Stream: connectathon mgmt
Topic: Cross Organization Application Access
Julie Maas (May 04 2019 at 13:25):
Kicking off connectathon 21 at table 22. Stop by and say hello!
Grahame Grieve (May 04 2019 at 14:57):
@Luis Maas what's your server?
Julie Maas (May 04 2019 at 15:17):
Breakout session on dynamic client registration tech/policy beginning now in Salon 1, just below the connectathon room.
Julie Maas (May 04 2019 at 17:13):
Here is a Google Doc from our earlier breakout session: https://docs.google.com/document/d/1GNUM3VcImYPwYTtn9mvoBmkoDbztVjOMAOXLyXaTeJE
Grahame Grieve (May 04 2019 at 17:14):
@Luis Maas :
Grahame Grieve (May 04 2019 at 17:14):
---------------------------
Debugger Exception Notification
---------------------------
Project notepad++.exe raised exception class EFHIRException with message 'HTTP/1.1 400 Bad Request : <OperationOutcome xmlns="http://hl7.org/fhir">
<issue>
<severity value="error"/>
<code value="processing"/>
<diagnostics value="This is the base URL of FHIR server. Unable to handle this request, as it does not contain a resource type or operation name."/>
</issue>
</OperationOutcome>'.
---------------------------
Break Continue Help
---------------------------
Julie Maas (May 04 2019 at 17:14):
EMR Direct Stage Server https://stage.healthtogo.me:8181/fhir-server-stu3/stage
Grahame Grieve (May 04 2019 at 17:15):
no my mistake
Grahame Grieve (May 04 2019 at 17:30):
Debugger Exception Notification
Project notepad++.exe raised exception class EFHIRException with message 'HTTP/1.1 400 Bad Request : {"error":"invalid_redirect_uri","error_description":"The value of one or more redirection URIs is invalid."}'.
Break Continue Help
Grahame Grieve (May 04 2019 at 17:31):
{
"client_name" : "edtName",
"client_uri" : "Edit1",
"grant_types" : "authorization_code",
"logo_uri" : "Edit1",
"redirect_uris" : [
"http://localhost:9090/done"
],
"response_types" : "code",
"token_endpoint_auth_method" : "client_secret_basic"
}```
Grahame Grieve (May 04 2019 at 17:34):
so adding https:// ...
Grahame Grieve (May 04 2019 at 17:34):
[Window Title]
notepad++
[Content]
HTTP/1.1 400 Bad Request : {"error":"invalid_client_metadata","error_description":"Client registration metadata malformed or invalid."}
[OK]
Julie Maas (May 04 2019 at 17:38):
Also we really like arrays...
Luis Maas (May 04 2019 at 17:38):
response_types, grant_types need to be arrays
Julie Maas (May 04 2019 at 17:58):
We've had our first registration of the day...
Julie Maas (May 04 2019 at 17:58):
Thanks @Grahame Grieve for testing!
Grahame Grieve (May 04 2019 at 18:03):
;-)
Julie Maas (May 04 2019 at 19:11):
Here is a recent blog post with some more information about the items we are looking at in the cross organizational app registration track: https://www.linkedin.com/pulse/where-api-express-lanes-julie-maas/
Julie Maas (May 04 2019 at 19:35):
(deleted)
Grahame Grieve (May 04 2019 at 20:05):
@Luis Maas try my server again
Luis Maas (May 04 2019 at 20:12):
Re register endpoint in metadata, expecting valueUri but getting valueString
Julie Maas (May 05 2019 at 13:16):
Meeting in Salon 6 at 10 am today for a breakout to discuss ecosystem identities in addition to client--server, user, patient matching.
Grahame Grieve (May 05 2019 at 14:07):
@Luis Maas try again
Julie Maas (May 05 2019 at 14:16):
We are getting started a few minutes late in Salon 6 for ecosystem identity (client, server, user, patient matching) discussion for anyone who would like to join. On the same floor as the connectathon.
