Welcome to Smile CDR
- Table of Contents 1.0
- Smile CDR Maturity Model 1.1
- List of Features by Maturity 1.2
- Changelog (2022 Releases) 1.3
- Changelog (2021 Releases) 1.4
- Changelog (2020 Releases) 1.5
- Changelog (2019 Releases) 1.6
- Changelog (2018 Releases) 1.7
- Changelog (2017 Releases) 1.8
Getting Started
Installation
- Installing Smile CDR 3.0
- Docker Container Installation 3.1
- Unix Service Installation 3.2
- Tuning your Installation 3.3
- Message Brokers 3.4
- Message Broker Failure Management 3.5
- Message Broker: ActiveMQ 3.6
- Message Broker: Kafka 3.7
- Pre-Seeding Configuration and Data 3.8
- Upgrading Smile CDR 3.9
- Production Checklist 3.10
- Module Licensing 3.11
Tutorial and Tour
- Preamble and Setup 4.0
- SMART on FHIR Apps 4.1
- Processing HL7 v2.x Feeds 4.2
- Federated OAuth2/OIDC Setup 4.3
The FHIR Standard
- FHIR Introduction 5.0
- FHIR CRUD Operations 5.1
- FHIR Searching Basics 5.2
- FHIR Search: References and Includes 5.3
- FHIR Search: Custom Search Parameters 5.4
- FHIR Transactions and Batches 5.5
- FHIRPath Expressions 5.6
FHIR Storage
- Concepts in Smile CDR 6.0
- FHIR Storage Modules 6.1
- FHIR Endpoint Module 6.2
- FHIRWeb Console 6.3
- OpenAPI / Swagger Support 6.4
- FHIR Endpoint Customization 6.5
- Resource IDs 6.6
- Search Parameters 6.7
- Search Parameter Features 6.8
- Phonetic Search Parameters 6.9
- Search Parameter Tuning 6.10
- Searching for Data 6.11
- Creating Data 6.12
- Reading Data 6.13
- Updating Data 6.14
- Deleting Data 6.15
- Binary Data 6.16
- Request Tracing and Provenance 6.17
- FHIR Versions 6.18
- Versioned Resource References 6.19
- Tags, Profiles, and Security Labels 6.20
- Clinical Quality Language (CQL) 6.21
- Partitioning and Multitenancy 6.22
- Custom Resource Types 6.23
FHIR Storage (Relational)
- FHIR Storage (Relational) Module 7.0
- Performance Tuning 7.1
- Lucene Indexing 7.2
- Performance and Caching 7.3
- Chained Searching and Sorting 7.4
- MegaScale 7.5
FHIR Storage (MongoDB)
Validation and Conformance
- Introduction 9.0
- Validation Support Repository 9.1
- Validation Support Repository Options 9.2
- Conformance Data 9.3
- Repository Validation 9.4
- Repository Validation: Java 9.5
- Repository Validation: Javascript 9.6
- Repository Validation: Validation Bean 9.7
- Endpoint Validation 9.8
- Packages and Implementation Guides 9.9
- Package Registry Endpoint Module 9.10
- Remote Terminology Services 9.11
- Suppressing Messages 9.12
- Validation Performance 9.13
- Automatic Provenance Injection 9.14
Terminology
- Terminology Introduction 10.0
- Uploading Codes 10.1
- Terminology and Lucene Indexing 10.2
- ValueSet Expansion 10.3
- FHIR Response Terminology Mapping 10.4
Subscription
Interceptors
- Interceptors 12.0
- Starter Project 12.1
- Examples: FHIR Endpoints 12.2
- Examples: FHIR Storage 12.3
- Examples: FHIR Gateway 12.4
- Examples: FHIR Client 12.5
- Examples: MDM 12.6
- Examples: Subscription 12.7
Channel Import
Realtime Export
- Realtime Export Overview 14.0
- Realtime Export Rules Definition 14.1
- Using FHIRPath 14.2
- Debezium 14.3
Security
- Security in Smile CDR 15.0
- Authentication Protocols 15.1
- Authorization and Consent 15.2
- Inbound Security Module 15.3
- Local Inbound Security Module 15.4
- LDAP Inbound Security Module 15.5
- Scripted Inbound Security Module 15.6
- SAML Inbound Security Module 15.7
- Trusted Client Mode 15.8
- Roles and Permissions 15.9
- Callback Scripts 15.10
- Anonymous Access 15.11
- Consent Service 15.12
- Consent Service: JavaScript API 15.13
- Consent Service: Java API 15.14
- Security Recipes 15.15
- Two Factor Authentication 15.16
- Troubleshooting Security 15.17
SMART on FHIR
- SMART on FHIR: Introduction 16.0
- SMART: Scopes 16.1
- SMART: Auth Flows 16.2
- SMART: Endpoints 16.3
- Client Management 16.4
- OIDC Keystores 16.5
