API
- Exceptions API
- OAuth2 Exceptions API
- FHIR REST API
- FHIR Model API
- HL7 v2.x Mapping API
- HTTP API
- LDAP API
- Log API
- Composition Resource API
- Composition Section API
- TransactionBuilder API
- Util API
- UUID API
- XML API
- Callback Models
-
Localization
-
Smile CDR CLI (smileutil)
- Introduction
- Bulk Import
- Create FHIR Package
- Execute Script Function
- Export ConceptMap to CSV
- HL7 v2.x Analyze Flat File
- HL7 v2.x Transmit Flat File
- Import CSV to ConceptMap
- Map and Upload CSV Bulk Import File
- Migrate Database
- Clear Database Migration Lock
- Module Config Properties Export
- Reindex Terminology
- Synchronize FHIR Servers
- Upgrade H2 Database File
- Upload Bundle Files
- Upload CSV Bulk Import File
- Upload Sample Dataset
- Upload Terminology
- Generate Realtime Export Schema
- Validate FHIR Resources
-
Apache Camel Integration
- Camel Module Overview
- Smile Camel Processors
- Processors: FHIR Storage module
- Processors: ETL Import module
- Processors: Camel module
- Processors: Cluster Manager module
- Processors: HL7v2 Inbound module
- Processors: CDA Exchange+ module
- Processors: Transaction Logging
- Smile Camel Converters
- Smile Camel Recipes
-
Prior Auth CRD (Coverage Requirement Discovery)
-
Prior Auth DTR (Documentation Templates and Rules)
-
Prior Auth Support
-
Davinci Data Exchange
-
Modules
- JSON Admin API
- Web Admin Console
- CDA Exchange+
- CDA Exchange(Deprecated)
- Channel Import
- Cluster Manager
- CQL
- Audit Log Persistence
- Transaction Log Persistence
- Digital Quality Measures (DQM)
- Documentation Templates and Rules (DTR)
- Enterprise Master Patient Index
- CDS Hooks Endpoint
- FHIR Gateway Endpoint
- FHIR REST Endpoint (All Versions)
- FHIR REST Endpoint (DSTU2 - Deprecated)
- FHIR REST Endpoint (DSTU3 - Deprecated)
- FHIR REST Endpoint (R4 - Deprecated)
- FHIRWeb Console
- HL7 v2.x Listening Endpoint
- HL7 v2.x Listening Endpoint (Deprecated)
- HL7 v2.x Sending Endpoint
- Hybrid Providers Endpoint
- Package Registry Endpoint
- Subscription Websocket Endpoint
- ETL Importer
- MDM
- MDM UI
- Prior Auth CRD
- Prior Auth Support
- Narrative Generator
- FHIR Storage (DSTU2 RDBMS)
- FHIR Storage (R3 RDBMS)
- FHIR Storage (R4 RDBMS)
- FHIR Storage (R5 RDBMS)
- FHIR Storage (Mongo)
- Realtime Export
- LDAP Inbound Security
- Local Inbound Security
- SAML Inbound Security
- Scripted Inbound Security
- SMART Inbound Security
- SMART Outbound Security
- Subscription Matcher (All FHIR Versions)
- Subscription Matcher (DSTU2 - Deprecated)
- Subscription Matcher (DSTU3 - Deprecated)
- Subscription Matcher (R4 - Deprecated)
- appSphere
- Payer to Payer (Deprecated)
- System to System Data Exchange
- License
- Camel
- Consent Module
- Davinci Data Exchange
-
Appendix
Generated Reference
-
Configuration Categories
- Web Admin Console Settings
- appSphere
- Payer Config
- Initial appSphere Seeding
- Authentication Callback Scripts
- Auth: General for APIs
- User Authentication
- Auth: HTTP Basic
- Auth: OpenID Connect
- Browser Syntax Highlighting
- Camel
- Capability Statement (metadata)
- Care Gaps
- CDA Export
- CDA Import
- CDA Interceptors
- CDA JavaScript Execution Scripts
- CDA Terminology
- CDS Hooks Definitions
- CDS Hooks On FHIR
- Channel Import
- Channel Retry
- Cluster Manager Interceptors
- Kafka
- Cluster Manager Maintenance
- Message Broker
- Cluster Level Security
- Consent
- CQL
- Credentials
- Cross-Origin Resource Sharing (CORS)
- Invoke Export
- Member Match
- Database
- Da Vinci Health Record Exchange
- EasyShare SMART Health Links
- Email Configuration
- MDM UI
- ETL Import: CSV Properties
- ETL Import: Source
- Measure Evaluation
- External Object Storage
- FHIR Binary Storage
- FHIR Bulk Operations
- Capability Statement
- FHIR Configuration
- Consent Service
- FHIR Endpoint Conversion
- FHIR Endpoint HFQL Support
