JSON Admin API
Smile CDR includes an administration API based on (non-FHIR) RESTful JSON Web Services. This API uses simple JSON-based REST calls to check status information and configure the CDR.
In a default installation of Smile CDR, this will be found on port 9000 so it will be accessible by a URL similar to http://localhost:9000/.
This API makes use of Swagger, which is a RESTful web services description framework as well as a convenient testing tool for using these services. A screenshot of this tool is shown below.
The following table provides an overview of all JSON Admin API endpoints. Click on an endpoint name to view its detailed documentation.
Endpoint | Required Permissions | Description |
---|---|---|
Audit Log | VIEW_AUDIT_LOG | Access audit logs |
Batch Jobs | VIEW_BATCH_JOBS, MANAGE_BATCH_JOBS | View and manage batch jobs |
Bulk Import | ETL_IMPORT_PROCESS_FILE | Process ETL import files |
CDA Exchange | CREATE_CDA_TEMPLATE, VIEW_CDA_TEMPLATE, DELETE_CDA_TEMPLATE | Manage CDA document templates |
Config Diagnostics | ACCESS_ADMIN_JSON, VIEW_MODULE_CONFIG | Diagnose configuration issues |
JSON Admin Home | None (/docs/json_admin_endpoints/free access) | Access Swagger UI interface for API exploration |
MDM | ACCESS_ADMIN_JSON | DEPRECATED |
Metrics | VIEW_METRICS | Access runtime metrics and thread dumps |
Module Config | VIEW_MODULE_CONFIG, CREATE_MODULE, UPDATE_MODULE_CONFIG, CONTROL_MODULE | Configure and control system modules |
OpenID Connect Clients | OPENID_CONNECT_VIEW_CLIENT_LIST, OPENID_CONNECT_ADD_CLIENT, OPENID_CONNECT_EDIT_CLIENT | Manage OpenID Connect clients |
OpenID Connect Keystores | OPENID_CONNECT_MANAGE_KEYSTORES | Manage OpenID Connect keystores |
OpenID Connect Servers | OPENID_CONNECT_VIEW_SERVER_LIST, OPENID_CONNECT_ADD_SERVER, OPENID_CONNECT_EDIT_SERVER | Manage OpenID Connect servers |
OpenID Connect Sessions | OPENID_CONNECT_MANAGE_GLOBAL_SESSIONS | Manage OpenID Connect sessions |
Runtime Status | VIEW_MODULE_STATUS | View node and module status information |
System Config | VIEW_MODULE_CONFIG | View system configuration |
Transaction Log | VIEW_TRANSACTION_LOG, VIEW_TRANSACTION_LOG_EVENT | View transaction logs and events |
Troubleshooting Log | ACCESS_ADMIN_JSON | Access troubleshooting logs |
User Management | VIEW_USERS, CREATE_USER, UPDATE_USER, Various | Manage users, passwords, and authentication |
Version | ACCESS_ADMIN_JSON | Retrieve system version information |
By default, these services are secured using HTTP Basic Authentication, which means every request should include an Authorization
header.
When using Swagger-UI, you will be prompted by your browser for credentials when accessing any services where the default security is preserved.
If HTTP Basic Authentication is enabled, a typical GET request to the JSON Admin API will resemble the following:
GET http://localhost:9000/runtime-status/node-statuses/complete
Authorization: Basic YWRtaW46cGFzc3dvcmQ=
Accept: application/json
These services may also be configured to use a different security module, such as an OpenID Connect module.
Note that all dates and times in this API follow the same ISO-8601 format used by FHIR (e.g. 2017-01-01T00:00:00.0000-05:00
).
It is sometimes beneficial to allow specific types of requests to be performed without authentication. This is most commonly the case for monitoring tools. Note that this is recommended only in cases where the JSON Admin API is not accessible to the outside world (e.g. it is exposed only to a port on an internal management network). If you would like to enable anonymous access, use the following steps:
Enable Allow Anonymous Access on the JSON Admin API module. Enabling this setting means that requests to the JSON Admin API will receive the permissions associated with your anonymous user. By default the anonymous user has no meaningful permissions so this setting has no effect on its own.
Grant your anonymous user the ACCESS_ADMIN_JSON
permission. This allows anonymous requests to access the endpoint, but does not grant any ability to invoke specific operations.
Grant your anonymous user appropriate permissions for the functions you want to enable anonymous access for. For example, if you want to enable anonymous metric access, grant the VIEW_METRICS
permission. Be careful about which permissions you grant here, since anonymous access can be a significant security concern.
You are about to leave the Smile Digital Health documentation and navigate to the Open Source HAPI-FHIR Documentation.