- SMART: Smile CDR Support 16.6
- SMART Outbound Security: Module 16.7
- SMART Outbound Security: Skinning 16.8
- SMART Outbound Security: Context Selection 16.9
- SMART Outbound Security: SAML Bridging 16.10
- SMART: Federated OAuth2/OIDC Login 16.11
- SMART: Application Approval/Consent 16.12
- SMART Inbound Security Module 16.13
- SMART: Session Management 16.14
- SMART: Assigning Permissions 16.15
- SMART: Access Tokens 16.16
- SMART: User Profile Information 16.17
- FHIR Client Authentication 16.18
appSphere
- Introduction 17.0
- Getting Started 17.1
- Associated Module Configurations 17.2
- Client Creation and Configuration 17.3
- Other Configurations 17.4
- Developer Portal 17.5
- App Management Console 17.6
- App Gallery 17.7
- Appendix 17.8
FHIR Gateway
FHIR Hybrid Providers
LiveBundle
- LiveBundle Overview 20.0
- LiveBundle API 20.1
- LiveBundle Rule Definition 20.2
- LiveBundle Keepers 20.3
CDS Hooks
Master Data Management
- MDM 22.0
- MDM Quickstart Guide 22.1
- MDM Rule Definition 22.2
- Using EIDs in MDM Rule Definition 22.3
- MDM Survivorship Rules 22.4
- Upgrading from the EMPI module 22.5
Clinical Reasoning
IG Support
Clustering
Logging
HL7 v2.x Support
- Introduction 27.0
- Inbound Messaging 27.1
- FHIR-Based Terminology Translation 27.2
- Outbound Messaging 27.3
- Outbound Messaging: Transport 27.4
- Transactions 27.5
- Structure Definitions 27.6
- Segment Definitions 27.7
- Table Definitions 27.8
- Naming System Mapping 27.9
- Processing Results Feeds 27.10
- Protocol 27.11
CDA Exchange Module
- Introduction 28.0
- JavaScript Templates 28.1
- Rest API Operations 28.2
- Available Document and Section Types for CDA Export 28.3
- Available Document and Section Types for CDA Import 28.4
- JavaScript Hooks on CDA Import / Export 28.5
- Further Reading 28.6
Bulk Operations
Additional Features
Monitoring
Product Administration
JSON Admin Endpoints
- JSON Admin API 33.0
- Audit Log Endpoint 33.1
- Batch Job Endpoint 33.2
- Bulk Import Endpoint 33.3
- CDA Exchange Endpoint 33.4
- Metrics Endpoint 33.5
- Module Config Endpoint 33.6
- OpenID Connect Clients Endpoint 33.7
- OpenID Connect Servers Endpoint 33.8
- OpenID Connect Sessions Endpoint 33.9
- Runtime Status Endpoint 33.10
- System Config Endpoint 33.11
- Transaction Log Endpoint 33.12
- User Management Endpoint 33.13
Product Configuration
Java Execution Environment
JavaScript Execution Environment
- Introduction 36.0
- Specifying JavaScript in Configuration File 36.1
- Remote Debugging 36.2
- Converter API 36.3
- Environment API 36.4
- Exceptions API 36.5
- OAuth2 Exceptions API 36.6
- FHIR REST API 36.7
- FHIR Model API 36.8
- HL7 v2.x Mapping API 36.9
- HTTP API 36.10
- LDAP API 36.11
- Log API 36.12
- Composition Resource API 36.13
- Composition Section API 36.14
- TransactionBuilder API 36.15
- Util API 36.16
- UUID API 36.17
- XML API 36.18
- Callback Models 36.19
Database Administration
- Database Design 37.0
- Database Connection Pool 37.1
- Setting Up PostgreSQL 37.2
- Troubleshooting PostgreSQL 37.3
- Setting Up MySQL 37.4
- Setting Up MariaDB 37.5
- Setting Up Oracle 37.6
- Setting Up SQL Server (MSSQL) 37.7
- AWS IAM Authentication 37.8
Localization
Smile CDR CLI (smileutil)
- Introduction 39.0
- Bulk Import 39.1
- Create FHIR Package 39.2
- Execute Script Function 39.3
- Export ConceptMap to CSV 39.4
- HL7 v2.x Analyze Flat File 39.5
- HL7 v2.x Transmit Flat File 39.6
- Import CSV to ConceptMap 39.7
- Map and Upload CSV Bulk Import File 39.8
- Migrate Database 39.9
- Clear Database Migration Lock 39.10
- Module Config Properties Export 39.11
- Reindex Terminology 39.12
- Synchronize FHIR Servers 39.13
- Upgrade H2 Database File 39.14
- Upload Bundle Files 39.15
- Upload CSV Bulk Import File 39.16
- Upload Sample Dataset 39.17
- Upload Terminology 39.18
- Generate Realtime Export Schema 39.19