- FHIR Endpoint Partitioning
- Resource Providers
- FHIR Endpoint Security
- Endpoint Terminology
- FHIR Gateway Cache
- FHIR Gateway Configuration
- FHIR Interceptors
- LiveBundle Service
- FHIR MDM Server
- FHIR Performance
- FHIR Performance Tracing
- FHIR Realtime Export
- Repository Validation
- FHIR Resource Body Storage
- FHIR Resource Types
- FHIR REST Endpoint
- FHIR Search
- Custom Resource Types
- IG Support
- MegaScale
- FHIR Storage Module Conditional Updates
- FHIR Storage Module Scheduled Tasks
- FHIR Validation Services
- FHIR Validation Services Remote Terminology Client TLS / SSL (Encryption)
- FHIR Storage Package Registry
- FHIR Storage Partitioning
- Versioned References
- FHIR Subscription Delivery
- FHIR Subscription Persistence
- FHIR Tokenization
- Full-Text Indexing
- HL7 v2.x Mapper - Contained Resource
- HL7 v2.x Mapper - DG1
- HL7 v2.x Mapper - Forced Namespace Mode
- HL7 v2.x Mapper - General
- HL7 v2.x Mapper - Medications
- HL7 v2.x Mapper - OBR
- HL7 v2.x to FHIR Mapper - OBSERVATION Group
- HL7 v2.x Mapper - ORC
- HL7 v2.x to FHIR Mapper - ORDER_OBSERVATION Group
- HL7 v2.x Mapper - PID
- HL7 v2.x Mapper - PV1
- HL7 v2.x Mapper - TXA
- Listener Interceptors
- HL7 v2.x Listener Script
- HL7 v2.x Listening Endpoint
- HL7 v2.x MLLP Listener
- HL7 v2.x MLLP Sender
- FHIR to HL7 v2.x Mapper Script
- HL7 v2.x Outbound Mapping
- HTTP Access Log
- HTTP Listener
- HTTP Request Pool
- HTTP Security
- Hybrid Providers Definitions
- IG Support
- Initial User Seeding
- JavaScript Execution Environment
- JSON Web KeySet (JWKS)
- LDAP Authentication
- Smile CDR License
- MDM
- Migration
- Narrative Generator
- OpenID Connect Token Validation
- OpenID Connect (OIDC)
- Prior Authorization Coverage Requirement Discovery
- Prior Authorization Documentation Templates and Requirements
- Prior Authorization Support
- Privacy Security Notice
- Product Portal
- Provenance Injection
- Quality Payment Program (QPP)
- Realtime Export
- Endpoint Validation: Request Validating
- Scheduler Configuration
- Search Parameter Seeding
- SAML Provider
- Security Inbound Script
- Inbound SMART on FHIR Authentication
- Inbound SMART on FHIR Endpoints
- OAuth2/OIDC Federation
- SMART Callback Script
- Cross-Organizational Data Access Profile
- SMART Login Skin
- SMART Login Terms of Service
- SMART Authorization
- SMART Definitions Seeding
- Sessions
- Two Factor Authentication
- TLS / SSL (Encryption)
- Transaction Log
- Trusted Client
- User Self Registration
- Web Admin Console Settings
- appSphere
- Payer Config
- Initial appSphere Seeding
- Authentication Callback Scripts
- Auth: General for APIs
- User Authentication
- Auth: HTTP Basic
- Auth: OpenID Connect
- Browser Syntax Highlighting
- Camel
- Capability Statement (metadata)
- Care Gaps
- CDA Export
- CDA Import
- CDA Interceptors
- CDA JavaScript Execution Scripts
- CDA Terminology
- CDS Hooks Definitions
- CDS Hooks On FHIR
- Channel Import
- Channel Retry
- Cluster Manager Interceptors
- Kafka
- Cluster Manager Maintenance
- Message Broker
- Cluster Level Security
- Consent
- CQL
- Credentials
- Cross-Origin Resource Sharing (CORS)
- Invoke Export
- Member Match
- Database
- Da Vinci Health Record Exchange
- EasyShare SMART Health Links
- Email Configuration
- MDM UI
- ETL Import: CSV Properties
- ETL Import: Source
- Measure Evaluation
- External Object Storage
- FHIR Binary Storage
- FHIR Bulk Operations
- Capability Statement
- FHIR Configuration
- Consent Service
- FHIR Endpoint Conversion
- FHIR Endpoint HFQL Support
- FHIR Endpoint Partitioning
- Resource Providers
- FHIR Endpoint Security
- Endpoint Terminology
- FHIR Gateway Cache
- FHIR Gateway Configuration
- FHIR Interceptors
- LiveBundle Service
- FHIR MDM Server
- FHIR Performance
- FHIR Performance Tracing
- FHIR Realtime Export
- Repository Validation
