Configuring IdP Settings for the Clinician Window API - Hyland Clinician Window - 23.3 - 23.3 - Other - external

Hyland Clinician Window

Platform
Other
Product
Hyland Clinician Window
Release
23.3
License

The Clinician Window API must be configured to share secrets with the Hyland IdP server. Before you begin, make sure IdP client connections are configured for the Hyland Preferences Service and the Hyland License Check API. For more information, see the following topics:

To configure the Clinician Window API to use IdP authentication:

  1. Open the appsettings.Production.json file of the Clinician Window API in a plain-text editor.
    In a default installation, this file is located at: C:\Program Files\Hyland\CW_API.
  2. Locate the IdP element.
  3. Enter the endpoint of the Hyland IdP server as the value for the Url attribute.
    This value is case sensitive. For example, if your domain is my.domain, the Hyland IdP application name is identityprovider, and the environment is configured for secure connections, then the value is https://my.domain/identityprovider.
  4. Add the IdP client ID for the Hyland License Check API client connection.
    1. In the Secrets array, locate the Name attribute with the value of IdPClientId.
    2. Paste the client ID value of the Hyland License Check API client you copied from the Hyland IdP server as the value of the Value attribute located below the Name attribute. For example:
          "Secrets": [
            {
              "Name": "IdPClientId",
              "Value": "02c62adb-e039-43f1-bfba-2c15ec750bf9"
            },

      This is the unique ID of the Hyland License Check API client on the Hyland IdP server. This value is case sensitive and must match exactly the value on the Hyland IdP server.

  5. Add the client secret for the Hyland License Check API client connection.
    1. In the Secrets array, locate the Name attribute with the value of IdPClientSecret.
    2. For the Value attribute below the Name attribute, enter the plain-text value of the client secret assigned to the Hyland License Check API client connection configured in the IdP Admin interface.

      You must enter the plain-text value, not the hashed value that is displayed after saving your client secret configuration settings in the IdP Admin interface. For example:

            {
              "Name": "IdPClientSecret",
              "Value": "MyLicenseCheckApiSecret"
            },
      
  6. Add the IdP client ID for the Hyland Preferences Service client connection.
    1. In the Secrets array, locate the Name attribute with the value of PrefServiceClientId.
    2. Paste the client ID value of the Hyland Preferences Service client you copied from the Hyland IdP server as the value of the Value attribute located below the Name attribute.

      For example:

            {
              "Name": "PrefServiceClientId",
              "Value": "4a8ec402-519c-48a0-8ea9-6dbe790ab8af"
            },

      This is the unique ID of the Hyland Preferences Service client on the Hyland IdP server. This value is case sensitive and must match exactly the value on the Hyland IdP server.

  7. Add the client secret for the Hyland Preferences Service client connection.
    1. In the Secrets array, locate the Name attribute with the value of PrefServiceClientSecret.
    2. For the Value attribute below the Name attribute, enter the plain-text value of the client secret assigned to the Hyland Preferences Service client connection configured in the IdP Admin interface.

      You must enter the plain-text value, not the hashed value that is displayed after saving your client secret configuration settings in the IdP Admin interface. For example:

            {
              "Name": "PrefServiceClientSecret",
              "Value": "MyPrefSvcSecret"
            },
      
  8. Save and close the appsettings.Production.json file.
  9. Recycle the application pool of the Clinician Window API for the changes to take effect.