FHIR IG analytics
Resources that use this resource
Resources that this resource uses
Narrative
No narrative content found in resource
Source1
{
"derivation": "specialization",
"fhirVersion": "4.3.0",
"name": "Client",
"abstract": false,
"type": "Client",
"resourceType": "StructureDefinition",
"status": "active",
"id": "Client",
"kind": "resource",
"url": "http://health-samurai.io/fhir/core/StructureDefinition/Client",
"version": "0.2601.0",
"differential": {
"element": [
{
"id": "Client",
"path": "Client",
"min": 0,
"max": "*"
},
{
"id": "Client.active",
"path": "Client.active",
"short": "Indicates whether this client is active and can be used for authentication.",
"min": 0,
"max": "1",
"type": [
{
"code": "boolean"
}
]
},
{
"id": "Client._source",
"path": "Client._source",
"short": "System Property. DO NOT USE IT.",
"min": 0,
"max": "1",
"type": [
{
"code": "string"
}
]
},
{
"id": "Client.description",
"path": "Client.description",
"short": "A description of the client application for administrative purposes.",
"min": 0,
"max": "1",
"type": [
{
"code": "string"
}
]
},
{
"id": "Client.secret",
"path": "Client.secret",
"short": "Hashed client secret for authentication.",
"min": 0,
"max": "1",
"extension": [
{
"url": "http://health-samurai.io/fhir/core/StructureDefinition/custom-type",
"valueCode": "sha256Hash"
}
]
},
{
"id": "Client.first_party",
"path": "Client.first_party",
"short": "Indicates whether this is a first-party client.",
"min": 0,
"max": "1",
"type": [
{
"code": "boolean"
}
]
},
{
"id": "Client.trusted",
"path": "Client.trusted",
"short": "Indicates whether this client is trusted and given special privileges.",
"min": 0,
"max": "1",
"type": [
{
"code": "boolean"
}
]
},
{
"id": "Client.scope",
"path": "Client.scope",
"short": "List of scopes this client is authorized to request.",
"min": 0,
"max": "*",
"type": [
{
"code": "string"
}
]
},
{
"id": "Client.type",
"path": "Client.type",
"short": "The type of client application.",
"min": 0,
"max": "1",
"type": [
{
"code": "string"
}
]
},
{
"id": "Client.details",
"path": "Client.details",
"short": "Additional client details or configuration options.",
"min": 0,
"max": "1",
"extension": [
{
"url": "http://health-samurai.io/fhir/core/StructureDefinition/additional-properties-custom-type",
"valueCode": "any"
}
]
},
{
"id": "Client.name",
"path": "Client.name",
"short": "Human-readable name of the client application.",
"min": 0,
"max": "1",
"type": [
{
"code": "string"
}
]
},
{
"id": "Client.smart",
"path": "Client.smart",
"short": "SMART on FHIR configuration for this client.",
"min": 0,
"max": "1",
"type": [
{
"code": "BackboneElement"
}
]
},
{
"id": "Client.smart.launch_uri",
"path": "Client.smart.launch_uri",
"short": "URI to launch the SMART app.",
"min": 0,
"max": "1",
"type": [
{
"code": "string"
}
]
},
{
"id": "Client.smart.name",
"path": "Client.smart.name",
"short": "Name of the SMART app.",
"min": 0,
"max": "1",
"type": [
{
"code": "string"
}
]
},
{
"id": "Client.smart.description",
"path": "Client.smart.description",
"short": "Description of the SMART app.",
"min": 0,
"max": "1",
"type": [
{
"code": "string"
}
]
},
{
"id": "Client.fhir-base-url",
"path": "Client.fhir-base-url",
"short": "Base URL of the FHIR server this client interacts with.",
"min": 0,
"max": "1",
"type": [
{
"code": "string"
}
]
},
{
"id": "Client.allowed-scopes",
