On this page:
   26.65    Inbound SMART on FHIR Endpoints
  • Configuration Categories
  • 26.0 Web Admin Console Settings
  • 26.1 Authentication Callback Scripts
  • 26.2 Auth: General for APIs
  • 26.3 User Authentication
  • 26.4 Auth: HTTP Basic
  • 26.5 Auth: OpenID Connect
  • 26.6 Browser Syntax Highlighting
  • 26.7 Capability Statement (metadata)
  • 26.8 Cluster Manager Subscription Messaging
  • 26.9 Cluster Manager Maintenance
  • 26.10 Cluster Manager Message Broker
  • 26.11 Cluster Manager Kafka
  • 26.12 Credentials
  • 26.13 Cross-Origin Resource Sharing (CORS)
  • 26.14 Database
  • 26.15 ETL Import: CSV Properties
  • 26.16 ETL Import: Source
  • 26.17 FHIR Binary Storage
  • 26.18 FHIR Bulk Operations
  • 26.19 FHIR Configuration
  • 26.20 FHIR Consent Service
  • 26.21 FHIR LiveBundle Service
  • 26.22 FHIR EMPI Server
  • 26.23 FHIR Endpoint Conversion
  • 26.24 FHIR Endpoint Security
  • 26.25 Interceptors
  • 26.26 FHIR Endpoint Partitioning and Multitenancy
  • 26.27 FHIR Gateway Target
  • 26.28 FHIR Gateway Cache
  • 26.29 FHIR Storage Partitioning and Multitenancy
  • 26.30 Package Registry
  • 26.31 FHIR Performance
  • 26.32 FHIR Performance Tracing
  • 26.33 FHIR Resource Types
  • 26.34 FHIR REST Endpoint
  • 26.35 FHIR Search
  • 26.36 FHIR Interceptors
  • 26.37 FHIR Subscription Persistence
  • 26.38 FHIR Subscription Delivery
  • 26.39 FHIR Validation Services
  • 26.40 HL7 v2.x to FHIR Mapper - Forced Namespace Mode
  • 26.41 HL7 v2.x to FHIR Mapper - General
  • 26.42 HL7 v2.x Mapper - Medications
  • 26.43 HL7 v2.x to FHIR Mapper - OBR
  • 26.44 HL7 v2.x to FHIR Mapper - OBSERVATION Group
  • 26.45 HL7 v2.x to FHIR Mapper - ORDER_OBSERVATION Group
  • 26.46 HL7 v2.x to FHIR Mapper - PV1
  • 26.47 HL7 v2.x Listener Script
  • 26.48 HL7 v2.x MLLP Listener
  • 26.49 FHIR to HL7 v2.x Mapper Script
  • 26.50 HL7 v2.x MLLP Sender
  • 26.51 HTTP Access Log
  • 26.52 HTTP Listener
  • 26.53 HTTP Request Pool
  • 26.54 HTTP Security
  • 26.55 Hybrid Providers Definitions
  • 26.56 Initial User Seeding
  • 26.57 JSON Web KeySet (JWKS)
  • 26.58 LDAP Authentication
  • 26.59 Lucene FullText Indexing
  • 26.60 Narrative Generator
  • 26.61 OpenID Connect (OIC)
  • 26.62 Request Validating
  • 26.63 Security Inbound Script
  • 26.64 Inbound SMART on FHIR Authentication
  • 26.65 Inbound SMART on FHIR Endpoints
  • 26.66 OpenID Connect Token Validation
  • 26.67 SAML Provider
  • 26.68 OAuth2/OIDC Federation
  • 26.69 SMART Authorization
  • 26.70 SMART Definitions Seeding
  • 26.71 Sessions
  • 26.72 SMART Outbound Security: Callback Script
  • 26.73 SMART Outbound Security: CODAP
  • 26.74 SMART Outbound Security: Login Skin
  • 26.75 Two Factor Authentication
  • 26.76 TLS / SSL (Encryption)
  • 26.77 Trusted Client
  • 26.78 Trusted Client
  • 26.79 Miscellaneous Categories
    • 26.67    SAML Provider   
       Table of Contents

    OpenID Connect Token Validation

    26.66OpenID Connect Token Validation

     

    The OpenID Connect Token Validation configuration category includes the following configurable options:

    • Token Introspection Client: Truststore File

    • Token Introspection Client: Truststore Password

    26.66.1Property: Token Introspection Client: Truststore File

     
    Property Name Token Introspection Client: Truststore File
    Property Key
    Property Type Resource Path
    Description Specifies a TrustStore to use for outbound client connections from the OIDC server. This is only needed in cases where the remote OIDC server uses a self-signed certificate for TLS.
    Default Value (no default)
    Example Property 
    module.[MODULE_ID].config.introspection_client.truststore.file = classpath:truststore.p12

