Reference
-
Welcome to Smile CDR
- Table of Contents
- Smile CDR Maturity Model
- Smile CDR Premium Solutions
- List of Features by Maturity
- Changelog (2024 Releases)
- Changelog (2023 Releases)
- Changelog (2022 Releases)
- Changelog (2021 Releases)
- Changelog (2020 Releases)
- Changelog (2019 Releases)
- Changelog (2018 Releases)
- Changelog (2017 Releases)
-
Getting Started
-
Installation
-
Tutorial and Tour
-
FHIR Storage
- Concepts in Smile CDR
- FHIR Storage Modules
- FHIR Endpoint Module
- FHIRWeb Console
- OpenAPI / Swagger Support
- FHIR Endpoint Customization
- Resource IDs
- Search Parameters
- Search Parameter Features
- Phonetic Search Parameters
- Search Parameter Tuning
- Search Parameter Reindexing
- Searching for Data
- Creating Data
- Reading Data
- Updating Data
- Deleting Data
- Binary Data
- Request Tracing and Provenance
- FHIR Versions
- Resource Versions and Versioned References
- Tags, Profiles, and Security Labels
- Partitioning and Multitenancy
- Custom Resource Types
- Batch and Scheduled Jobs
-
FHIR Storage (MongoDB)
-
Validation and Conformance
- Introduction
- Validation Support Repository
- Validation Support Repository Options
- Conformance Data
- Repository Validation
- Repository Validation: Java
- Repository Validation: Javascript
- Repository Validation: Validation Bean
- Endpoint Validation
- Packages and Implementation Guides
- Package Registry Endpoint Module
- Remote Terminology Services
- Suppressing Messages
- Validation Performance
- Automatic Provenance Injection
-
Channel Import
-
Security
- Security in Smile CDR
- Authentication Protocols
- Authorization and Consent
- Inbound Security Module
- Local Inbound Security Module
- LDAP Inbound Security Module
- Scripted Inbound Security Module
- SAML Inbound Security Module
- Trusted Client Mode
- Roles and Permissions
- Callback Scripts
- Anonymous Access
- Consent Service
- Consent Service: JavaScript API
- Consent Service: Java API
- Security Recipes
- Two Factor Authentication
- Troubleshooting Security
-
SMART on FHIR
- SMART on FHIR: Introduction
- SMART: Scopes
- SMART: Auth Flows
- SMART: Endpoints
- Client Management
- OIDC Keystores
- SMART: Smile CDR Support
- SMART Outbound Security: Module
- SMART Outbound Security: Skinning
- SMART Outbound Security: Context Selection
- SMART Outbound Security: SAML Bridging
- SMART: Federated OAuth2/OIDC Login
- SMART: Application Approval/Consent
- SMART Inbound Security Module
- SMART: Session Management
- SMART: Assigning Permissions
- SMART: Access Tokens
- SMART: User Profile Information
- FHIR Client Authentication
-
FHIR Hybrid Providers
-
CDS Hooks
-
IG Support
-
Clustering
-
HL7 v2.x Support
- Introduction
- Inbound Messaging
- FHIR-Based Terminology Translation
- Outbound Messaging
- Outbound: Default Resource Conversion
- Outbound: Custom Resource Conversion
- Outbound: Verbatim Messaging
- Outbound: Transport
- Transactions
- Structure Definitions
- Segment Definitions
- Table Definitions
- Naming System Mapping
- Processing Results Feeds
- Protocol
-
System to System Data Exchange
-
Bulk Operations
-
Additional Features
-
Product Administration
-
JSON Admin Endpoints
- JSON Admin API
- Audit Log Endpoint
- Batch Job Endpoint
- Bulk Import Endpoint
- CDA Exchange Endpoint
- Metrics Endpoint
- Module Config Endpoint
- OpenID Connect Clients Endpoint
- OpenID Connect Servers Endpoint
- OpenID Connect Sessions Endpoint
- Runtime Status Endpoint
- System Config Endpoint
- Transaction Log Endpoint
- Troubleshooting Log Endpoint
- User Management Endpoint
-
HFQL: Direct SQL Access
-
Product Configuration
-
Java Execution Environment
-
JavaScript Execution Environment
- Introduction