"path": "Client.allowed-scopes",
"short": "References to specific Scope resources this client is allowed to request.",
"min": 0,
"max": "*",
"type": [
{
"code": "Reference",
"targetProfile": [
"http://health-samurai.io/fhir/core/StructureDefinition/Scope"
]
}
]
},
{
"id": "Client.allowedIssuers",
"path": "Client.allowedIssuers",
"short": "List of authorized token issuers for this client.",
"min": 0,
"max": "*",
"type": [
{
"code": "string"
}
]
},
{
"id": "Client.grant_types",
"path": "Client.grant_types",
"short": "OAuth 2.0 grant types this client is authorized to use.",
"min": 0,
"max": "*",
"type": [
{
"code": "string"
}
],
"constraint": [
{
"key": "enum-1152",
"severity": "error",
"human": "Grant type must be one of: basic, authorization_code, code, password, client_credentials, implicit, refresh_token, urn:ietf:params:oauth:grant-type:token-exchange",
"expression": "%context.subsetOf('basic' | 'authorization_code' | 'code' | 'password' | 'client_credentials' | 'implicit' | 'refresh_token' | 'urn:ietf:params:oauth:grant-type:token-exchange')"
}
]
},
{
"id": "Client.allowed_origins",
"path": "Client.allowed_origins",
"short": "Allowed Origins are URLs that will be allowed to make requests.",
"min": 0,
"max": "*",
"type": [
{
"code": "uri"
}
]
},
{
"id": "Client.scopes",
"path": "Client.scopes",
"short": "Detailed scope configurations with associated policies.",
"min": 0,
"max": "*",
"type": [
{
"code": "BackboneElement"
}
]
},
{
"id": "Client.scopes.policy",
"path": "Client.scopes.policy",
"short": "Reference to an AccessPolicy resource for this scope.",
"min": 0,
"max": "1",
"type": [
{
"code": "Reference",
"targetProfile": [
"http://health-samurai.io/fhir/core/StructureDefinition/AccessPolicy"
]
}
]
},
{
"id": "Client.scopes.parameters",
"path": "Client.scopes.parameters",
"short": "Parameters to be applied with the scope's policy.",
"min": 0,
"max": "1",
"extension": [
{
"url": "http://health-samurai.io/fhir/core/StructureDefinition/additional-properties-custom-type",
"valueCode": "any"
}
]
},
{
"id": "Client.jwks",
"path": "Client.jwks",
"short": "JSON Web Key Set for client authentication and/or verification.",
"min": 0,
"max": "*",
"type": [
{
"code": "BackboneElement"
}
]
},
{
"id": "Client.jwks.kid",
"path": "Client.jwks.kid",
"short": "Key ID that identifies this key.",
"min": 0,
"max": "1",
"type": [
{
"code": "string"
}
]
},
{
"id": "Client.jwks.kty",
"path": "Client.jwks.kty",
"short": "Key type.",
"min": 0,
"max": "1",
"type": [
{
"code": "string"
}
],
"constraint": [
{
"key": "enum-1150",
"severity": "error",
"human": "Key type must be RSA",
"expression": "%context.subsetOf('RSA')"
}
]
},
{
"id": "Client.jwks.alg",
"path": "Client.jwks.alg",
"short": "Algorithm used with this key.",
"min": 0,
"max": "1",
"type": [
{
"code": "string"
}
],
"constraint": [
{
"key": "enum-1151",
"severity": "error",
"human": "Algorithm must be RS384",
"expression": "%context.subsetOf('RS384')"
}
]
},
{
"id": "Client.jwks.e",
"path": "Client.jwks.e",
"short": "Exponent value for RSA key.",
"min": 0,
"max": "1",
"type": [
{
"code": "string"
}
]
},
{
"id": "Client.jwks.n",
"path": "Client.jwks.n",
"short": "Modulus value for RSA key.",
"min": 0,
"max": "1",
"type": [
{
"code": "string"
}
]
},
{
"id": "Client.jwks.use",
"path": "Client.jwks.use",
"short": "Key usage.",
"min": 0,
"max": "1",
"type": [
{