- FHIR Resource Body Storage
- FHIR Resource Types
- FHIR REST Endpoint
- FHIR Search
- Custom Resource Types
- IG Support
- MegaScale
- FHIR Storage Module Conditional Updates
- FHIR Storage Module Scheduled Tasks
- FHIR Validation Services
- FHIR Validation Services Remote Terminology Client TLS / SSL (Encryption)
- FHIR Storage Package Registry
- FHIR Storage Partitioning
- Versioned References
- FHIR Subscription Delivery
- FHIR Subscription Persistence
- FHIR Tokenization
- Full-Text Indexing
- HL7 v2.x Mapper - Contained Resource
- HL7 v2.x Mapper - DG1
- HL7 v2.x Mapper - Forced Namespace Mode
- HL7 v2.x Mapper - General
- HL7 v2.x Mapper - Medications
- HL7 v2.x Mapper - OBR
- HL7 v2.x to FHIR Mapper - OBSERVATION Group
- HL7 v2.x Mapper - ORC
- HL7 v2.x to FHIR Mapper - ORDER_OBSERVATION Group
- HL7 v2.x Mapper - PID
- HL7 v2.x Mapper - PV1
- HL7 v2.x Mapper - TXA
- Listener Interceptors
- HL7 v2.x Listener Script
- HL7 v2.x Listening Endpoint
- HL7 v2.x MLLP Listener
- HL7 v2.x MLLP Sender
- FHIR to HL7 v2.x Mapper Script
- HL7 v2.x Outbound Mapping
- HTTP Access Log
- HTTP Listener
- HTTP Request Pool
- HTTP Security
- Hybrid Providers Definitions
- IG Support
- Initial User Seeding
- JavaScript Execution Environment
- JSON Web KeySet (JWKS)
- LDAP Authentication
- Smile CDR License
- MDM
- Migration
- Narrative Generator
- OpenID Connect Token Validation
- OpenID Connect (OIDC)
- Prior Authorization Coverage Requirement Discovery
- Prior Authorization Documentation Templates and Requirements
- Prior Authorization Support
- Privacy Security Notice
- Product Portal
- Provenance Injection
- Quality Payment Program (QPP)
- Realtime Export
- Endpoint Validation: Request Validating
- Scheduler Configuration
- Search Parameter Seeding
- SAML Provider
- Security Inbound Script
- Inbound SMART on FHIR Authentication
- Inbound SMART on FHIR Endpoints
- OAuth2/OIDC Federation
- SMART Callback Script
- Cross-Organizational Data Access Profile
- SMART Login Skin
- SMART Login Terms of Service
- SMART Authorization
- SMART Definitions Seeding
- Sessions
- Two Factor Authentication
- TLS / SSL (Encryption)
- Transaction Log
- Trusted Client
- User Self Registration
-
Module Dependencies
-
Product Reference
Powered by Smile CDR v2025.11.PRE-02 (build 6e88b6f4ac)
Showing documentation for 2025.11.PRE
57.113
OpenID Connect Token Validation
Configuration Categories
57.0
Web Admin Console Settings
57.1
appSphere
57.2
Payer Config
57.3
Initial appSphere Seeding
57.4
Authentication Callback Scripts
57.5
Auth: General for APIs
57.6
User Authentication
57.7
Auth: HTTP Basic
57.8
Auth: OpenID Connect
57.9
Browser Syntax Highlighting
57.10
Camel
57.11
Capability Statement (metadata)
57.12
Care Gaps
57.13
CDA Export
57.14
CDA Import
57.15
CDA Interceptors
57.16
CDA JavaScript Execution Scripts
57.17
CDA Terminology
57.18
CDS Hooks Definitions
57.19
CDS Hooks On FHIR
57.20
Channel Import
57.21
Channel Retry
57.22
Cluster Manager Interceptors
57.23
Kafka
57.24
Cluster Manager Maintenance
57.25
Message Broker
57.26
Cluster Level Security
57.27
Consent
57.28
CQL
57.29
Credentials
57.30
Cross-Origin Resource Sharing (CORS)
57.31
Invoke Export
57.32
Member Match
57.33
Database
57.34
Da Vinci Health Record Exchange
57.35
EasyShare SMART Health Links
57.36
Email Configuration
57.37
MDM UI
57.38
ETL Import: CSV Properties
57.39
ETL Import: Source
57.40
Measure Evaluation
57.41
External Object Storage
57.42
FHIR Binary Storage
57.43
FHIR Bulk Operations
57.44
Capability Statement
57.45
FHIR Configuration
57.46
Consent Service
57.47
FHIR Endpoint Conversion
57.48
FHIR Endpoint HFQL Support
57.49
FHIR Endpoint Partitioning
57.50
Resource Providers
57.51
FHIR Endpoint Security
57.52
Endpoint Terminology
57.53
FHIR Gateway Cache
57.54
FHIR Gateway Configuration
57.55
FHIR Interceptors
57.56
LiveBundle Service
57.57
