Aidbox
Search…
Aidbox documentation
Overview
Features
Licensing and Support
Aidbox UI
Versioning
Release Notes
FAQ
Getting Started
Run Aidbox in Aidbox Sandbox
Run Aidbox locally with Docker
Run Aidbox as a SaaS
Aidbox configuration
Configure Aidbox and Multibox
Aidbox project
API constructor (beta)
Setup SMTP provider
Zen Configuration
API
FHIR API
REST API
Bulk API
Batch Upsert
Batch/Transaction
Cache
ETAG support
Reactive API
Sequence API
Encryption API
Compartments API
GraphQL API
RPC API
Profiling and validation
Profiling and validation overview
Profiling with zen-lang
Asynchronous resource validation
Profiling with AidboxProfile
Terminology
Aidbox terminology module overview
Import external (not-present) terminologies
Concept
CodeSystem
ValueSet
Handling hierarchies using ancestors
$translate on ConceptMap
Terminology Tutorials
FHIR Implementation Guides
🎓
HL7 FHIR Da Vinci PDex Plan Net IG
§170.315(g)(10) Standardized API for patient and population services
Tutorials
App development guides
Testing with Stresty
Working with Aidbox from .NET
Administration
Receive logs from your app
$matcho
$to-format
Storage
Overview
Database schema
Archiving
AWS S3
GCP Cloud Storage
Azure Blob Storage
Security & Access Control
Overview
Authentication Flows
Access Control
Multitenancy
Core Modules
Entities & Attributes
$json-schema
Monitoring
Logging & Audit
Modules
HL7 v2 Integration
FHIR Resources
Custom Resources
Aidbox Search
First-Class Extensions
Multibox
Multibox box manager API
Multibox monitoring
Plan API
Plan API Overview
Patient Access API
Integrations
Analytics
Audit
Authentication
Tools
Mappings
Aidbox SDK
Contact us
Reference
Configuration
Powered By GitBook
Overview
User, Session, Client resources and mechanics explained

User

Aidbox has a SCIM User Resource.
Attributes:
element
type
description
id
string
​
email
string
​
password
string
Hash of password
identifier
Identifier[]
​
userName
​
​

Create Users

To create user you can use CRUD API, e.g. POST /User and PUT /User/

User Login

Human User can use /auth/login to log in with credentials defined in a User resource
System can authenticate a User as it is specified in OAuth 2.0 spec. For example, you can get access token via
POST /auth/token
client_id: password-client
grant_type: password
username: [email protected]
password: password
Note for such authentification a Client resource should be created
You can find different authorization flow examples in the Auth Sandbox in the Aidbox ui
GET /auth/userinfo returns info about current User session

Activate/Deactivate Users

To control User active status you can change User.inactive attribute by setting true or false value. Deactivating user doesn't affect Session's activation.

Sessions

For each user login Aidbox creates Session resource
Get last 10 sessions
select cts, resource#>>'{user,id}'
from session
order by cts desc
limit 10

Session expiration

Basically, all sessions stored in Aidbox are infinite, and you have to manage session expiration by yourself manually.
However since Aidbox v:2205 Session.exp field was added. It represents NumericDate from RFC7519 and it identifies the expiration time after which the Session will not be accepted for processing.
You can specify auth.*.access_token_expiration (in seconds) on Client resource, so Session.exp field will be propagated once corresponding grant_type is used to launch a Session.

Client

To provide programmatic access to Aidbox you have to register a client - Client resource.
Client resource must have grant_types attribute defining authentification scheme for this Client.
​Application grant types (or flows) are methods through which applications can gain Access Tokens and by which you grant limited access to your resources to another entity without exposing credentials.
Grant types are choosed appropriately based on the grant_types property of your Auth0-registered Application. The OAuth 2.0 protocol supports several types of grants, which allow different types of access. To see available grant types and grant type mapping refer to the doc.
Other required attributes are determined based on the values of this attribute grant_types is an array of strings, possible values are:
  • basic
  • client_credentials
  • password
  • implicit
  • authorization_code
  • code
You can find different authorization flow examples in the Auth Sandbox in the Aidbox ui
Storage - Previous
Azure Blob Storage
Next - Security & Access Control
Authentication Flows
Last modified 2mo ago
Copy link
Edit on GitHub
Outline
User
Create Users
User Login
Activate/Deactivate Users
Sessions
Session expiration
Client