"code": "string"
}
],
"constraint": [
{
"key": "enum-1149",
"severity": "error",
"human": "Use must be sig",
"expression": "%context.subsetOf('sig')"
}
]
},
{
"id": "Client.jwks_uri",
"path": "Client.jwks_uri",
"short": "URI where the client's JSON Web Key Set can be retrieved.",
"min": 0,
"max": "1",
"type": [
{
"code": "url"
}
]
},
{
"id": "Client.auth",
"path": "Client.auth",
"short": "Authentication configuration for different OAuth flows.",
"min": 0,
"max": "1",
"type": [
{
"code": "BackboneElement"
}
]
},
{
"id": "Client.auth.client_credentials",
"path": "Client.auth.client_credentials",
"short": "Configuration for the client credentials grant type.",
"min": 0,
"max": "1",
"type": [
{
"code": "BackboneElement"
}
]
},
{
"id": "Client.auth.client_credentials.token_format",
"path": "Client.auth.client_credentials.token_format",
"short": "Format of the access token.",
"min": 0,
"max": "1",
"type": [
{
"code": "string"
}
],
"constraint": [
{
"key": "enum-client_credentials_token_format",
"severity": "error",
"human": "Token format must be jwt",
"expression": "%context.subsetOf('jwt')"
}
]
},
{
"id": "Client.auth.client_credentials.access_token_expiration",
"path": "Client.auth.client_credentials.access_token_expiration",
"short": "Expiration time for access tokens in seconds.",
"min": 0,
"max": "1",
"type": [
{
"code": "integer"
}
]
},
{
"id": "Client.auth.client_credentials.refresh_token_expiration",
"path": "Client.auth.client_credentials.refresh_token_expiration",
"short": "Expiration time for refresh tokens in seconds.",
"min": 0,
"max": "1",
"type": [
{
"code": "integer"
}
]
},
{
"id": "Client.auth.client_credentials.audience",
"path": "Client.auth.client_credentials.audience",
"short": "Intended audience for issued tokens.",
"min": 0,
"max": "*",
"type": [
{
"code": "string"
}
]
},
{
"id": "Client.auth.client_credentials.refresh_token",
"path": "Client.auth.client_credentials.refresh_token",
"short": "Whether to issue refresh tokens with this grant type.",
"min": 0,
"max": "1",
"type": [
{
"code": "boolean"
}
]
},
{
"id": "Client.auth.client_credentials.client_assertion_types",
"path": "Client.auth.client_credentials.client_assertion_types",
"short": "Supported client assertion types.",
"min": 0,
"max": "*",
"type": [
{
"code": "string"
}
],
"constraint": [
{
"key": "enum-1153",
"severity": "error",
"human": "Client assertion type must be urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
"expression": "%context.subsetOf('urn:ietf:params:oauth:client-assertion-type:jwt-bearer')"
}
]
},
{
"id": "Client.auth.authorization_code",
"path": "Client.auth.authorization_code",
"short": "Configuration for the authorization code grant type.",
"min": 0,
"max": "1",
"type": [
{
"code": "BackboneElement"
}
]
},
{
"id": "Client.auth.authorization_code.token_format",
"path": "Client.auth.authorization_code.token_format",
"short": "Format of the access token.",
"min": 0,
"max": "1",
"type": [
{
"code": "string"
}
],
"constraint": [
{
"key": "enum-1556",
"severity": "error",
"human": "Token format must be jwt",
"expression": "%context.subsetOf('jwt')"
}
]
},
{
"id": "Client.auth.authorization_code.audience",
"path": "Client.auth.authorization_code.audience",
"short": "Intended audience for issued tokens.",
"min": 0,
"max": "*",
"type": [
{
"code": "string"
}
]
},
{
"id": "Client.auth.authorization_code.secret_required",
