43.7.1Config Diagnostics Endpoint

The Config Diagnostics endpoint provides comprehensive configuration diagnostics for all nodes in the cluster. This endpoint analyzes module configurations across all nodes and identifies potential errors, warnings, performance issues, and security concerns.

This method requires both the ACCESS_ADMIN_JSON and VIEW_MODULE_CONFIG permissions.

This method will return configuration diagnostics entries organized by node, containing:

Configuration errors that prevent proper operation
Security-related configuration issues
Performance optimization recommendations
Configuration warnings that may affect functionality

To invoke:

GET http://localhost:9000/diagnostics

The server will produce a response containing diagnostics organized by node:

{
  "configDiagnosticsByNode": {
    "node-01": {
      "entries": [
        {
          "type": "ERROR",
          "nodeId": "node-01",
          "moduleId": "persistence",
          "propertyName": "Database URL",
          "propertyCategoryKey": "database",
          "propertyKey": "database.url",
          "currentValue": "jdbc:h2:mem:testdb",
          "issue": "Database URL should not use in-memory database in production"
        },
        {
          "type": "SECURITY",
          "nodeId": "node-01",
          "moduleId": "auth",
          "issue": "Default administrative credentials are still enabled"
        },
        {
          "type": "WARNING",
          "nodeId": "node-01",
          "moduleId": "fhir-storage",
          "propertyName": "Maximum Pool Size",
          "propertyCategoryKey": "performance",
          "propertyKey": "datasource.maximum-pool-size",
          "currentValue": "10",
          "issue": "Connection pool size may be insufficient for high load"
        },
        {
          "type": "PERFORMANCE",
          "nodeId": "node-01",
          "moduleId": "search",
          "propertyName": "Search Cache Size",
          "propertyCategoryKey": "caching",
          "propertyKey": "search.cache.max-size",
          "currentValue": "1000",
          "issue": "Search cache size could be increased for better performance"
        }
      ]
    },
    "node-02": {
      "entries": []
    }
  }
}

43.7.1.1Response Fields

The response contains configuration diagnostics organized by node ID:

43.7.1.1.1Root Level

configDiagnosticsByNode – A map where keys are node IDs and values contain diagnostic entries for that node

43.7.1.1.2Diagnostic Entry Fields

type – The severity/category of the diagnostic entry. Can be:
- ERROR – Configuration errors that prevent proper operation
- WARNING – Configuration issues that may affect functionality
- SECURITY – Security-related configuration concerns
- PERFORMANCE – Performance optimization recommendations
nodeId – The identifier of the node where this diagnostic was generated
moduleId – The module ID where the configuration issue was detected
propertyName – Human-readable name of the configuration property (if applicable)
propertyCategoryKey – Category key for grouping related properties (if applicable)
propertyKey – The exact configuration property key (if applicable)
currentValue – The current value of the configuration property (if applicable)
issue – Description of the configuration issue or recommendation

43.7.1.1.3Response Characteristics

Empty nodes: Nodes with no configuration issues will have an empty entries array
Multiple issues: A single node can have multiple diagnostic entries of different types
Property context: Some entries are tied to specific configuration properties, while others (like general security issues) may not reference specific properties

43.7.1.2Security Considerations

Configuration diagnostics may reveal sensitive information about your system setup. Ensure proper access controls are in place and review diagnostic output before sharing with external parties.

This endpoint requires both the ACCESS_ADMIN_JSON and VIEW_MODULE_CONFIG permissions, which provide access to potentially sensitive configuration information. The diagnostics may include:

Database connection details (with sensitive values redacted)
Security configuration warnings
Module-specific configuration issues
Performance tuning recommendations

43.7.1.3Use Cases

This endpoint is primarily useful for:

System administrators troubleshooting configuration issues
Operations teams performing health checks across cluster nodes
Security audits identifying potential security misconfigurations
Performance optimization discovering configuration improvements
Deployment validation ensuring proper configuration after deployments

43.7.1.4Error Responses

43.7.1.4.1403 Forbidden

Returned when the user lacks the required ACCESS_ADMIN_JSON or VIEW_MODULE_CONFIG permissions:

{
  "error": "Access is denied"
}

43.7.1.4.2500 Internal Server Error

Returned when there are issues accessing configuration data or generating diagnostics:

{
  "error": "Failed to generate configuration diagnostics",
  "details": "Unable to connect to configuration service"
}

43.6 CDA Exchange Endpoint 43.8 Metrics Endpoint