Considerations for Testing with Inferno ONC
Mandatory software components & configurations
Mandatory software components
Aidbox minimum installation consists of two mandatory components:
PostreSQL relations database management system as data persistence layer
Aidbox itself configured working to the
PostgreSQL
PostgreSQL
As an Aidboxdb
docker container can be got here. It has all necessary extensions on board.
Aidbox
The powerful FHIR-server. It also supports SMART on FHIR
authorization flow.
Aidbox is distributed as a Docker container:
Mandatory software configurations
Aidbox
It could be configured in many ways but the minimum configuration is defined here.
Main configuration aspects:
S3 account & bucket should be prepared as Aidbox uploads exported data to the bucket
Aidbox should be configured as a zen-project
TLS for HTTP
ONC Inferno requires certain TLS version usage over HTTP requests. The allowed versions are v1.2+.
Technical requirements and attributes necessary for registration
confidential
and public
applications
confidential
and public
applicationsThere are two types of the applications using SMART on FHIR API:
confidential
apps are able to protect issued secretspublic
ones are not able to do it
confidential
application
confidential
applicationpublic
application
public
applicationpublic
, which don't have backend service and are not able to keep secret securely, shouldn't have secret, basic grant type and auth.authorization_code.secret_required
should be disabled. Example:
bulk
client for back-end
application
bulk
client for back-end
applicationClient example for bulk
application.
Expanding scope
scope
scope
are used to let SMART on FHIR
know what resources an
application needs to have access to. scope
can be defined in two ways:
Exact resource name like
patient/Device.read
. In this caseread
access to theDevice
is requestedWildcard definition like
patient/*.read
saysall
the patients resourcesread
access requested
How Aidbox expands wildcard *
scope
*
scopepatient/*.read
expands to:
patient/Patient.read
patient/AllergyIntolerance.read
patient/CarePlan.read
patient/CareTeam.read
patient/Condition.read
patient/Device.read
patient/DiagnosticReport.read
patient/DocumentReference.read
patient/Goal.read
patient/Encounter.read
patient/Immunization.read
patient/MedicationRequest.read
patient/Observation.read
patient/Procedure.read
patient/Provenance.read
patient/Practitioner.read
patient/Organization.read
patient/Location.read
user/*.read
expands to:
user/Patient.read
user/AllergyIntolerance.read
user/CarePlan.read
user/CareTeam.read
user/Condition.read
user/Device.read
user/DiagnosticReport.read
user/DocumentReference.read
user/Goal.read
user/Encounter.read
user/Immunization.read
user/MedicationRequest.read
user/Observation.read
user/Procedure.read
user/Provenance.read
user/Practitioner.read
user/Organization.read
user/Location.read
system/*.read
expands to:
system/Patient.read
system/AllergyIntolerance.read
system/CarePlan.read
system/CareTeam.read
system/Condition.read
system/Device.read
system/DiagnosticReport.read
system/DocumentReference.read
system/Goal.read
system/Encounter.read
system/Immunization.read
system/MedicationRequest.read
system/Observation.read
system/Procedure.read
system/Provenance.read
system/Practitioner.read
system/Organization.read
system/Location.read
Last updated