"path": "Client.auth.authorization_code.secret_required",
"short": "Whether client secret is required for token exchange.",
"min": 0,
"max": "1",
"type": [
{
"code": "boolean"
}
]
},
{
"id": "Client.auth.authorization_code.pkce",
"path": "Client.auth.authorization_code.pkce",
"short": "Whether PKCE (Proof Key for Code Exchange) is required.",
"min": 0,
"max": "1",
"type": [
{
"code": "boolean"
}
]
},
{
"id": "Client.auth.authorization_code.redirect_uri",
"path": "Client.auth.authorization_code.redirect_uri",
"short": "Redirect URI for the authorization code flow.",
"min": 0,
"max": "1",
"type": [
{
"code": "url"
}
]
},
{
"id": "Client.auth.authorization_code.access_token_expiration",
"path": "Client.auth.authorization_code.access_token_expiration",
"short": "Expiration time for access tokens in seconds.",
"min": 0,
"max": "1",
"type": [
{
"code": "integer"
}
]
},
{
"id": "Client.auth.authorization_code.refresh_token_expiration",
"path": "Client.auth.authorization_code.refresh_token_expiration",
"short": "Expiration time for refresh tokens in seconds.",
"min": 0,
"max": "1",
"type": [
{
"code": "integer"
}
]
},
{
"id": "Client.auth.authorization_code.refresh_token",
"path": "Client.auth.authorization_code.refresh_token",
"short": "Whether to issue refresh tokens with this grant type.",
"min": 0,
"max": "1",
"type": [
{
"code": "boolean"
}
]
},
{
"id": "Client.auth.authorization_code.client_assertion_types",
"path": "Client.auth.authorization_code.client_assertion_types",
"short": "Supported client assertion types.",
"min": 0,
"max": "*",
"type": [
{
"code": "string"
}
],
"constraint": [
{
"key": "enum-1153",
"severity": "error",
"human": "Client assertion type must be urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
"expression": "%context.subsetOf('urn:ietf:params:oauth:client-assertion-type:jwt-bearer')"
}
]
},
{
"id": "Client.auth.authorization_code.default_identity_provider",
"path": "Client.auth.authorization_code.default_identity_provider",
"short": "Default IdentityProvider that will be used instead of Aidbox login.",
"min": 0,
"max": "1",
"type": [
{
"code": "Reference",
"targetProfile": [
"http://health-samurai.io/fhir/core/StructureDefinition/IdentityProvider"
]
}
]
},
{
"id": "Client.auth.password",
"path": "Client.auth.password",
"short": "Configuration for the password grant type.",
"min": 0,
"max": "1",
"type": [
{
"code": "BackboneElement"
}
]
},
{
"id": "Client.auth.password.secret_required",
"path": "Client.auth.password.secret_required",
"short": "Whether client secret is required for password grant.",
"min": 0,
"max": "1",
"type": [
{
"code": "boolean"
}
]
},
{
"id": "Client.auth.password.audience",
"path": "Client.auth.password.audience",
"short": "Intended audience for issued tokens.",
"min": 0,
"max": "*",
"type": [
{
"code": "string"
}
]
},
{
"id": "Client.auth.password.refresh_token",
"path": "Client.auth.password.refresh_token",
"short": "Whether to issue refresh tokens with this grant type.",
"min": 0,
"max": "1",
"type": [
{
"code": "boolean"
}
]
},
{
"id": "Client.auth.password.redirect_uri",
"path": "Client.auth.password.redirect_uri",
"short": "If present, turn on redirect protection",
"min": 0,
"max": "1",
"type": [
{
"code": "url"
}
]
},
{
"id": "Client.auth.password.token_format",
"path": "Client.auth.password.token_format",
"short": "Format of the access token.",