- Validate FHIR Resources 39.20
Modules
- JSON Admin API 40.0
- Web Admin Console 40.1
- CDA Exchange 40.2
- Channel Import 40.3
- Cluster Manager 40.4
- Audit Log Persistence 40.5
- Digital Quality Measures (DQM) 40.6
- Enterprise Master Patient Index 40.7
- CDS Hooks Endpoint 40.8
- FHIR Gateway Endpoint 40.9
- FHIR REST Endpoint (DSTU2) 40.10
- FHIR REST Endpoint (DSTU3) 40.11
- FHIR REST Endpoint (R4) 40.12
- FHIRWeb Console 40.13
- HL7 v2.x Listening Endpoint 40.14
- HL7 v2.x Sending Endpoint 40.15
- Hybrid Providers Endpoint 40.16
- Package Registry Endpoint 40.17
- Subscription Websocket Endpoint 40.18
- ETL Importer 40.19
- MDM 40.20
- Narrative Generator 40.21
- FHIR Storage (DSTU2 Relational) 40.22
- FHIR Storage (R3 Relational) 40.23
- FHIR Storage (Mongo) 40.24
- FHIR Storage (R4 Relational) 40.25
- Realtime Export 40.26
- LDAP Inbound Security 40.27
- Local Inbound Security 40.28
- SAML Inbound Security 40.29
- Scripted Inbound Security 40.30
- SMART Inbound Security 40.31
- SMART Outbound Security 40.32
- SMART App Host 40.33
- Subscription Matcher (All FHIR Versions) 40.34
- Subscription Matcher (DSTU2 - Deprecated) 40.35
- Subscription Matcher (DSTU3 - Deprecated) 40.36
- Subscription Matcher (R4 - Deprecated) 40.37
- appSphere 40.38
- Payer to Payer 40.39
- Amazon HealthLake Outbound REST Connector 40.40
- License 40.41
Configuration Categories
- Web Admin Console Settings 41.0
- appSphere 41.1
- Payer Config 41.2
- Initial appSphere Seeding 41.3
- Authentication Callback Scripts 41.4
- Auth: General for APIs 41.5
- User Authentication 41.6
- Auth: HTTP Basic 41.7
- Auth: OpenID Connect 41.8
- Browser Syntax Highlighting 41.9
- Capability Statement (metadata) 41.10
- CDA Generation 41.11
- CDA Import 41.12
- CDA JavaScript Execution Scripts 41.13
- CDS Hooks Definitions 41.14
- Channel Import 41.15
- Channel Retry 41.16
- Kafka 41.17
- Cluster Manager Maintenance 41.18
- Message Broker 41.19
- Cluster Level Security 41.20
- Credentials 41.21
- Cross-Origin Resource Sharing (CORS) 41.22
- Database 41.23
- Da Vinci Health Record Exchange 41.24
- DQM 41.25
- Email Configuration 41.26
- ETL Import: CSV Properties 41.27
- ETL Import: Source 41.28
- FHIR Binary Storage 41.29
- FHIR Bulk Operations 41.30
- Capability Statement 41.31
- FHIR Configuration 41.32
- Consent Service 41.33
- FHIR Endpoint Conversion 41.34
- Interceptors 41.35
- FHIR Endpoint Partitioning 41.36
- Resource Providers 41.37
- FHIR Endpoint Security 41.38
- Endpoint Terminology 41.39
- FHIR Gateway Configuration 41.40
- FHIR Interceptors 41.41
- LiveBundle Service 41.42
- FHIR MDM Server 41.43
- FHIR Performance 41.44
- FHIR Performance Tracing 41.45
- FHIR Realtime Export 41.46
- Repository Validation 41.47
- FHIR Resource Types 41.48
- FHIR REST Endpoint 41.49
- FHIR Search 41.50
- Custom Resource Types 41.51
- IG Support 41.52
- MegaScale 41.53
- FHIR Storage Module Scheduled Tasks 41.54
- FHIR Validation Services 41.55
- FHIR Storage Package Registry 41.56
- FHIR Storage Partitioning 41.57
- Versioned References 41.58
- FHIR Subscription Delivery 41.59
- FHIR Subscription Persistence 41.60
- Amazon HealthLake REST Endpoint 41.61
- HL7 v2.x Mapper - Contained Resource 41.62
- HL7 v2.x Mapper - DG1 41.63
- HL7 v2.x Mapper - Forced Namespace Mode 41.64
- HL7 v2.x Mapper - General 41.65
- HL7 v2.x Mapper - Medications 41.66
- HL7 v2.x Mapper - OBR 41.67
- HL7 v2.x to FHIR Mapper - OBSERVATION Group 41.68
- HL7 v2.x to FHIR Mapper - ORDER_OBSERVATION Group 41.69
- HL7 v2.x Mapper - PID 41.70
- HL7 v2.x Mapper - PV1 41.71
- HL7 v2.x Listener Script 41.72
- HL7 v2.x MLLP Listener 41.73
- HL7 v2.x MLLP Sender 41.74
- FHIR to HL7 v2.x Mapper Script 41.75
- HL7 v2.x Outbound Mapping 41.76
- Da Vinci Health Record Exchange (HRex) 41.77
- HTTP Access Log 41.78
- HTTP Listener 41.79
- HTTP Request Pool 41.80