FHIR MDM Server
57.58
FHIR Performance
57.59
FHIR Performance Tracing
57.60
FHIR Realtime Export
57.61
Repository Validation
57.62
FHIR Resource Body Storage
57.63
FHIR Resource Types
57.64
FHIR REST Endpoint
57.65
FHIR Search
57.66
Custom Resource Types
57.67
IG Support
57.68
MegaScale
57.69
FHIR Storage Module Conditional Updates
57.70
FHIR Storage Module Scheduled Tasks
57.71
FHIR Validation Services
57.72
FHIR Validation Services Remote Terminology Client TLS / SSL (Encryption)
57.73
FHIR Storage Package Registry
57.74
FHIR Storage Partitioning
57.75
Versioned References
57.76
FHIR Subscription Delivery
57.77
FHIR Subscription Persistence
57.78
FHIR Tokenization
57.79
Full-Text Indexing
57.80
HL7 v2.x Mapper - Contained Resource
57.81
HL7 v2.x Mapper - DG1
57.82
HL7 v2.x Mapper - Forced Namespace Mode
57.83
HL7 v2.x Mapper - General
57.84
HL7 v2.x Mapper - Medications
57.85
HL7 v2.x Mapper - OBR
57.86
HL7 v2.x to FHIR Mapper - OBSERVATION Group
57.87
HL7 v2.x Mapper - ORC
57.88
HL7 v2.x to FHIR Mapper - ORDER_OBSERVATION Group
57.89
HL7 v2.x Mapper - PID
57.90
HL7 v2.x Mapper - PV1
57.91
HL7 v2.x Mapper - TXA
57.92
Listener Interceptors
57.93
HL7 v2.x Listener Script
57.94
HL7 v2.x Listening Endpoint
57.95
HL7 v2.x MLLP Listener
57.96
HL7 v2.x MLLP Sender
57.97
FHIR to HL7 v2.x Mapper Script
57.98
HL7 v2.x Outbound Mapping
57.99
HTTP Access Log
57.100
HTTP Listener
57.101
HTTP Request Pool
57.102
HTTP Security
57.103
Hybrid Providers Definitions
57.104
IG Support
57.105
Initial User Seeding
57.106
JavaScript Execution Environment
57.107
JSON Web KeySet (JWKS)
57.108
LDAP Authentication
57.109
Smile CDR License
57.110
MDM
57.111
Migration
57.112
Narrative Generator
57.113
OpenID Connect Token Validation
57.114
OpenID Connect (OIDC)
57.115
Prior Authorization Coverage Requirement Discovery
57.116
Prior Authorization Documentation Templates and Requirements
57.117
Prior Authorization Support
57.118
Privacy Security Notice
57.119
Product Portal
57.120
Provenance Injection
57.121
Quality Payment Program (QPP)
57.122
Realtime Export
57.123
Endpoint Validation: Request Validating
57.124
Scheduler Configuration
57.125
Search Parameter Seeding
57.126
SAML Provider
57.127
Security Inbound Script
57.128
Inbound SMART on FHIR Authentication
57.129
Inbound SMART on FHIR Endpoints
57.130
OAuth2/OIDC Federation
57.131
SMART Callback Script
57.132
Cross-Organizational Data Access Profile
57.133
SMART Login Skin
57.134
SMART Login Terms of Service
57.135
SMART Authorization
57.136
SMART Definitions Seeding
57.137
Sessions
57.138
Two Factor Authentication
57.139
TLS / SSL (Encryption)
57.140
Transaction Log
57.141
Trusted Client
57.142
User Self Registration
57.143
Web Admin Console Settings
57.143
appSphere
57.143
Payer Config
57.143
Initial appSphere Seeding
57.143
Authentication Callback Scripts
57.143
Auth: General for APIs
57.143
User Authentication
57.143
Auth: HTTP Basic
57.143
Auth: OpenID Connect
57.143
Browser Syntax Highlighting
57.143
Camel
57.143
Capability Statement (metadata)
57.143
Care Gaps
57.143
CDA Export
57.143
CDA Import
57.143
CDA Interceptors
57.143
CDA JavaScript Execution Scripts
57.143
CDA Terminology
57.143
CDS Hooks Definitions
57.143
CDS Hooks On FHIR
57.143
Channel Import
57.143
Channel Retry
57.143
Cluster Manager Interceptors
57.143
Kafka
57.143
Cluster Manager Maintenance
57.143
Message Broker
57.143
Cluster Level Security
57.143
Consent
57.143
CQL
57.143
Credentials
57.143
Cross-Origin Resource Sharing (CORS)
57.143
Invoke Export
57.143
Member Match
57.143
Database
57.143
Da Vinci Health Record Exchange
57.143
EasyShare SMART Health Links
57.143
Email Configuration
57.143
MDM UI
57.143
ETL Import: CSV Properties
57.143
ETL Import: Source
57.143
Measure Evaluation
57.143
External Object Storage
57.143
FHIR Binary Storage
57.143
FHIR Bulk Operations
57.143
