Class: Aws::HealthLake::Types::IdentityProviderConfiguration

Inherits:

Struct

• Object
• Struct
• Aws::HealthLake::Types::IdentityProviderConfiguration

Includes:

Structure

Defined in:

lib/aws-sdk-healthlake/types.rb

Overview

The identity provider configuration selected when the data store was created.

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[]

Instance Attribute Summary

• #authorization_strategy ⇒ String

  The authorization strategy selected when the HealthLake data store is created.

• #fine_grained_authorization_enabled ⇒ Boolean

  The parameter to enable SMART on FHIR fine-grained authorization for the data store.

• #idp_lambda_arn ⇒ String

  The Amazon Resource Name (ARN) of the Lambda function to use to decode the access token created by the authorization server.

• #metadata ⇒ String

  The JSON metadata elements to use in your identity provider configuration.

Instance Attribute Details

#authorization_strategy ⇒ String

The authorization strategy selected when the HealthLake data store is created.

<note markdown=“1”> HealthLake provides support for both SMART on FHIR V1 and V2 as described below.

* `SMART_ON_FHIR_V1` – Support for only SMART on FHIR V1, which
 includes `read` (read/search) and `write` (create/update/delete)
 permissions.

• ‘SMART_ON_FHIR` – Support for both SMART on FHIR V1 and V2, which includes `create`, `read`, `update`, `delete`, and `search` permissions.

• ‘AWS_AUTH` – The default HealthLake authorization strategy; not affiliated with SMART on FHIR.

</note>

Returns:

• (String)

# File 'lib/aws-sdk-healthlake/types.rb', line 508

class IdentityProviderConfiguration < Struct.new(
  :authorization_strategy,
  :fine_grained_authorization_enabled,
  :metadata,
  :idp_lambda_arn)
  SENSITIVE = []
  include Aws::Structure
end

#fine_grained_authorization_enabled ⇒ Boolean

The parameter to enable SMART on FHIR fine-grained authorization for the data store.

Returns:

• (Boolean)

# File 'lib/aws-sdk-healthlake/types.rb', line 508

class IdentityProviderConfiguration < Struct.new(
  :authorization_strategy,
  :fine_grained_authorization_enabled,
  :metadata,
  :idp_lambda_arn)
  SENSITIVE = []
  include Aws::Structure
end

#idp_lambda_arn ⇒ String

The Amazon Resource Name (ARN) of the Lambda function to use to decode the access token created by the authorization server.

Returns:

• (String)

# File 'lib/aws-sdk-healthlake/types.rb', line 508

class IdentityProviderConfiguration < Struct.new(
  :authorization_strategy,
  :fine_grained_authorization_enabled,
  :metadata,
  :idp_lambda_arn)
  SENSITIVE = []
  include Aws::Structure
end

#metadata ⇒ String

The JSON metadata elements to use in your identity provider configuration. Required elements are listed based on the launch specification of the SMART application. For more information on all possible elements, see [Metadata] in SMART’s App Launch specification.

‘authorization_endpoint`: The URL to the OAuth2 authorization endpoint.

‘grant_types_supported`: An array of grant types that are supported at the token endpoint. You must provide at least one grant type option. Valid options are `authorization_code` and `client_credentials`.

‘token_endpoint`: The URL to the OAuth2 token endpoint.

‘capabilities`: An array of strings of the SMART capabilities that the authorization server supports.

‘code_challenge_methods_supported`: An array of strings of supported PKCE code challenge methods. You must include the `S256` method in the array of PKCE code challenge methods.

[1]: build.fhir.org/ig/HL7/smart-app-launch/conformance.html#metadata

Returns:

• (String)

# File 'lib/aws-sdk-healthlake/types.rb', line 508

class IdentityProviderConfiguration < Struct.new(
  :authorization_strategy,
  :fine_grained_authorization_enabled,
  :metadata,
  :idp_lambda_arn)
  SENSITIVE = []
  include Aws::Structure
end