Julie Maas (May 05 2019 at 15:22):
Good conversation today about app registration and identity in the breakout session -- notes here; comments welcome https://docs.google.com/document/d/1GNUM3VcImYPwYTtn9mvoBmkoDbztVjOMAOXLyXaTeJE
Luis Maas (May 05 2019 at 15:30):
@Grahame Grieve got an id and secret :) note the server should return 201 Created for success (getting 200), few other comments for you
Grahame Grieve (May 05 2019 at 15:32):
ok what other comments? I'll return a 201 after next upgrade
Luis Maas (May 05 2019 at 15:39):
response must include the registration parameters as accepted by server, including any fields that were added or modified by server.
grant_types is optional, defaults to ["authorization_code"] if absent.
response_types is optional, defaults to ["code"] if absent.
server rejected grant_types = ["authorization_code","refresh_token"] with error saying only one value allowed.
Luis Maas (May 05 2019 at 15:42):
to last one, obviously it is not required that you allow refresh_token to dcr clients, comment is about the error suggesting the array could not have more than one string.
Grahame Grieve (May 05 2019 at 15:58):
ok thx
Julie Maas (Sep 07 2019 at 01:53):
We'll be using this stream again for the upcoming track. In preparation for the connectathon track next week, please let me know of any questions or clarifications needed, or if your organization should be added to the track page or its server list here: https://confluence.hl7.org/display/FHIR/2019-09+Cross+Organization+Application+Access
Julie Maas (Sep 14 2019 at 13:21):
Cross Organization Application Access is at table 32 this time. When facing the stage, that's at the far right of the room. Please stop by or join our breakout session at 11am in M 103
Julie Maas (Sep 14 2019 at 13:26):
Just kidding! We've been moved to table 22. see you there!
Andrei Zudin (Sep 14 2019 at 14:23):
<address value="https://dev-gwt.healthgorilla.com/fhir/Patient"/>
<payloadMimeType value="text/xml"/>
<payloadType>
<coding>
<system value="urn:oid:1.3.6.1.4.1.19376.1.2.3"/>
<code value=""/>
</coding>
</payloadType>
<extension url="https://sequoiaproject.org/StructureDefinition/Endpoint/main/1.0.0">
<extension url="Transaction">
<valueString value="FHIR PATIENT"/>
</extension>
....
Andrei Zudin (Sep 14 2019 at 14:26):
this is what we are planning to publish to connectathon directory to advertise our FHIR end point
Max Philips (Sep 14 2019 at 14:37):
Notes on consuming Cerner's connectathon server https://github.com/MaxPhilips/wgm_notes/blob/sep_2019/carequality/test_server_faq.md
Andrei Zudin (Sep 14 2019 at 16:32):
Published our organization to test directory: https://connect.carequality.org/fhir-stu3/1.0.1/Organization/?apikey=<removed>&_format=xml&_count=5&_identifier=urn:oid:1.3.6.1.4.1.52618.99999
Julie Maas (Sep 14 2019 at 18:08):
We'll be regrouping tomorrow at 10am in a suite. Please ping me for room #.
Max Philips (Sep 14 2019 at 18:53):
Here's Cerner's organization in the test directory: https://connect.carequality.org:443/fhir-stu3/1.0.1/Organization?apikey=<key>&_format=xml&_id=2.16.840.1.113883.3.13.1
I'm still trying to get the contained Endpoints updated to reflect authorization and Patient URLs. Getting "Failed to parse request body as XML resource because in your request body, some of endpoints have invalid display name." for everything I've tried so far
Max Philips (Sep 14 2019 at 19:38):
Got Cerner's test directory entry updated so the Authorization and Patient URLs are available there
Andrei Zudin (Sep 15 2019 at 16:44):
Authorization end point for Health Gorilla: https://tls.dev-gwt.healthgorilla.com/oauth/token
clientId is dtYGf4DJw6k8mu2J3xMwMSqHjmKN3Zwv3h96XuCq
And you can retrieve patient with id 825b7e5de84449b7340fc877
Andrei Zudin (Sep 15 2019 at 17:01):
Response for patients query from EMR Direct
{
"resourceType": "Bundle",
"id": "1fb0d2ef-1759-4018-bd3c-1fb1b15aec05",
"meta": {
"lastUpdated": "2019-09-15T09:58:47.928-07:00"
},
"type": "searchset",