Capability Statement
57.143
FHIR Configuration
57.143
Consent Service
57.143
FHIR Endpoint Conversion
57.143
FHIR Endpoint HFQL Support
57.143
FHIR Endpoint Partitioning
57.143
Resource Providers
57.143
FHIR Endpoint Security
57.143
Endpoint Terminology
57.143
FHIR Gateway Cache
57.143
FHIR Gateway Configuration
57.143
FHIR Interceptors
57.143
LiveBundle Service
57.143
FHIR MDM Server
57.143
FHIR Performance
57.143
FHIR Performance Tracing
57.143
FHIR Realtime Export
57.143
Repository Validation
57.143
FHIR Resource Body Storage
57.143
FHIR Resource Types
57.143
FHIR REST Endpoint
57.143
FHIR Search
57.143
Custom Resource Types
57.143
IG Support
57.143
MegaScale
57.143
FHIR Storage Module Conditional Updates
57.143
FHIR Storage Module Scheduled Tasks
57.143
FHIR Validation Services
57.143
FHIR Validation Services Remote Terminology Client TLS / SSL (Encryption)
57.143
FHIR Storage Package Registry
57.143
FHIR Storage Partitioning
57.143
Versioned References
57.143
FHIR Subscription Delivery
57.143
FHIR Subscription Persistence
57.143
FHIR Tokenization
57.143
Full-Text Indexing
57.143
HL7 v2.x Mapper - Contained Resource
57.143
HL7 v2.x Mapper - DG1
57.143
HL7 v2.x Mapper - Forced Namespace Mode
57.143
HL7 v2.x Mapper - General
57.143
HL7 v2.x Mapper - Medications
57.143
HL7 v2.x Mapper - OBR
57.143
HL7 v2.x to FHIR Mapper - OBSERVATION Group
57.143
HL7 v2.x Mapper - ORC
57.143
HL7 v2.x to FHIR Mapper - ORDER_OBSERVATION Group
57.143
HL7 v2.x Mapper - PID
57.143
HL7 v2.x Mapper - PV1
57.143
HL7 v2.x Mapper - TXA
57.143
Listener Interceptors
57.143
HL7 v2.x Listener Script
57.143
HL7 v2.x Listening Endpoint
57.143
HL7 v2.x MLLP Listener
57.143
HL7 v2.x MLLP Sender
57.143
FHIR to HL7 v2.x Mapper Script
57.143
HL7 v2.x Outbound Mapping
57.143
HTTP Access Log
57.143
HTTP Listener
57.143
HTTP Request Pool
57.143
HTTP Security
57.143
Hybrid Providers Definitions
57.143
IG Support
57.143
Initial User Seeding
57.143
JavaScript Execution Environment
57.143
JSON Web KeySet (JWKS)
57.143
LDAP Authentication
57.143
Smile CDR License
57.143
MDM
57.143
Migration
57.143
Narrative Generator
57.143
OpenID Connect Token Validation
57.143
OpenID Connect (OIDC)
57.143
Prior Authorization Coverage Requirement Discovery
57.143
Prior Authorization Documentation Templates and Requirements
57.143
Prior Authorization Support
57.143
Privacy Security Notice
57.143
Product Portal
57.143
Provenance Injection
57.143
Quality Payment Program (QPP)
57.143
Realtime Export
57.143
Endpoint Validation: Request Validating
57.143
Scheduler Configuration
57.143
Search Parameter Seeding
57.143
SAML Provider
57.143
Security Inbound Script
57.143
Inbound SMART on FHIR Authentication
57.143
Inbound SMART on FHIR Endpoints
57.143
OAuth2/OIDC Federation
57.143
SMART Callback Script
57.143
Cross-Organizational Data Access Profile
57.143
SMART Login Skin
57.143
SMART Login Terms of Service
57.143
SMART Authorization
57.143
SMART Definitions Seeding
57.143
Sessions
57.143
Two Factor Authentication
57.143
TLS / SSL (Encryption)
57.143
Transaction Log
57.143
Trusted Client
57.143
User Self Registration
57.115
Prior Authorization Coverage Requirement Discovery
Table of Contents
OpenID Connect (OIDC)
57.143.1OpenID Connect (OIDC)
The OpenID Connect (OIDC) configuration category includes the following configurable options:
-
Cache Authorizations (millis)
-
Client Secret Encoding
-
Smile CDR generated Client Secret expiry duration in days
-
Issuer URL
-
New Session for Each Flow
-
PKCE Plain Challenge Supported
-
PKCE Required
-
Rotate Refresh Token After Use
-
Smart Capabilities List
57.143.2Property: Cache Authorizations (millis)
|
|
Cache Authorizations (millis) |
|
|
|
| NON_NEGATIVE_INTEGER | |