"min": 0,
"max": "1",
"type": [
{
"code": "string"
}
],
"constraint": [
{
"key": "enum-1155",
"severity": "error",
"human": "Token format must be jwt",
"expression": "%context.subsetOf('jwt')"
}
]
},
{
"id": "Client.auth.password.access_token_expiration",
"path": "Client.auth.password.access_token_expiration",
"short": "Expiration time for access tokens in seconds.",
"min": 0,
"max": "1",
"type": [
{
"code": "integer"
}
]
},
{
"id": "Client.auth.password.refresh_token_expiration",
"path": "Client.auth.password.refresh_token_expiration",
"short": "Expiration time for refresh tokens in seconds.",
"min": 0,
"max": "1",
"type": [
{
"code": "integer"
}
]
},
{
"id": "Client.auth.implicit",
"path": "Client.auth.implicit",
"short": "Configuration for the implicit grant type.",
"min": 0,
"max": "1",
"type": [
{
"code": "BackboneElement"
}
]
},
{
"id": "Client.auth.implicit.redirect_uri",
"path": "Client.auth.implicit.redirect_uri",
"short": "Redirect URI for the implicit flow.",
"min": 0,
"max": "1",
"type": [
{
"code": "url"
}
]
},
{
"id": "Client.auth.implicit.token_format",
"path": "Client.auth.implicit.token_format",
"short": "Format of the access token.",
"min": 0,
"max": "1",
"type": [
{
"code": "string"
}
],
"constraint": [
{
"key": "enum-1154",
"severity": "error",
"human": "Token format must be jwt",
"expression": "%context.subsetOf('jwt')"
}
]
},
{
"id": "Client.auth.implicit.audience",
"path": "Client.auth.implicit.audience",
"short": "Intended audience for issued tokens.",
"min": 0,
"max": "*",
"type": [
{
"code": "string"
}
]
},
{
"id": "Client.auth.implicit.access_token_expiration",
"path": "Client.auth.implicit.access_token_expiration",
"short": "Expiration time for access tokens in seconds.",
"min": 0,
"max": "1",
"type": [
{
"code": "integer"
}
]
},
{
"id": "Client.auth.token_exchange",
"path": "Client.auth.token_exchange",
"short": "Configuration for the token exchange grant type.",
"min": 0,
"max": "1",
"type": [
{
"code": "BackboneElement"
}
]
},
{
"id": "Client.auth.token_exchange.token_format",
"path": "Client.auth.token_exchange.token_format",
"short": "Format of the access token.",
"min": 0,
"max": "1",
"type": [
{
"code": "string"
}
],
"constraint": [
{
"key": "enum-1557",
"severity": "error",
"human": "Token format must be jwt",
"expression": "%context.subsetOf('jwt')"
}
]
},
{
"id": "Client.auth.token_exchange.access_token_expiration",
"path": "Client.auth.token_exchange.access_token_expiration",
"short": "Expiration time for access tokens in seconds.",
"min": 0,
"max": "1",
"type": [
{
"code": "integer"
}
]
},
{
"id": "Client.auth.token_exchange.refresh_token_expiration",
"path": "Client.auth.token_exchange.refresh_token_expiration",
"short": "Expiration time for refresh tokens in seconds.",
"min": 0,
"max": "1",
"type": [
{
"code": "integer"
}
]
},
{
"id": "Client.auth.token_exchange.audience",
"path": "Client.auth.token_exchange.audience",
"short": "Intended audience for issued tokens.",
"min": 0,
"max": "*",
"type": [
{
"code": "string"
}
]
},
{
"id": "Client.auth.token_exchange.refresh_token",
"path": "Client.auth.token_exchange.refresh_token",
"short": "Whether to issue refresh tokens with this grant type.",
"min": 0,
"max": "1",
"type": [
{
"code": "boolean"
}
]
}
]
},
"baseDefinition": "http://hl7.org/fhir/StructureDefinition/DomainResource"
}
FHIR
FHIRsmith