Configuring a FHIR JWT Bearer Provider - Identity and Access Management Services - 4.4 - 4.4 - Ready - Other - external

Identity and Access Management Services

Platform
Other
Product
Identity and Access Management Services
Release
4.4
License

This type of provider allows the Hyland IdP server to retrieve access tokens from the FHIR authentication server on behalf of the clients using the FHIR JWT Bearer Authorization grant type. For more information on configuring grant types for a client connection, see Configuring a Client Connection on the Hyland IdP Server.

To configure the Hyland IdP server to use FHIR JWT Bearer:

  1. Launch the Hyland IdP Administration client and log in (see Accessing the Hyland IdP Administration Client).
    Upon successfully logging in, the tenant, provider, client connection, and API resource information is displayed. In a wide display, the tenant information is in the left pane and the providers, client connections, and API resources configured for that tenant are listed in the right pane. In a narrow display, the tenant information is at the top of the page and the provider, client connection, and API resource information is below it.
  2. Click the Provider tab to view the providers currently configured for the tenant. The number of providers configured is displayed in parenthesis in the tab heading.
    Provider tab with the number of providers in parenthesis
  3. If this is a new provider, click Add New at the upper right of the providers list.

    If you are configuring an existing provider, click its name in the list of providers.

    The Provider configuration page is displayed. It is divided into the Basic Settings and Protocol areas. In a wide display, the Basic Settings area is on the left. In a narrow display, the Basic Settings area is at the top of the page.

  4. Under Protocol, select FHIR JWT Bearer from the Type drop-down list. The specific settings for FHIR JWT bearer providers are displayed.
  5. Under Basic Settings, enter a unique name for the provider. This value is required and must only contain alphanumeric characters, spaces, hyphens (-), or underscores ( _ ).
  6. Under FHIR Client Configuration, configure the following options.

    Option

    Description

    Discovery Document Endpoint

    The discovery document endpoint of the FHIR authentication server. This setting is required. The endpoint must begin with http:// or https://.

    For example, if the base path of the FHIR authentication server is my.basepath, and the environment is configured for secure connections, then the value is: https://my.basepath/.well-known/openid-configuration

    Client IDs

    The list of client IDs registered on the FHIR authentication server. At least one client ID is required.

  7. Click Save in the lower right corner of the page.
  8. Recycle the application pool of the Hyland IdP server in IIS for the changes to take effect.