| If a non-zero value is supplied, the authorization server will cache successful authorizations for up to this amount of time. This means that if an Access Token is received as authentication with a request (e.g. in an Authorization header during a FHIR call) multiple times within the cache timespan, only one attempt to validate the token will be made. Using the cache can greatly improve performance on heavily loaded systems. However, manually invalidated tokens may be accepted as still being valid during the cache period so it is important to not use a value that is unnecessarily long. | |
|
|
3000
|
|
|
57.143.3Property: Client Secret Encoding
|
|
Client Secret Encoding |
|
|
|
| ENUM | |
| Values |
|
| Select the hashing algorithm to use when storing client secrets. Note that the value selected here will apply only to newly created secrets, and this may be changed at any time without affecting existing secrets. See Password Hashing Algorithms for more information. | |
|
|
BCRYPT_12_ROUND
|
|
|
57.143.4Property: Smile CDR generated Client Secret expiry duration in days
|
|
Smile CDR generated Client Secret expiry duration in days |
|
|
|
| NON_NEGATIVE_INTEGER | |
| Select the expiry duration in days for Smile CDR generated client secrets. Note this value will be added to the activation date of the secret to calculate the expiration date for the secret during the client creation process via the REST path register-client-and-generate-secret. | |
|
|
365
|
|
|
57.143.5Property: Issuer URL
|
|
Issuer URL |
|
|
|
| STRING | |
This is the URL that will be placed in OpenID Connect tokens as the iss (issuer) token. The value should be the URL to the identity server.
|
|
|
|
| (no default) | |
|
57.143.6Property: New Session for Each Flow
|
|
New Session for Each Flow |
|
|
|
| BOOLEAN | |
| If enabled, every time an interactive flow is initiated the user session will be cleared. This should be set in cases where different users might access the module using the same browser, so previous authentication should not be remembered. | |
|
|
false
|
|
|
57.143.7Property: PKCE Plain Challenge Supported
|
|
PKCE Plain Challenge Supported |
|
|
|
| BOOLEAN | |
If disabled, the PKCE challenge type PLAIN will not be allowed on this server.
|
|
|
|
true
|
|
|
57.143.8Property: PKCE Required
|
|
PKCE Required |
|
|
|
| BOOLEAN | |
| If this setting is enabled, the server will require the use of PKCE for all Authorization Code SMART Auth flows. Enabling this setting also disallows the use of the OAuth2 Implicit Grant type, since this flow does not support PKCE. | |
|
|
false
|
|
|
57.143.9Property: Rotate Refresh Token After Use
|
|
Rotate Refresh Token After Use |
|
|
|
| BOOLEAN | |
| If enabled, each time a refresh token is used to obtain a new access token, the refresh token will be invalidated and a new one automatically issued with the new access token. | |
|
|
false
|
|
|
57.143.10Property: Smart Capabilities List
|
|
Smart Capabilities List |
|
|
|
| STRING_MULTILINE | |
| List of Smart Capabilities to enable (See http://hl7.org/fhir/smart-app-launch/conformance.html#capability-sets); one capability per line. | |
|
|
| (no default) | |
|
57.113
OpenID Connect Token Validation
Configuration Categories
57.0
Web Admin Console Settings
57.1
appSphere
57.2
Payer Config
57.3
Initial appSphere Seeding
57.4
Authentication Callback Scripts
57.5
Auth: General for APIs
57.6
User Authentication
57.7
Auth: HTTP Basic
57.8
Auth: OpenID Connect
57.9
Browser Syntax Highlighting
57.10
Camel
57.11
Capability Statement (metadata)
57.12
Care Gaps
57.13
CDA Export
57.14
CDA Import
57.15
CDA Interceptors
57.16
CDA JavaScript Execution Scripts
57.17
CDA Terminology
57.18
CDS Hooks Definitions
57.19
CDS Hooks On FHIR
57.20
Channel Import
57.21
Channel Retry
57.22
Cluster Manager Interceptors
57.23
Kafka
57.24
Cluster Manager Maintenance
57.25
Message Broker
57.26
Cluster Level Security
57.27
Consent
57.28
CQL
57.29
Credentials
57.30
Cross-Origin Resource Sharing (CORS)