"total": 1,
"link": [
{
"relation": "self",
"url": "https://stage.healthtogo.me:8181/fhir-server-stu3/stage/Patient?given=A"
}
],
"entry": [
{
"fullUrl": "https://stage.healthtogo.me:8181/fhir-server-stu3/stage/Patient/1001",
"resource": {
"resourceType": "Patient",
"id": "1001",
"extension": [
{
"url": "http://hl7.org/fhir/StructureDefinition/us-core-race",
"valueCodeableConcept": {
"coding": [
{
"system": "http://hl7.org/fhir/v3/Race",
"code": "2106-3",
"display": "White"
},
{
"system": "http://hl7.org/fhir/v3/Race",
"code": "2108-9",
"display": "White European"
}
]
}
},
{
"url": "http://hl7.org/fhir/StructureDefinition/us-core-ethnicity",
"valueCodeableConcept": {
"coding": [
{
"system": "http://hl7.org/fhir/v3/Ethnicity",
"code": "2186-5",
"display": "Not Hispanic or Latino"
}
]
}
}
],
"name": [
{
"family": [
"Newman"
],
"given": [
"Alice",
"Jones"
]
}
],
"gender": "female",
"birthDate": "1970-05-01",
"communication": [
{
"language": {
"coding": [
{
"system": "urn:ietf:bcp:47",
"code": "en-US"
}
]
},
"preferred": true
}
]
}
}
]
}
Isaac Vetter (Sep 15 2019 at 17:14):
Hey @Julie Maas , is the breakout happening in room m101 right now? @Chris Grenz
Julie Maas (Sep 15 2019 at 17:15):
did you need the room or would you like to discuss the topic?
Julie Maas (Sep 15 2019 at 17:15):
We actually met a little earlier but can join you now also; I will head over
Isaac Vetter (Sep 15 2019 at 17:16):
Hey Julie, just wanted to listen in (you've got 3 other in the room), it might make sense to cancel.
Julie Maas (Apr 23 2020 at 16:52):
Getting ready to discuss the upcoming May virtual connectathon here; see this link for track details: https://confluence.hl7.org/display/FHIR/2020-05+Cross+Organization+Application+Access
Julie Maas (May 12 2020 at 16:01):
Just a reminder to register for the connectathon if you haven't already, and to please complete the connectathon survey Sandy sent out: https://www.surveymonkey.com/r/HNQ96MY
Julie Maas (May 12 2020 at 18:05):
I've added a server to the track page. If you have a server or client to add there and/or to conman please do so, or let me know if I can help with that. Anyone requiring a certificate can register for a complimentary UDAP test certificate at https://www.emrdirect.com/subscribe-developer. Also, if you would like to participate in a 15 minute demo for participants from other tracks who might like to stop in to our Zoom for that, please let me know & I will send you more details. Talk with you tomorrow!
Julie Maas (May 12 2020 at 18:41):
Conman link: http://conman.clinfhir.com/connectathon.html?event=hl7online
David Hay (May 12 2020 at 18:44):
And a reminder to "@ copy" me if you have any issues with conman!
Max Philips (May 14 2020 at 13:53):
Cerner's server information for the virtual connectathon: https://github.com/MaxPhilips/wgm_notes/blob/may_2020/carequality/test_server_faq.md
Will add the information to the wiki as well.
Max Philips (May 14 2020 at 13:59):
Actually looks like I don't have a Confluence account - @Julie Maas could you update the track wiki to add:
Cerner Connectathon Server | https://fhir-ehr.stagingcerner.com/beta/0b8a0111-e8e6-4c26-a91c-5069cbc6b1ca/ | 1
Julie Maas (May 14 2020 at 14:09):
Max did you want to label with a scenario or "Trusted DCR"?
Job Schipper (May 14 2020 at 14:22):
@Julie Maas I'm sorry but we (Medicore) decided to switch to another track. Your context of the model driving the implementation (in the US) was very clear, and now that I have a better view of what the track is about it has become clear that it is a lot less applicable to our situation as we expected. Good luck!
Julie Maas (May 14 2020 at 15:03):
Thank you for letting me know (sorry to hear this!). I hope we can catch up another time--it sounds like pieces of this would be useful to the issuing authority in being sure that the approved app is the one being used. Please do check back as we hope to be adding some tutorial information that makes the track easier to step into also!