    26.66.2Property: Token Introspection Client: Truststore Password

     
    Property Name Token Introspection Client: Truststore Password
    Property Key
    Property Type PASSWORD
    Description The password to use to open the truststore, if specified.
    Default Value (no default)
    Example Property 
    module.[MODULE_ID].config.introspection_client.truststore.password =
       26.65    Inbound SMART on FHIR Endpoints
  • Configuration Categories
  • 26.0 Web Admin Console Settings
  • 26.1 Authentication Callback Scripts
  • 26.2 Auth: General for APIs
  • 26.3 User Authentication
  • 26.4 Auth: HTTP Basic
  • 26.5 Auth: OpenID Connect
  • 26.6 Browser Syntax Highlighting
  • 26.7 Capability Statement (metadata)
  • 26.8 Cluster Manager Subscription Messaging
  • 26.9 Cluster Manager Maintenance
  • 26.10 Cluster Manager Message Broker
  • 26.11 Cluster Manager Kafka
  • 26.12 Credentials
  • 26.13 Cross-Origin Resource Sharing (CORS)
  • 26.14 Database
  • 26.15 ETL Import: CSV Properties
  • 26.16 ETL Import: Source
  • 26.17 FHIR Binary Storage
  • 26.18 FHIR Bulk Operations
  • 26.19 FHIR Configuration
  • 26.20 FHIR Consent Service
  • 26.21 FHIR LiveBundle Service
  • 26.22 FHIR EMPI Server
  • 26.23 FHIR Endpoint Conversion
  • 26.24 FHIR Endpoint Security
  • 26.25 Interceptors
  • 26.26 FHIR Endpoint Partitioning and Multitenancy
  • 26.27 FHIR Gateway Target
  • 26.28 FHIR Gateway Cache
  • 26.29 FHIR Storage Partitioning and Multitenancy
  • 26.30 Package Registry
  • 26.31 FHIR Performance
  • 26.32 FHIR Performance Tracing
  • 26.33 FHIR Resource Types
  • 26.34 FHIR REST Endpoint
  • 26.35 FHIR Search
  • 26.36 FHIR Interceptors
  • 26.37 FHIR Subscription Persistence
  • 26.38 FHIR Subscription Delivery
  • 26.39 FHIR Validation Services
  • 26.40 HL7 v2.x to FHIR Mapper - Forced Namespace Mode
  • 26.41 HL7 v2.x to FHIR Mapper - General
  • 26.42 HL7 v2.x Mapper - Medications
  • 26.43 HL7 v2.x to FHIR Mapper - OBR
  • 26.44 HL7 v2.x to FHIR Mapper - OBSERVATION Group
  • 26.45 HL7 v2.x to FHIR Mapper - ORDER_OBSERVATION Group
  • 26.46 HL7 v2.x to FHIR Mapper - PV1
  • 26.47 HL7 v2.x Listener Script
  • 26.48 HL7 v2.x MLLP Listener
  • 26.49 FHIR to HL7 v2.x Mapper Script
  • 26.50 HL7 v2.x MLLP Sender
  • 26.51 HTTP Access Log
  • 26.52 HTTP Listener
  • 26.53 HTTP Request Pool
  • 26.54 HTTP Security
  • 26.55 Hybrid Providers Definitions
  • 26.56 Initial User Seeding
  • 26.57 JSON Web KeySet (JWKS)
  • 26.58 LDAP Authentication
  • 26.59 Lucene FullText Indexing
  • 26.60 Narrative Generator
  • 26.61 OpenID Connect (OIC)
  • 26.62 Request Validating
  • 26.63 Security Inbound Script
  • 26.64 Inbound SMART on FHIR Authentication
  • 26.65 Inbound SMART on FHIR Endpoints
  • 26.66 OpenID Connect Token Validation
  • 26.67 SAML Provider
  • 26.68 OAuth2/OIDC Federation
  • 26.69 SMART Authorization
  • 26.70 SMART Definitions Seeding
  • 26.71 Sessions
  • 26.72 SMART Outbound Security: Callback Script
  • 26.73 SMART Outbound Security: CODAP
  • 26.74 SMART Outbound Security: Login Skin
  • 26.75 Two Factor Authentication
  • 26.76 TLS / SSL (Encryption)
  • 26.77 Trusted Client
  • 26.78 Trusted Client
  • 26.79 Miscellaneous Categories
    • 26.67    SAML Provider