Smile CDR v2022.08.PRE
On this page:

8.13Automatic Provenance Injection


Often times Provenance resource is required for the purpose of providing authenticity, trust, and reproducibility. What would happen when the required Provenance wasn't in the repository? How would you address the need for a proven record of transmission? This is when this feature comes into play.

8.13.1Provenance Injection Feature


The Provenance injection allows the injection of a Provenance resource into the request response and serves as a record of transmission for the client. This injection does not require a previous existence of Provenance data in the repository. The configurable built-in Smile CDR interceptor injects transient/non-persisted Provenance resource into a response at request time. Here are the three configurable conditions on when the Provenance will be injected.

  • When the $everything operation is enabled and invoked. E.g. GET [base]/[type]/$everything
  • When ?_revinclude=Provenance:target is enabled and a search that includes ?_revinclude=Provenance:target. E.g. GET [base]/[type]?_id=<#>&_revinclude=Provenance:target

Below is a diagram illustrating how the Provenance resource is injected for the $everything operation. The ?_revinclude=Provenance:target is also being injected in the same matter as illustrated below.

Provenance Injection Interceptor

8.13.2Provenance Injection Data


The interceptor will dynamically populate the following data:

  • recorded - when the Provenance resource was injected
  • target - target Reference(s). For $everything operation, this will reference each resource in the response. For ?_revinclude=Provenance:target search request, this will reference the target(s) of the search request.

The interceptor will also populate the following if it is configured.

  • profile - will populate the profile that this resource is conformed to. This is defined in the Profile property. This is optional.
  • Agent Type - will populate the agent type of the system and code value. This is defined in the Agent Type property with the pipe-delimited value. This is optional.
  • Agent Who - will populate the individual, device, or organization that participated. This is defined in the Agent Who property. This is required when the interceptor is enabled. The accepted reference value is an Organization, e.g. Organization/123.