Julie Maas (May 14 2020 at 16:30):
We had a brief check-in for this track just now and here are the other times we'll be checking in over the next few days, in case you can join us:
4pm Eastern Thursday (+ deep dive discussion/identify breakout topics of interest)
2pm Eastern Friday (submit any report out data then or prior),
5pm Eastern Friday (additional info and general wrap up)
Thanks!
Julie Maas (May 14 2020 at 20:00):
We're going to begin our next check-in & go into a Q&A afterward if anyone would like to join Cross Org App Access starting momentarily.
Max Philips (May 14 2020 at 23:03):
I have some fixes prepared for the issues Luis ran into with Cerner's connectathon server while testing today. Unfortunately Cerner is still experiencing some infrastructure issues and I am unable to deploy them - I will keep everyone updated when they become available
I am going to take a quick shot at scenario 1 using EMRDirect's server with my own 'client', will update in a few minutes how that goes
I mentioned earlier today that I would be unavailable tomorrow before 1 central. I apologize but my plans have shifted and now my afternoon tomorrow looks busy while I should be available in the morning
Max Philips (May 14 2020 at 23:27):
Was able to successfully perform DCR against EMRDirect's server - wrote up some notes here: https://github.com/MaxPhilips/wgm_notes/blob/may_2020/carequality/cerner_client_emrdirect_server.md
Max Philips (May 15 2020 at 04:21):
Got the fixes mentioned above deployed, Cerner's test server should now:
- allow client assertion JWTs without typ header set
- no longer throw errors about invalid Content-Type (I updated my test_server_faq document to reflect the fact that application/json should be used when POSTing to /register per UDAP)
Julie Maas (May 15 2020 at 13:03):
Thanks for that information, Max. It sounds like you have a successful test to register in conman, then. If you'd like me to add that, just please tell me what you would like to name the Cerner Client.
Julie Maas (May 15 2020 at 13:04):
Max, thanks for these great Github notes. Anyone who's interested in following along or trying their own testing may want to check those out for additional perspective.
Max Philips (May 15 2020 at 13:09):
I am poking around unsuccessfully in conman - can you direct me to the spot I need to go to register?
Julie Maas (May 15 2020 at 13:12):
I'm not sure of the interaction to point you to but it's basically just adding your own name in order to "register" yourself if that helps
Julie Maas (May 15 2020 at 13:13):
If you go to the People tab you should be able to "Register New Person"
Julie Maas (May 15 2020 at 13:13):
From a link in the top right of the table
Max Philips (May 15 2020 at 13:13):
I did sign myself in to conman for this connectathon. I see that it does say 2 successful tests are recorded for the track. I'll get Cerner's client registered and see what happens :)
Julie Maas (May 15 2020 at 13:14):
OK from that point you should be able to include it on the Technical Testing page.
Max Philips (May 15 2020 at 13:18):
Yep I think I got it figured out now!
Julie Maas (May 15 2020 at 13:56):
Yep that looks right, thanks for completing roundtrip testing with us!
Max Philips (May 15 2020 at 16:54):
xposting from Zoom, I need to step away again, I apologize for my limited availability today. I am planning to be back for the wrap up at 4pm eastern
Julie Maas (May 15 2020 at 17:00):
Thx--did you have anything specific you'd like to add to the report out, Max? Is it OK if I add the 2 GitHub links you shared?
Julie Maas (May 15 2020 at 18:00):
We are going to be having our check-in now, if anyone would like to join!
Julie Maas (May 15 2020 at 18:54):
Hey Max, tried to send you something with purpose in it...let me know if you have a chance to discuss. Thanks!
Max Philips (May 15 2020 at 19:53):
Yep, adding those github links would be great from my side Julie
Max Philips (May 15 2020 at 19:53):
I'm available to discuss now
Julie Maas (May 15 2020 at 22:54):
Thanks everyone for supporting this work! See you next time :)
Julie Maas (Sep 09 2020 at 20:29):
Welcome to Connectathon 25! Track link for this connectathon is: https://confluence.hl7.org/display/FHIR/2020-09+Cross+Organization+Application+Access. Please reply to this message or contact me directly if you have a preference on when we might have a UDAP overview / Q&A breakout session...likely to offer either Thursday late in the day or Friday morning, depending on demand.
