The Clinician Window API must be configured to share secrets with the Hyland IdP server. Before you begin, make sure IdP client connections are configured for the Hyland Preferences Service and the Hyland License Check API. For more information, see the following topics:
- Configuring the IdP Client for the Hyland Preferences Service
- Configuring the IdP Client for the License Check API
To configure the Clinician Window API to use IdP authentication:
-
Open the appsettings.Production.json file of the Clinician
Window API in a plain-text editor.
In a default installation, this file is located at: C:\Program Files\Hyland\CW_API.
- Locate the IdP element.
-
Enter the endpoint of the Hyland IdP server as the value for the
Url attribute.
This value is case sensitive. For example, if your domain is my.domain, the Hyland IdP application name is identityprovider, and the environment is configured for secure connections, then the value is https://my.domain/identityprovider.
-
Add the IdP client ID for the Hyland License Check API client connection.
- In the Secrets array, locate the Name attribute with the value of IdPClientId.
-
Paste the client ID value of the Hyland License Check API client you
copied from the Hyland IdP server as the value of the
Value attribute located below the
Name attribute. For example:
"Secrets": [ { "Name": "IdPClientId", "Value": "02c62adb-e039-43f1-bfba-2c15ec750bf9" },
This is the unique ID of the Hyland License Check API client on the Hyland IdP server. This value is case sensitive and must match exactly the value on the Hyland IdP server.
-
Add the client secret for the Hyland License Check API client connection.
- In the Secrets array, locate the Name attribute with the value of IdPClientSecret.
-
For the Value attribute below the
Name attribute, enter the plain-text value of
the client secret assigned to the Hyland License Check API client
connection configured in the IdP Admin interface.
You must enter the plain-text value, not the hashed value that is displayed after saving your client secret configuration settings in the IdP Admin interface. For example:
{ "Name": "IdPClientSecret", "Value": "MyLicenseCheckApiSecret" },
-
Add the IdP client ID for the Hyland Preferences Service client
connection.
- In the Secrets array, locate the Name attribute with the value of PrefServiceClientId.
-
Paste the client ID value of the Hyland Preferences Service client you
copied from the Hyland IdP server as the value of the
Value attribute located below the
Name attribute.
For example:
{ "Name": "PrefServiceClientId", "Value": "4a8ec402-519c-48a0-8ea9-6dbe790ab8af" },
This is the unique ID of the Hyland Preferences Service client on the Hyland IdP server. This value is case sensitive and must match exactly the value on the Hyland IdP server.
-
Add the client secret for the Hyland Preferences Service client
connection.
- In the Secrets array, locate the Name attribute with the value of PrefServiceClientSecret.
-
For the Value attribute below the
Name attribute, enter the plain-text value of
the client secret assigned to the Hyland Preferences Service client
connection configured in the IdP Admin interface.
You must enter the plain-text value, not the hashed value that is displayed after saving your client secret configuration settings in the IdP Admin interface. For example:
{ "Name": "PrefServiceClientSecret", "Value": "MyPrefSvcSecret" },
- Save and close the appsettings.Production.json file.
- Recycle the application pool of the Clinician Window API for the changes to take effect.