43.0.1JSON Admin API

 

Smile CDR includes an administration API based on (non-FHIR) RESTful JSON Web Services. This API uses simple JSON-based REST calls to check status information and configure the CDR.

In a default installation of Smile CDR, this will be found on port 9000 so it will be accessible by a URL similar to http://localhost:9000/.

This API makes use of Swagger, which is a RESTful web services description framework as well as a convenient testing tool for using these services. A screenshot of this tool is shown below.

Swagger-UI

43.0.2Endpoint Summary

 

The following table provides an overview of all JSON Admin API endpoints. Click on an endpoint name to view its detailed documentation.

EndpointRequired PermissionsDescription
Audit LogVIEW_AUDIT_LOGAccess audit logs
Batch JobsVIEW_BATCH_JOBS, MANAGE_BATCH_JOBSView and manage batch jobs
Bulk ImportETL_IMPORT_PROCESS_FILEProcess ETL import files
CDA ExchangeCREATE_CDA_TEMPLATE, VIEW_CDA_TEMPLATE, DELETE_CDA_TEMPLATEManage CDA document templates
Config DiagnosticsACCESS_ADMIN_JSON, VIEW_MODULE_CONFIGDiagnose configuration issues
JSON Admin HomeNone (/docs/json_admin_endpoints/free access)Access Swagger UI interface for API exploration
MDMACCESS_ADMIN_JSONDEPRECATED
MetricsVIEW_METRICSAccess runtime metrics and thread dumps
Module ConfigVIEW_MODULE_CONFIG, CREATE_MODULE, UPDATE_MODULE_CONFIG, CONTROL_MODULEConfigure and control system modules
OpenID Connect ClientsOPENID_CONNECT_VIEW_CLIENT_LIST, OPENID_CONNECT_ADD_CLIENT, OPENID_CONNECT_EDIT_CLIENTManage OpenID Connect clients
OpenID Connect KeystoresOPENID_CONNECT_MANAGE_KEYSTORESManage OpenID Connect keystores
OpenID Connect ServersOPENID_CONNECT_VIEW_SERVER_LIST, OPENID_CONNECT_ADD_SERVER, OPENID_CONNECT_EDIT_SERVERManage OpenID Connect servers
OpenID Connect SessionsOPENID_CONNECT_MANAGE_GLOBAL_SESSIONSManage OpenID Connect sessions
Runtime StatusVIEW_MODULE_STATUSView node and module status information
System ConfigVIEW_MODULE_CONFIGView system configuration
Transaction LogVIEW_TRANSACTION_LOG, VIEW_TRANSACTION_LOG_EVENTView transaction logs and events
Troubleshooting LogACCESS_ADMIN_JSONAccess troubleshooting logs
User ManagementVIEW_USERS, CREATE_USER, UPDATE_USER, VariousManage users, passwords, and authentication
VersionACCESS_ADMIN_JSONRetrieve system version information

43.0.3Security

 

By default, these services are secured using HTTP Basic Authentication, which means every request should include an Authorization header.

When using Swagger-UI, you will be prompted by your browser for credentials when accessing any services where the default security is preserved.

43.0.3.1HTTP Basic Authentication

If HTTP Basic Authentication is enabled, a typical GET request to the JSON Admin API will resemble the following:

GET http://localhost:9000/runtime-status/node-statuses/complete
Authorization: Basic YWRtaW46cGFzc3dvcmQ=
Accept: application/json

These services may also be configured to use a different security module, such as an OpenID Connect module.

43.0.4Format

 

Note that all dates and times in this API follow the same ISO-8601 format used by FHIR (e.g. 2017-01-01T00:00:00.0000-05:00).

43.0.5Allowing Anonymous Access

 

It is sometimes beneficial to allow specific types of requests to be performed without authentication. This is most commonly the case for monitoring tools. Note that this is recommended only in cases where the JSON Admin API is not accessible to the outside world (e.g. it is exposed only to a port on an internal management network). If you would like to enable anonymous access, use the following steps:

  • Enable Allow Anonymous Access on the JSON Admin API module. Enabling this setting means that requests to the JSON Admin API will receive the permissions associated with your anonymous user. By default the anonymous user has no meaningful permissions so this setting has no effect on its own.

  • Grant your anonymous user the ACCESS_ADMIN_JSON permission. This allows anonymous requests to access the endpoint, but does not grant any ability to invoke specific operations.

  • Grant your anonymous user appropriate permissions for the functions you want to enable anonymous access for. For example, if you want to enable anonymous metric access, grant the VIEW_METRICS permission. Be careful about which permissions you grant here, since anonymous access can be a significant security concern.