Bill Lober (Sep 09 2020 at 20:39):
OK - reposting here. If we're encouraged to use fhir.chat.org for chat, are we supposed to create a stream for our tracks? Were those already created? How are they named? (Public Health/Opioids)
I did see an email w/ Zoom links - but didn't look closely. Might have been there? Or, should we use Whova chat? (I started that approach here: https://whova.com/portal/webapp/hlfhi_202009/Agenda/1212537/)
Thanks.
Bill Lober (Sep 09 2020 at 20:44):
no need to answer - this was picked up in the Whova Kickoff Chat
Julie Maas (Sep 09 2020 at 20:59):
@Bill Lober you would want to look one level up from this track stream to see if a stream for your track exists yet.
Julie Maas (Sep 11 2020 at 14:49):
We're going to be having a UDAP overview and Q&A at 1pm Eastern today, for those who would like to attend. Additional track info here: http://bit.ly/cross-org-access-25
Ezequiel Morales (Sep 22 2020 at 14:54):
Hello Julie. Ezequiel Morales with Cigna. Where can I access the UDAP overview and QA? I'm new to Zulip.Let me know please. Thx.
Julie Maas (Oct 28 2020 at 20:50):
@Ezequiel Morales Sorry I missed this. That was a live session, but we've since posted a lot of additional materials at UDAP.org (in the "LEARN MORE ABOUT UDAP" section if you scroll down to that), a link to register to obtain a UDAP certificate and access to the UDAP Test Tool, and there is also a UDAP Google Group you're welcome to join: https://groups.google.com/g/udap-discuss Happy to also answer questions about UDAP here.
Ezequiel Morales (Oct 28 2020 at 21:33):
Thank you Julie. Will check it out.
Julie Maas (Jan 05 2021 at 21:58):
Find the track description for next week including worksheet for listing servers here: https://confluence.hl7.org/display/FHIR/2021-01+Cross+Organization+Application+Access
Looking forward to testing with you!
Vivek (Jan 12 2021 at 06:28):
Hello Julie.. None of the servers listed in the ppt are available
Julie Maas (Jan 13 2021 at 18:40):
Thanks! Just saw this, I will check that now. Updating: the EMR Direct stage server is ready for connectathon use now. The Cerner one on that list was from a previous connectathon so I updated that entry to Pending to be consistent with their UDAP Implementers sheet entry. @Didi Davis or someone else, do you know if the Carequality directory server will be available for testing again at this connectathon? For now I've removed that one from the list but can add back when you confirm. Thanks all!
Didi Davis (Jan 13 2021 at 20:07):
Hello @Julie Maas , @Bill Mehegan should be able to confirm if the directory server will be available. He is managing the Carequality participation.
Bill Mehegan (Jan 13 2021 at 21:05):
@Julie Maas @Didi Davis The Carequality Directory server used for previous Connectathons is available.
Julie - In fact, I was going to reach out to you/Luis to see if we could perhaps have folks utilize your Dynamic Registration Server to allow others who were interested in participating using our FHIR IG. I am unsure if anyone else had this set up from the server side, only the client side....
Vivek (Jan 13 2021 at 21:47):
This works https://stage.healthtogo.me:8181/fhir/r4/stage/metadata
Vivek (Jan 13 2021 at 21:48):
Do we have a postman collection from previous Connectathon for a kick start?
Julie Maas (Jan 13 2021 at 21:54):
Thanks @Bill Mehegan yes that server is available for testing again.
Julie Maas (Jan 13 2021 at 21:57):
@Vivek not that I am aware of, other than slide 13 from https://bit.ly/coaa-track-slides which contains some helpful Cerner notes they posted on GitHub.
Julie Maas (Jan 14 2021 at 00:45):
@Bill Mehegan let me know if I can reach out to anyone specifically about cross testing--or you can share this sheet: https://docs.google.com/spreadsheets/d/1awkXXQaeuRv5ysLo8R6f1fpfBlpTJGfSPK4xRjsai7M
I've also added our server to the FHIR Test Server page here: https://confluence.hl7.org/display/FHIR/Test+Servers
Vivek (Jan 14 2021 at 13:00):
The URIs dont seem to be updated in the CapabilityStatement
"url": "token",
"valueUri": "https://stage.healthtogo.me:8181/oauth/stage/token"
},
{
"url": "authorize",
"valueUri": "https://stage.healthtogo.me:8181/oauth/stage/authz"
},
{
"url": "register",
"valueUri": "https://stage.healthtogo.me:8181/oauth/stage/register"
Julie Maas (Jan 14 2021 at 15:26):
@Vivek there is no issue with the CapabilityStatement; those are the correct OAuth 2.0 endpoints.
