A HAPI FHIR Starter Project with support for AuthN and AuthZ.
The goal of this project is to demonstrate secure access to FHIR resources.
TLS is used to encrypt data in transit and AES to encrypt data at rest.
OpenID Connect is used for authentication and OAuth 2.0 (e.g., SMART on FHIR) for authorisation.
HAPI FHIR Server Version: 8.0.0
FHIR Version: 4.0.1 (R4)
- Developer Documentation
- Administrator Documentation
- Rob Ferguson's blog: Getting Started with HAPI FHIR
- Rob Ferguson's blog: HAPI FHIR and FHIR Implementation Guides
- Rob Ferguson's blog: HAPI FHIR and AU Core Test Data
- Rob Ferguson's blog: Add AuthN to HAPI FHIR with OAuth2 Proxy, Nginx and Keycloak - Part 1
- Rob Ferguson's blog: Add AuthN to HAPI FHIR with OAuth2 Proxy, Nginx and Keycloak - Part 2
- Rob Ferguson's blog: Add AuthN to HAPI FHIR with OAuth2 Proxy, Nginx and Keycloak - Part 3
- Rob Ferguson's blog: Add AuthN to HAPI FHIR with OAuth2 Proxy, Nginx and Keycloak - Part 4
- Rob Ferguson's blog: Add AuthZ to HAPI FHIR - Part 1
- Rob Ferguson's blog: Add AuthZ to HAPI FHIR - Part 2
- Rob Ferguson's blog: Add AuthN to HAPI FHIR with APISIX and Keycloak
- Rob Ferguson's blog: Add support for SMART on FHIR to HAPI FHIR with APISIX and Keycloak
- Rob Ferguson's blog: Getting started with the APISIX authz-keycloak plugin
- Rob Ferguson's blog: Secure HAPI FHIR data in transit
- Rob Ferguson's blog: Secure HAPI FHIR data at rest
- Australian Signals Directorate: Implementing Certificates, TLS, HTTPS and Opportunistic TLS
- Cloudflare docs: Cipher suites recommendations
- IETF: The OAuth 2.0 Authorization Framework
- IETF: OAuth 2.0 Token Exchange
- IETF: The OAuth 2.0 Authorization Framework: Bearer Token Usage
- IETF: Resource Indicators for OAuth 2.0
- IETF: JSON Web Token (JWT)
- IETF: JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens
- IETF: OAuth 2.0 Dynamic Client Registration Protocol
- IETF: OAuth 2.0 for Browser-Based Applications
- Spring docs: Implementation Guidelines for Browser-Based Applications
- HL7: Implementation Guide
- HL7: FHIR NPM Packages
- AU Core: Publication (Version) History
- AU Core FHIR Implementation Guide: AU Core - 1.0.0-preview
- AU Core FHIR Implementation Guide: Testing FAQs
- Sparked AU Core Test Data: Postman collection
- HL7: SMART App Launch
- SMART Health IT: SMART on FHIR
- Google Group: SMART on FHIR
- Project Alvearie: SMART App Launch
- Project Alvearie: Keycloak extensions for FHIR
- Keycloak extensions for FHIR: Upgrade to the Quarkus-based distribution
- Keycloak discussion: Fine grained scope consent management
- Keycloak docs: Configuring Keycloak for production
- Keycloak docs: Configuring TLS
- Keycloak docs: Configuring trusted certificates
- Keycloak docs: Configuring the hostname
- Keycloak docs: Using a reverse proxy
- Keycloak docs: Running Keycloak in a container
- Keycloak docs: Migrating to the Quarkus distribution
- Keycloak docs: Upgrading Guide - 26.1.0
- Keycloak docs: Authorization Services Guide
- GitHub: Keycloak Project Example
- GitHub: Awesome Keycloak
- Google Group: Keycloak User
- Google Group: Keycloak Dev
- APISIX: Documentation
- APISIX docs: Deployment modes
- APISIX docs: SSL Protocol
- APISIX docs: Certificate
- APISIX docs: openid-connect plugin
- APISIX docs: authz-keycloak plugin
- API7 docs: authz-keycloak plugin
- APISIX docs: Code Samples
- Nginx docs: NGINX SSL Termination
- Nginx docs: Authentication Based on Subrequest Result
- OAuth2 Proxy docs: Integration
- OAuth2 Proxy docs: TLS Configuration
- HAPI FHIR: Website
- HAPI FHIR: Documentation
- Google Group: HAPI FHIR
- HL7 Australia: Terminology
- ADHA: National Clinical Terminology Service
- Oracle Health Millennium Platform: Authorization Framework
- Oracle Health Millennium Platform: FHIR R4 APIs
- Smile CDR docs: SMART on FHIR - Introduction
- Smile CDR docs: SMART on FHIR - Supported Scopes
- okta Developer blog: Add Auth to Any App with OAuth2 Proxy
- okta forum: SMART on FHIR wildcard scopes
- GitHub: Okta SMART on FHIR Setup Guide - scopes