57.31
Invoke Export
57.32
Member Match
57.33
Database
57.34
Da Vinci Health Record Exchange
57.35
EasyShare SMART Health Links
57.36
Email Configuration
57.37
MDM UI
57.38
ETL Import: CSV Properties
57.39
ETL Import: Source
57.40
Measure Evaluation
57.41
External Object Storage
57.42
FHIR Binary Storage
57.43
FHIR Bulk Operations
57.44
Capability Statement
57.45
FHIR Configuration
57.46
Consent Service
57.47
FHIR Endpoint Conversion
57.48
FHIR Endpoint HFQL Support
57.49
FHIR Endpoint Partitioning
57.50
Resource Providers
57.51
FHIR Endpoint Security
57.52
Endpoint Terminology
57.53
FHIR Gateway Cache
57.54
FHIR Gateway Configuration
57.55
FHIR Interceptors
57.56
LiveBundle Service
57.57
FHIR MDM Server
57.58
FHIR Performance
57.59
FHIR Performance Tracing
57.60
FHIR Realtime Export
57.61
Repository Validation
57.62
FHIR Resource Body Storage
57.63
FHIR Resource Types
57.64
FHIR REST Endpoint
57.65
FHIR Search
57.66
Custom Resource Types
57.67
IG Support
57.68
MegaScale
57.69
FHIR Storage Module Conditional Updates
57.70
FHIR Storage Module Scheduled Tasks
57.71
FHIR Validation Services
57.72
FHIR Validation Services Remote Terminology Client TLS / SSL (Encryption)
57.73
FHIR Storage Package Registry
57.74
FHIR Storage Partitioning
57.75
Versioned References
57.76
FHIR Subscription Delivery
57.77
FHIR Subscription Persistence
57.78
FHIR Tokenization
57.79
Full-Text Indexing
57.80
HL7 v2.x Mapper - Contained Resource
57.81
HL7 v2.x Mapper - DG1
57.82
HL7 v2.x Mapper - Forced Namespace Mode
57.83
HL7 v2.x Mapper - General
57.84
HL7 v2.x Mapper - Medications
57.85
HL7 v2.x Mapper - OBR
57.86
HL7 v2.x to FHIR Mapper - OBSERVATION Group
57.87
HL7 v2.x Mapper - ORC
57.88
HL7 v2.x to FHIR Mapper - ORDER_OBSERVATION Group
57.89
HL7 v2.x Mapper - PID
57.90
HL7 v2.x Mapper - PV1
57.91
HL7 v2.x Mapper - TXA
57.92
Listener Interceptors
57.93
HL7 v2.x Listener Script
57.94
HL7 v2.x Listening Endpoint
57.95
HL7 v2.x MLLP Listener
57.96
HL7 v2.x MLLP Sender
57.97
FHIR to HL7 v2.x Mapper Script
57.98
HL7 v2.x Outbound Mapping
57.99
HTTP Access Log
57.100
HTTP Listener
57.101
HTTP Request Pool
57.102
HTTP Security
57.103
Hybrid Providers Definitions
57.104
IG Support
57.105
Initial User Seeding
57.106
JavaScript Execution Environment
57.107
JSON Web KeySet (JWKS)
57.108
LDAP Authentication
57.109
Smile CDR License
57.110
MDM
57.111
Migration
57.112
Narrative Generator
57.113
OpenID Connect Token Validation
57.114
OpenID Connect (OIDC)
57.115
Prior Authorization Coverage Requirement Discovery
57.116
Prior Authorization Documentation Templates and Requirements
57.117
Prior Authorization Support
57.118
Privacy Security Notice
57.119
Product Portal
57.120
Provenance Injection
57.121
Quality Payment Program (QPP)
57.122
Realtime Export
57.123
Endpoint Validation: Request Validating
57.124
Scheduler Configuration
57.125
Search Parameter Seeding
57.126
SAML Provider
57.127
Security Inbound Script
57.128
Inbound SMART on FHIR Authentication
57.129
Inbound SMART on FHIR Endpoints
57.130
OAuth2/OIDC Federation
57.131
SMART Callback Script
57.132
Cross-Organizational Data Access Profile
57.133
SMART Login Skin
57.134
SMART Login Terms of Service
57.135
SMART Authorization
57.136
SMART Definitions Seeding
57.137
Sessions
57.138
Two Factor Authentication
57.139
TLS / SSL (Encryption)
57.140
Transaction Log
57.141
Trusted Client
57.142
User Self Registration
57.143
Web Admin Console Settings
57.143
appSphere
57.143
Payer Config
57.143
Initial appSphere Seeding
57.143
Authentication Callback Scripts
57.143
Auth: General for APIs
57.143
User Authentication
57.143
Auth: HTTP Basic
57.143
Auth: OpenID Connect
57.143
Browser Syntax Highlighting
57.143
Camel
57.143
Capability Statement (metadata)
57.143
Care Gaps
57.143
CDA Export
57.143
CDA Import
57.143
CDA Interceptors
57.143
CDA JavaScript Execution Scripts
57.143