Sandy Vance (Jan 14 2021 at 15:30):
Julie Maas said:
Vivek there is no issue with the CapabilityStatement; those are the correct OAuth 2.0 endpoints.
Hey Julie - can we get these end points listed with the test servers so that the capability statements can be surveyed by Lantern? You can add them here : https://confluence.hl7.org/display/FHIR/Test+Servers
Julie Maas (Jan 14 2021 at 15:35):
Hey @Sandra Vance, yes the server URI was posted there yesterday. It's also registered in ConMan already. Do you not see it for some reason?
Julie Maas (Jan 14 2021 at 20:05):
We are back from the Da Vinci Patient Access API talk (https://whova.com/portal/webapp/hlsfh_202101/Agenda/1439688/) if anyone would like to talk on the live meeting. I will be there for the next 30 minutes. Then there is a UDAP Developer Resources Deep Dive at 1pm Pacific.
Julie Maas (Jan 14 2021 at 20:08):
Here is a link for the 1pm Pacific talk in Whova: https://whova.com/portal/webapp/hlsfh_202101/Agenda/1439766 or you can look for the session titled "UDAP Registration and Authentication Overview and the UDAP Test Tool"
Julie Maas (Jan 15 2021 at 03:02):
Hi @Vivek, good morning to you. Just following up to see if you were able to test again or if we can point you to any resources you may need? I'll try to check back once more tonight before signing out, then we'll be back at 8am Pacific tomorrow. To all track participants: I posted a link to the UDAP educational session from 1pm Pacific today on the track page (https://confluence.hl7.org/display/FHIR/2021-01+Cross+Organization+Application+Access) and at some point it should be hosted in Whova also (links further up in this stream). Thanks and good night!
Vivek (Jan 15 2021 at 14:01):
@Julie Maas Thank you for checking. We have reached out to Lois as we are facing private key issues
Julie Maas (Jan 15 2021 at 15:49):
@Vivek I'm not seeing that message. Will you please ask your question here?
Julie Maas (Jan 15 2021 at 16:06):
OK just to wrap this up & in case it's helpful to others...sounds like you are set with the .p12 information on slide 16 of this deck: bit.ly/fast-security-cat26 titled "How to use .p12 files".
Vivek (Jan 15 2021 at 17:01):
When we import the p12 certificate we see 3 getting added in the Cert Manager? Which one of these should we use to sign the token?
image.png
Julie Maas (Jan 15 2021 at 17:27):
Confirming the highlighted certificate (with a key on it) is the one associated with subject's private key for signing JWTs; the other ones are intermediate & root certs.
Julie Maas (Jan 15 2021 at 18:25):
@Sandra Vance is there a link to the results of the Lantern test server scans, or is that coming at the wrap up? The test servers don't seem to be on their production page.
Sandy Vance (Jan 15 2021 at 18:43):
Julie Maas said:
Sandra Vance is there a link to the results of the Lantern test server scans, or is that coming at the wrap up? The test servers don't seem to be on their production page.
Matt Mayer will be sharing the results at 3:30 on the general session line
sunayana_sidda (Jan 15 2021 at 22:43):
@Julie Maas Attached is postman collection for Scenario 1
FHIRConnecthon_CrossOrganizationAppAccess_APIs.postman_collection.json
Julie Maas (Mar 24 2021 at 18:47):
Connectathon 27 is just around the corner (sort-of)! Cross Organization Application Access's Track orientation tentative time: May 3, 8am PST/3pm CET (appreciate discussion to +1 this day & time or suggest alternatives; will also post recording afterward). Please reach out if you would like to be added to the track agenda for a demo, to suggest or lead a breakout discussion topic, to assist with hosting the track, to be listed as a participant/observer or to give a presentation during the connectathon. A lot of crossover with capabilities being tested in other tracks, so I'm happy to cross-list presentations from other tracks too. Thank you!
