Run Aidbox locallyRun Aidbox in SandboxTalk to us Ask community

Adding Clients for Inferno tests

This article explains how Clients for Inferno can be created

A Client can be added with predefined secret and without. Sometimes it's important to add a Client resource without predefined id and secret.

Client with predefined secret and id

To create or update a Client with predefined secret and id.

PUT /Client/inferno-confidential-patient-smart-app
Content-Type: text/yaml

secret: inferno-confidential-patient-smart-app-secret
type: patient-facing-smart-app
active: true
grant_types:
- authorization_code
auth:
  authorization_code:
    pkce: false
    redirect_uri: 'https://inferno.healthit.gov/suites/custom/smart/redirect'
    refresh_token: true
    secret_required: true
    access_token_expiration: 300
smart:
  launch_uri: 'https://inferno.healthit.gov/suites/custom/smart/launch'

  • id of the Client is defined within the uri. It's a inferno-confidential-patient-smart-app value

  • secret is defined in the request body. The secret value is inferno-confidential-patient-smart-app-secret

Client without predefined secret and id (patient confidential app)

To create a Client without predefined secret and client id use the smartbox.portal.developer.rpc/save-developer-application RPC method.

POST /rpc
Content-Type: text/yaml

method: smartbox.portal.developer.rpc/save-developer-application
params:
  confidentiality:
    value: confidential
  name: some-app-name
  description: some-app-name
  redirect-url: http://redirect
  launch-url: http://launch
  logo-url: http://logo
  org-name: org-name
  org-url: http://org
  policy-url: http://policy
  tos-url: http://tos

Request parameters

  • confidentiality is a set of two options: confidential and public. In the example above the confidential is chosen

  • application-name is the application name

  • description is the application description

  • redirect-url is the redirect uri of the application

  • launch-uri is the launch uri pf the application

  • logo-url is the url of the application logo file

  • org-name is the name of the company application belongs to

  • org-url is the url of the compamy's website

  • policy-url is the link to the application policy page

  • tos-url is the link to the application term of services page

How to get Client secret

Use id we received oт the previous step to request Client details. The secret contains generated value.

GET /Client/b2f66062-4beb-43c8-a32c-aa072134185c
Content-Type: text/yaml

Client without predefined id (patient public app)

To create a Client without predefined id use the smartbox.portal.developer.rpc/save-developer-application RPC method.

POST /rpc
Content-Type: text/yaml

method: smartbox.portal.developer.rpc/save-developer-application
params:
  confidentiality:
    value: public
  name: public-app-name
  description: public-app-name
  redirect-url: http://public.redirect
  launch-url: http://public.launch
  logo-url: http://public.logo
  org-name: public-org-name
  org-url: http://public.org
  policy-url: http://public.policy
  tos-url: http://public.tos

Request parameters

  • confidentiality is a set of two options: confidential and public. In the example above the public is chosen

  • application-name is the application name

  • description is the application description

  • redirect-url is the redirect uri of the application

  • launch-uri is the launch uri pf the application

  • logo-url is the url of the application logo file

  • org-name is the name of the company application belongs to

  • org-url is the url of the compamy's website

  • policy-url is the link to the application policy page

  • tos-url is the link to the application term of services page

Client for provider usage

Provider SMART App must have a tenant link (see this and that articles). To create a Client for provider use the following request.

POST  /Client
Content-Type: text/yaml

type: provider-facing-smart-app 
name: provider-app-name
description: provider-app-description
grant_types:
   - authorization_code
resourceType: Client
smart:
  launch_uri: http://launch
auth:
  authorization_code:
    pkce: true
    redirect_uri: http://redirect
    refresh_token: true
    secret_required: false
    access_token_expiration: 300
details:
  logo-uri: http://logo
meta:
  _tenant: my-clinic

Notice meta._tenant in the request containing the id of the tenant

Client for Bulk API

Bulk API Client must have a tenant link (see this and that articles). To create a Bulk API Client use the following request.

POST /Client

name: bulk-app-name
jwks_uri: http://jwks-uri
auth:
  client_credentials:
    client_assertion_types:
      - urn:ietf:params:oauth:client-assertion-type:jwt-bearer
    access_token_expiration: 300
type: bulk-api-client
scope:
  - system/*.read
grant_types:
  - client_credentials
meta:
  _tenant: my-clinic

Notice meta._tenant in the request containing the id of the tenant

PreviousConsiderations for Testing with Inferno ONCNextMultitenancy approach

Last updated