An additional client connection must be configured for the SMART on FHIR token exchange in the Hyland IdP server.
To configure a client connection for the SMART on FHIR token exchange:
- Log in to the Hyland IdP Administration client.
- Select the Clients tab.
- Click Add New. The client configuration page is displayed.
- Enter a Name for the SMART on FHIR token exchange client.
-
Configure the following settings. All other settings can be left with the
default values.
Setting Value Protocol Type
oidc
Allowed Grant Types
Token Exchange, Addendum Exchange
Allowed Scopes
openid, evolution, group
Note:If you are using an existing NilRead environment with Clinician Window, then you also must add the nilread scope.
Allow users to log in locally
Select Allow users to log in locally
Allow clients to request a refresh token
Select Allow clients to request a refresh token
Allow issuing access tokens to browsers
Select Allow issuing access tokens to browsers
Access Token Type
Select Reference from the drop-down list.
Include user claims in ID token
Select Include user claims in ID token
Client Secret must be present
Select Client Secret must be present.
-
Configure a client secret as described in the Hyland Identity and
Access Management Services documentation.
In the next procedure, you will add the plain-text secret value to the SMART on FHIR configuration file on the Clinician Window BFF Server.
- Save the client configuration.
-
Copy the Client ID value to the clipboard by clicking
the icon at the right of the Client ID field.
You will need this value for the Configuring the Clinician Window BFF for SMART on FHIR procedure.