- HTTP Security 41.81
- Hybrid Providers Definitions 41.82
- Initial User Seeding 41.83
- JavaScript Execution Environment 41.84
- JSON Web KeySet (JWKS) 41.85
- LDAP Authentication 41.86
- Smile CDR License 41.87
- Lucene FullText Indexing 41.88
- MDM 41.89
- Narrative Generator 41.90
- OpenID Connect Token Validation 41.91
- OpenID Connect (OIDC) 41.92
- Payer to Payer 41.93
- Privacy Security Notice 41.94
- Provenance Injection 41.95
- Realtime Export 41.96
- Endpoint Validation: Request Validating 41.97
- Scheduler Configuration 41.98
- Search Parameter Seeding 41.99
- SAML Provider 41.100
- Security Inbound Script 41.101
- Inbound SMART on FHIR Authentication 41.102
- Inbound SMART on FHIR Endpoints 41.103
- OAuth2/OIDC Federation 41.104
- SMART Callback Script 41.105
- Cross-Organizational Data Access Profile 41.106
- SMART Login Skin 41.107
- SMART Login Terms of Service 41.108
- SMART Authorization 41.109
- SMART Definitions Seeding 41.110
- Sessions 41.111
- Two Factor Authentication 41.112
- TLS / SSL (Encryption) 41.113
- Transaction Log 41.114
- Trusted Client 41.115
- User Self Registration 41.116
Product Reference
Amazon HealthLake Outbound REST Connector
ExperimentalPremium
Appendix
Table of Contents
JSON Admin API
33.0JSON Admin API
Smile CDR includes an administration API based on (non-FHIR) RESTful JSON Web Services. This API uses simple JSON-based REST calls to check status information and configure the CDR.
In a default installation of Smile CDR, this will be found on port 9000 so it will be accessible by a URL similar to http://localhost:9000/.
This API makes use of Swagger, which is a RESTful web services description framework as well as a convenient testing tool for using these services. A screenshot of this tool is shown below.
33.0.1Security
By default these services are secured using HTTP Basic Authentication, which means every request should include an Authorization header.
When using Swagger-UI, you will be prompted by your browser for credentials when accessing any services where the default security is preserved.
HTTP Basic Authentication
If HTTP Basic Authentication is enabled, a typical GET request to the JSON Admin API will resemble the following:
GET http://localhost:9000/runtime-status/node-statuses/complete
Authorization: Basic YWRtaW46cGFzc3dvcmQ=
Accept: application/json
These services may also be configured to use a different security module, such as an OpenID Connect module.
33.0.2Format
Note that all dates and times in this API follow the same ISO-8601 format used by FHIR (e.g. 2017-01-01T00:00:00.0000-05:00).
33.0.3Allowing Anonymous Access
It is sometimes beneficial to allow specific types of requests to be performed without authentication. This is most commonly the case for monitoring tools. Note that this is recommended only in cases where the JSON Admin API is not accessible to the outside world (e.g. it is exposed only to a port on an internal management network). If you would like to enable anonymous access, use the following steps:
-
Enable Allow Anonymous Access on the JSON Admin API module. Enabling this setting means that requests to the JSON Admin API will receive the permissions associated with your anonymous user. By default the anonymous user has no meaningful permissions so this setting has no effect on its own.
-
Grant your anonymous user the
ACCESS_ADMIN_JSONpermission. This allows anonymous requests to access the endpoint, but does not grant any ability to invoke specific operations. -
Grant your anonymous user appropriate permissions for the functions you want to enable anonymous access for. For example, if you want to enable anonymous metric access, grant the
VIEW_METRICSpermission. Be careful about which permissions you grant here, since anonymous access can be a significant security concern.