- Specifying JavaScript in Configuration File
- Remote Debugging
- ECMA Modules (import)
- Converter API
- Environment API
- Exceptions API
- OAuth2 Exceptions API
- FHIR REST API
- FHIR Model API
- HL7 v2.x Mapping API
- HTTP API
- LDAP API
- Log API
- Composition Resource API
- Composition Section API
- TransactionBuilder API
- Util API
- UUID API
- XML API
- Callback Models
-
Localization
-
Smile CDR CLI (smileutil)
- Introduction
- Bulk Import
- Create FHIR Package
- Execute Script Function
- Export ConceptMap to CSV
- HL7 v2.x Analyze Flat File
- HL7 v2.x Transmit Flat File
- Import CSV to ConceptMap
- Map and Upload CSV Bulk Import File
- Migrate Database
- Clear Database Migration Lock
- Module Config Properties Export
- Reindex Terminology
- Synchronize FHIR Servers
- Upgrade H2 Database File
- Upload Bundle Files
- Upload CSV Bulk Import File
- Upload Sample Dataset
- Upload Terminology
- Generate Realtime Export Schema
- Validate FHIR Resources
-
Apache Camel Integration
-
Prior Auth CRD (Coverage Requirement Discovery)
-
Prior Auth DTR (Documentation Templates and Rules)
-
Prior Auth Support
-
Modules
- JSON Admin API
- Web Admin Console
- CDA Exchange
- Channel Import
- Cluster Manager
- CQL
- Audit Log Persistence
- Transaction Log Persistence
- Digital Quality Measures (DQM)
- Documentation Templates and Rules (DTR)
- Enterprise Master Patient Index
- CDS Hooks Endpoint
- FHIR Gateway Endpoint
- FHIR REST Endpoint (All Versions)
- FHIR REST Endpoint (DSTU2 - Deprecated)
- FHIR REST Endpoint (DSTU3 - Deprecated)
- FHIR REST Endpoint (R4 - Deprecated)
- FHIRWeb Console
- HL7 v2.x Listening Endpoint
- HL7 v2.x Listening Endpoint (Deprecated)
- HL7 v2.x Sending Endpoint
- Hybrid Providers Endpoint
- Package Registry Endpoint
- Subscription Websocket Endpoint
- ETL Importer
- MDM
- MDM UI
- Prior Auth CRD
- Prior Auth Support
- Narrative Generator
- FHIR Storage (DSTU2 RDBMS)
- FHIR Storage (R3 RDBMS)
- FHIR Storage (R4 RDBMS)
- FHIR Storage (R5 RDBMS)
- FHIR Storage (Mongo)
- Realtime Export
- LDAP Inbound Security
- Local Inbound Security
- SAML Inbound Security
- Scripted Inbound Security
- SMART Inbound Security
- SMART Outbound Security
- Subscription Matcher (All FHIR Versions)
- Subscription Matcher (DSTU2 - Deprecated)
- Subscription Matcher (DSTU3 - Deprecated)
- Subscription Matcher (R4 - Deprecated)
- appSphere
- Payer to Payer
- System to System Data Exchange
- Amazon HealthLake Outbound REST Connector
- License
- Camel
-
Configuration Categories
- Web Admin Console Settings
- appSphere
- Payer Config
- Initial appSphere Seeding
- Authentication Callback Scripts
- Auth: General for APIs
- User Authentication
- Auth: HTTP Basic
- Auth: OpenID Connect
- Browser Syntax Highlighting
- Camel
- Capability Statement (metadata)
- Care Gaps
- CDA Generation
- CDA Import
- CDA Interceptors
- CDA JavaScript Execution Scripts
- CDA Terminology
- CDS Hooks Definitions
- CDS Hooks On FHIR
- Channel Import
- Channel Retry
- Kafka
- Cluster Manager Maintenance
- Message Broker
- Cluster Level Security
- CQL
- Credentials
- Cross-Origin Resource Sharing (CORS)
- Invoke Export
- Member Match
- Database
- Da Vinci Health Record Exchange
- DQM
- EasyShare SMART Health Links
- Email Configuration
- MDM UI
- ETL Import: CSV Properties
- ETL Import: Source
- FHIR Binary Storage
- FHIR Bulk Operations
- Capability Statement
- FHIR Configuration
- Consent Service
- FHIR Endpoint Conversion
- FHIR Endpoint HFQL Support
- FHIR Endpoint Partitioning
- Resource Providers
- FHIR Endpoint Security
- Endpoint Terminology
- FHIR Gateway Cache
- FHIR Gateway Configuration
- FHIR Interceptors
- LiveBundle Service
- FHIR MDM Server
- FHIR Performance