CDA Terminology
57.143
CDS Hooks Definitions
57.143
CDS Hooks On FHIR
57.143
Channel Import
57.143
Channel Retry
57.143
Cluster Manager Interceptors
57.143
Kafka
57.143
Cluster Manager Maintenance
57.143
Message Broker
57.143
Cluster Level Security
57.143
Consent
57.143
CQL
57.143
Credentials
57.143
Cross-Origin Resource Sharing (CORS)
57.143
Invoke Export
57.143
Member Match
57.143
Database
57.143
Da Vinci Health Record Exchange
57.143
EasyShare SMART Health Links
57.143
Email Configuration
57.143
MDM UI
57.143
ETL Import: CSV Properties
57.143
ETL Import: Source
57.143
Measure Evaluation
57.143
External Object Storage
57.143
FHIR Binary Storage
57.143
FHIR Bulk Operations
57.143
Capability Statement
57.143
FHIR Configuration
57.143
Consent Service
57.143
FHIR Endpoint Conversion
57.143
FHIR Endpoint HFQL Support
57.143
FHIR Endpoint Partitioning
57.143
Resource Providers
57.143
FHIR Endpoint Security
57.143
Endpoint Terminology
57.143
FHIR Gateway Cache
57.143
FHIR Gateway Configuration
57.143
FHIR Interceptors
57.143
LiveBundle Service
57.143
FHIR MDM Server
57.143
FHIR Performance
57.143
FHIR Performance Tracing
57.143
FHIR Realtime Export
57.143
Repository Validation
57.143
FHIR Resource Body Storage
57.143
FHIR Resource Types
57.143
FHIR REST Endpoint
57.143
FHIR Search
57.143
Custom Resource Types
57.143
IG Support
57.143
MegaScale
57.143
FHIR Storage Module Conditional Updates
57.143
FHIR Storage Module Scheduled Tasks
57.143
FHIR Validation Services
57.143
FHIR Validation Services Remote Terminology Client TLS / SSL (Encryption)
57.143
FHIR Storage Package Registry
57.143
FHIR Storage Partitioning
57.143
Versioned References
57.143
FHIR Subscription Delivery
57.143
FHIR Subscription Persistence
57.143
FHIR Tokenization
57.143
Full-Text Indexing
57.143
HL7 v2.x Mapper - Contained Resource
57.143
HL7 v2.x Mapper - DG1
57.143
HL7 v2.x Mapper - Forced Namespace Mode
57.143
HL7 v2.x Mapper - General
57.143
HL7 v2.x Mapper - Medications
57.143
HL7 v2.x Mapper - OBR
57.143
HL7 v2.x to FHIR Mapper - OBSERVATION Group
57.143
HL7 v2.x Mapper - ORC
57.143
HL7 v2.x to FHIR Mapper - ORDER_OBSERVATION Group
57.143
HL7 v2.x Mapper - PID
57.143
HL7 v2.x Mapper - PV1
57.143
HL7 v2.x Mapper - TXA
57.143
Listener Interceptors
57.143
HL7 v2.x Listener Script
57.143
HL7 v2.x Listening Endpoint
57.143
HL7 v2.x MLLP Listener
57.143
HL7 v2.x MLLP Sender
57.143
FHIR to HL7 v2.x Mapper Script
57.143
HL7 v2.x Outbound Mapping
57.143
HTTP Access Log
57.143
HTTP Listener
57.143
HTTP Request Pool
57.143
HTTP Security
57.143
Hybrid Providers Definitions
57.143
IG Support
57.143
Initial User Seeding
57.143
JavaScript Execution Environment
57.143
JSON Web KeySet (JWKS)
57.143
LDAP Authentication
57.143
Smile CDR License
57.143
MDM
57.143
Migration
57.143
Narrative Generator
57.143
OpenID Connect Token Validation
57.143
OpenID Connect (OIDC)
57.143
Prior Authorization Coverage Requirement Discovery
57.143
Prior Authorization Documentation Templates and Requirements
57.143
Prior Authorization Support
57.143
Privacy Security Notice
57.143
Product Portal
57.143
Provenance Injection
57.143
Quality Payment Program (QPP)
57.143
Realtime Export
57.143
Endpoint Validation: Request Validating
57.143
Scheduler Configuration
57.143
Search Parameter Seeding
57.143
SAML Provider
57.143
Security Inbound Script
57.143
Inbound SMART on FHIR Authentication
57.143
Inbound SMART on FHIR Endpoints
57.143
OAuth2/OIDC Federation
57.143
SMART Callback Script
57.143
Cross-Organizational Data Access Profile
57.143
SMART Login Skin
57.143
SMART Login Terms of Service
57.143
SMART Authorization
57.143
SMART Definitions Seeding
57.143
Sessions
57.143
Two Factor Authentication
57.143
TLS / SSL (Encryption)
57.143
Transaction Log
57.143
Trusted Client
57.143
User Self Registration
57.115
Prior Authorization Coverage Requirement Discovery