On this page:
   32.71    Inbound SMART on FHIR Endpoints
  • Configuration Categories
  • 32.0 Web Admin Console Settings
  • 32.1 Authentication Callback Scripts
  • 32.2 Auth: General for APIs
  • 32.3 User Authentication
  • 32.4 Auth: HTTP Basic
  • 32.5 Auth: OpenID Connect
  • 32.6 Browser Syntax Highlighting
  • 32.7 Capability Statement (metadata)
  • 32.8 Channel Import
  • 32.9 Channel Retry
  • 32.10 Cluster Manager Subscription Messaging
  • 32.11 Cluster Manager Maintenance
  • 32.12 Cluster Manager Message Broker
  • 32.13 Cluster Manager Kafka
  • 32.14 Credentials
  • 32.15 Cross-Origin Resource Sharing (CORS)
  • 32.16 Database
  • 32.17 ETL Import: CSV Properties
  • 32.18 ETL Import: Source
  • 32.19 FHIR Binary Storage
  • 32.20 FHIR Bulk Operations
  • 32.21 FHIR Configuration
  • 32.22 FHIR Consent Service
  • 32.23 FHIR LiveBundle Service
  • 32.24 FHIR Endpoint Conversion
  • 32.25 FHIR Endpoint Security
  • 32.26 Interceptors
  • 32.27 FHIR Endpoint Partitioning and Multitenancy
  • 32.28 FHIR Gateway Target
  • 32.29 FHIR Gateway Cache
  • 32.30 FHIR MDM Server
  • 32.31 FHIR Storage Partitioning and Multitenancy
  • 32.32 Package Registry
  • 32.33 FHIR Performance
  • 32.34 FHIR Performance Tracing
  • 32.35 FHIR Realtime Export
  • 32.36 FHIR Resource Types
  • 32.37 FHIR REST Endpoint
  • 32.38 FHIR Search
  • 32.39 FHIR Interceptors
  • 32.40 FHIR Repository Validation
  • 32.41 FHIR Subscription Persistence
  • 32.42 FHIR Subscription Delivery
  • 32.43 FHIR Validation Services
  • 32.44 HL7 v2.x to FHIR Mapper - Forced Namespace Mode
  • 32.45 HL7 v2.x to FHIR Mapper - General
  • 32.46 HL7 v2.x Mapper - Medications
  • 32.47 HL7 v2.x to FHIR Mapper - OBR
  • 32.48 HL7 v2.x to FHIR Mapper - OBSERVATION Group
  • 32.49 HL7 v2.x to FHIR Mapper - ORDER_OBSERVATION Group
  • 32.50 HL7 v2.x to FHIR Mapper - PV1
  • 32.51 HL7 v2.x Listener Script
  • 32.52 HL7 v2.x MLLP Listener
  • 32.53 FHIR to HL7 v2.x Mapper Script
  • 32.54 HL7 v2.x MLLP Sender
  • 32.55 HTTP Access Log
  • 32.56 HTTP Listener
  • 32.57 HTTP Request Pool
  • 32.58 HTTP Security
  • 32.59 Hybrid Providers Definitions
  • 32.60 Initial User Seeding
  • 32.61 JSON Web KeySet (JWKS)
  • 32.62 LDAP Authentication
  • 32.63 Lucene FullText Indexing
  • 32.64 Narrative Generator
  • 32.65 MDM
  • 32.66 OpenID Connect (OIC)
  • 32.67 Realtime Export
  • 32.68 Request Validating
  • 32.69 Security Inbound Script
  • 32.70 Inbound SMART on FHIR Authentication
  • 32.71 Inbound SMART on FHIR Endpoints
  • 32.72 OpenID Connect Token Validation
  • 32.73 SAML Provider
  • 32.74 OAuth2/OIDC Federation
  • 32.75 SMART Authorization
  • 32.76 SMART Definitions Seeding
  • 32.77 Sessions
  • 32.78 SMART Outbound Security: Callback Script
  • 32.79 SMART Outbound Security: CODAP
  • 32.80 SMART Outbound Security: Login Skin
  • 32.81 Two Factor Authentication
  • 32.82 TLS / SSL (Encryption)
  • 32.83 Trusted Client
  • 32.84 Transaction Log
  • 32.85 Miscellaneous Categories
    • 32.73    SAML Provider   
       Table of Contents

    OpenID Connect Token Validation

    32.72OpenID Connect Token Validation

     

    The OpenID Connect Token Validation configuration category includes the following configurable options:

    • Token Introspection Client: Truststore File

    • Token Introspection Client: Truststore Password

    32.72.1Property: Token Introspection Client: Truststore File

     
    Property Name Token Introspection Client: Truststore File
    Property Key
    Property Type Resource Path
    Description Specifies a TrustStore to use for outbound client connections from the OIDC server. This is only needed in cases where the remote OIDC server uses a self-signed certificate for TLS.
    Default Value (no default)
    Example Property 
    module.[MODULE_ID].config.introspection_client.truststore.file = classpath:truststore.p12