- FHIR Performance Tracing
- FHIR Realtime Export
- Repository Validation
- FHIR Resource Types
- FHIR REST Endpoint
- FHIR Search
- Custom Resource Types
- IG Support
- MegaScale
- FHIR Storage Module Conditional Updates
- FHIR Storage Module Scheduled Tasks
- FHIR Validation Services
- FHIR Storage Package Registry
- FHIR Storage Partitioning
- Versioned References
- FHIR Subscription Delivery
- FHIR Subscription Persistence
- Amazon HealthLake REST Endpoint
- HL7 v2.x Mapper - Contained Resource
- HL7 v2.x Mapper - DG1
- HL7 v2.x Mapper - Forced Namespace Mode
- HL7 v2.x Mapper - General
- HL7 v2.x Mapper - Medications
- HL7 v2.x Mapper - OBR
- HL7 v2.x to FHIR Mapper - OBSERVATION Group
- HL7 v2.x Mapper - ORC
- HL7 v2.x to FHIR Mapper - ORDER_OBSERVATION Group
- HL7 v2.x Mapper - PID
- HL7 v2.x Mapper - PV1
- Listener Interceptors
- HL7 v2.x Listener Script
- HL7 v2.x Listening Endpoint
- HL7 v2.x MLLP Listener
- HL7 v2.x MLLP Sender
- FHIR to HL7 v2.x Mapper Script
- HL7 v2.x Outbound Mapping
- HTTP Access Log
- HTTP Listener
- HTTP Request Pool
- HTTP Security
- Hybrid Providers Definitions
- IG Support
- Initial User Seeding
- JavaScript Execution Environment
- JSON Web KeySet (JWKS)
- LDAP Authentication
- Smile CDR License
- Lucene FullText Indexing
- MDM
- Narrative Generator
- OpenID Connect Token Validation
- OpenID Connect (OIDC)
- Payer to Payer
- Prior Authorization Coverage Requirement Discovery
- Prior Auth DTR
- Prior Authorization Support
- Privacy Security Notice
- Provenance Injection
- Quality Payment Program (QPP)
- Realtime Export
- Endpoint Validation: Request Validating
- Scheduler Configuration
- Search Parameter Seeding
- SAML Provider
- Security Inbound Script
- Inbound SMART on FHIR Authentication
- Inbound SMART on FHIR Endpoints
- OAuth2/OIDC Federation
- SMART Callback Script
- Cross-Organizational Data Access Profile
- SMART Login Skin
- SMART Login Terms of Service
- SMART Authorization
- SMART Definitions Seeding
- Sessions
- Two Factor Authentication
- TLS / SSL (Encryption)
- Transaction Log
- Trusted Client
- User Self Registration
-
Product Reference
-
Amazon HealthLake Outbound REST Connector
Powered by Smile CDR v2026.02.PRE-01 (build 8ae07b6b12)
Showing documentation for 2024.08.R01
Table of Contents
JWT Signature Algorithms
52.5.1JWT Signature Algorithms
The following table shows JWT signature algorithms that are supported in Smile CDR for both signing and signature verification of JSON Web Tokens.
| Name | Algorithm | Notes |
|---|---|---|
| HS256 | HMAC using SHA-256 hash algorithm | The HMAC+SHA family of algorithms requires a secret key to be shared between the issuing server and the verifying server, so the private key must be explicitly defined in the server definition configured with Smile CDR. |
| HS384 | HMAC using SHA-384 hash algorithm | |
| HS512 | HMAC using SHA-512 hash algorithm | |
| RS256 | RSASSA-PKCS-v1_5 using SHA-256 hash algorithm | |
| RS384 | RSASSA-PKCS-v1_5 using SHA-384 hash algorithm | |
| RS512 | RSASSA-PKCS-v1_5 using SHA-512 hash algorithm | |
| ES256 | ECDSA using P-256 (secp256r1) curve and SHA-256 hash algorithm | |
| ES256K | ECDSA using P-256K (secp256k1) curve and SHA-256 hash algorithm | |
| ES384 | ECDSA using P-384 curve and SHA-384 hash algorithm | |
| ES512 | ECDSA using P-521 curve and SHA-512 hash algorithm | |
| PS256 | RSASSA-PSS using SHA-256 hash algorithm and MGF1 mask generation function with SHA-256 | |
| PS384 | RSASSA-PSS using SHA-384 hash algorithm and MGF1 mask generation function with SHA-384 | |
| PS512 | RSASSA-PSS using SHA-512 hash algorithm and MGF1 mask generation function with SHA-512 | |
| EdDSA | EdDSA signature algorithms |