    32.72.2Property: Token Introspection Client: Truststore Password

     
    Property Name Token Introspection Client: Truststore Password
    Property Key
    Property Type PASSWORD
    Description The password to use to open the truststore, if specified.
    Default Value (no default)
    Example Property 
    module.[MODULE_ID].config.introspection_client.truststore.password =
       32.71    Inbound SMART on FHIR Endpoints
  • Configuration Categories
  • 32.0 Web Admin Console Settings
  • 32.1 Authentication Callback Scripts
  • 32.2 Auth: General for APIs
  • 32.3 User Authentication
  • 32.4 Auth: HTTP Basic
  • 32.5 Auth: OpenID Connect
  • 32.6 Browser Syntax Highlighting
  • 32.7 Capability Statement (metadata)
  • 32.8 Channel Import
  • 32.9 Channel Retry
  • 32.10 Cluster Manager Subscription Messaging
  • 32.11 Cluster Manager Maintenance
  • 32.12 Cluster Manager Message Broker
  • 32.13 Cluster Manager Kafka
  • 32.14 Credentials
  • 32.15 Cross-Origin Resource Sharing (CORS)
  • 32.16 Database
  • 32.17 ETL Import: CSV Properties
  • 32.18 ETL Import: Source
  • 32.19 FHIR Binary Storage
  • 32.20 FHIR Bulk Operations
  • 32.21 FHIR Configuration
  • 32.22 FHIR Consent Service
  • 32.23 FHIR LiveBundle Service
  • 32.24 FHIR Endpoint Conversion
  • 32.25 FHIR Endpoint Security
  • 32.26 Interceptors
  • 32.27 FHIR Endpoint Partitioning and Multitenancy
  • 32.28 FHIR Gateway Target
  • 32.29 FHIR Gateway Cache
  • 32.30 FHIR MDM Server
  • 32.31 FHIR Storage Partitioning and Multitenancy
  • 32.32 Package Registry
  • 32.33 FHIR Performance
  • 32.34 FHIR Performance Tracing
  • 32.35 FHIR Realtime Export
  • 32.36 FHIR Resource Types
  • 32.37 FHIR REST Endpoint
  • 32.38 FHIR Search
  • 32.39 FHIR Interceptors
  • 32.40 FHIR Repository Validation
  • 32.41 FHIR Subscription Persistence
  • 32.42 FHIR Subscription Delivery
  • 32.43 FHIR Validation Services
  • 32.44 HL7 v2.x to FHIR Mapper - Forced Namespace Mode
  • 32.45 HL7 v2.x to FHIR Mapper - General
  • 32.46 HL7 v2.x Mapper - Medications
  • 32.47 HL7 v2.x to FHIR Mapper - OBR
  • 32.48 HL7 v2.x to FHIR Mapper - OBSERVATION Group
  • 32.49 HL7 v2.x to FHIR Mapper - ORDER_OBSERVATION Group
  • 32.50 HL7 v2.x to FHIR Mapper - PV1
  • 32.51 HL7 v2.x Listener Script
  • 32.52 HL7 v2.x MLLP Listener
  • 32.53 FHIR to HL7 v2.x Mapper Script
  • 32.54 HL7 v2.x MLLP Sender
  • 32.55 HTTP Access Log
  • 32.56 HTTP Listener
  • 32.57 HTTP Request Pool
  • 32.58 HTTP Security
  • 32.59 Hybrid Providers Definitions
  • 32.60 Initial User Seeding
  • 32.61 JSON Web KeySet (JWKS)
  • 32.62 LDAP Authentication
  • 32.63 Lucene FullText Indexing
  • 32.64 Narrative Generator
  • 32.65 MDM
  • 32.66 OpenID Connect (OIC)
  • 32.67 Realtime Export
  • 32.68 Request Validating
  • 32.69 Security Inbound Script
  • 32.70 Inbound SMART on FHIR Authentication
  • 32.71 Inbound SMART on FHIR Endpoints
  • 32.72 OpenID Connect Token Validation
  • 32.73 SAML Provider
  • 32.74 OAuth2/OIDC Federation
  • 32.75 SMART Authorization
  • 32.76 SMART Definitions Seeding
  • 32.77 Sessions
  • 32.78 SMART Outbound Security: Callback Script
  • 32.79 SMART Outbound Security: CODAP
  • 32.80 SMART Outbound Security: Login Skin
  • 32.81 Two Factor Authentication
  • 32.82 TLS / SSL (Encryption)
  • 32.83 Trusted Client
  • 32.84 Transaction Log
  • 32.85 Miscellaneous Categories
    • 32.73    SAML Provider