Joe Lamy (Apr 19 2021 at 23:21):
Will anyone be testing (or has anyone tested) the scenario using the carequality_user extension? We are very interested in which servers plan to support this capability.
Julie Maas (Apr 21 2021 at 17:35):
Hi Joe, I'm not aware of this; perhaps others will reply. Since it's listed as a bonus point for this track's Scenario 2 hopefully those testing will note in conman.
David Hay (Apr 22 2021 at 07:15):
This would be a useful capability to mention in the notes field for a server in conman. If you also add the Cross Organization track as an associated/supported track for this server then it should be easy to find (as it will appear with that track description). There's a short video of adding a server here
BTW - we're in the process of adding all the tracks to conMan - should have that done in a day or so...
Michele Mottini (Apr 22 2021 at 13:14):
(deleted)
Julie Maas (May 04 2021 at 16:54):
We held our track orientation yesterday. The recording is available for those who want to check it out. See top of "Agenda" table on track page for track orientation recording. Looking forward to testing with you in 2 weeks!
Julie Maas (May 17 2021 at 23:48):
We're looking forward to testing security and identity workflows with you this week at the 27th HL7 FHIR Connectathon! Here is a checklist that will help get you ready to make the most of your track time; you can refer back to this for much of the information you'll need during the event that is specific to this track:
-If you are new to the track, you may wish to listen to the track overview/kick-off recording here (and also at the top of the Agenda on the track page). Or you can just walk through the scenario descriptions on the track page and ask any questions on Zulip.
-Obtain a UDAP certificate or generate your own. If you would like to request a complimentary certificate from EMR Direct, please register at Udap.org.
-Add your client, server, and/or identity service to the UDAP Implementers worksheet and to "conman" (the results recording app, which is here). There is no password for conman; just add your name to create yourself as a user. There is usually an introduction to conman at the connectathon-wide kick-off, if you haven't used it before. Or just ask!
-Use the UDAP Test Tool to do offline pre-testing or test with another server listed on the Implementers worksheet (email collaborate@udap.org if you want to enable trust with a certificate that was not issued from the EMR Direct Test CA and we will add it).
-Ask questions as you prepare and during the connectathon on Zulip at chat.fhir.org within the track stream. A participant from the January connectathon was kind enough to post a postman collection from their testing in the stream. You may also wish to ask questions to the broader group of UDAP implementers through the UDAP Google Group.
-During the connectathon, for times when we don't have something scheduled simply sign up on the "office hours" tab of the Implementers worksheet with your name and a topic to plan meeting time for Q&A you'd like to engage with track leads; otherwise we'll be answering Zulip inquiries but may not have the Zoom meeting active during times when we do not have anything scheduled. This is something new we're trying since I am on Pacific time and this connectathon meeting is on Central European time/GMT.
-There are links to additional materials at UDAP.org if you would like to research further before tomorrow. There is also a detailed slide deck from the January connectathon here. The slides contain some PKI fundamentals and helpful hints for getting your JWT-based authentication working.
-Please reach out if you would like to be included as a speaker (or just join us!) in the Wednesday 5/19 10am Eastern "Collaborators" hour; we are welcoming implementers who would like to discuss their experience with UDAP or its benefits during this time for 5-10 minutes each, give demos, or bring policy discussion. I hope this will be a useful community conversation time, especially if you are focusing on a different track but want to engage for a short time for an update on UDAP workflows or just to meet other UDAP implementers.
Please reach out with any questions & I look forward to connecting with you this week!
Julie Maas (May 18 2021 at 16:27):
Just a reminder we are beginning our day 1 check-in for Cross Org App Access now!
Julie Maas (May 18 2021 at 17:17):
We finished our check-in but are keeping the meeting open for questions as we have some active test prep going on. Stop by if you'd like to hear more about testing UDAP and FAST Identity and Security solutions.
Julie Maas (May 18 2021 at 17:20):
Referencing this again by popular demand :) http://bit.ly/fast-security-cat26
Julie Maas (May 18 2021 at 20:30):
We had a request to add a tab for pilot information to be shared so this Google Sheet for UDAP Implementers now has a 5th tab "Beyond Sandbox Use". Please use for between-connectathon testing and add your own information as appropriate!
David Hay (May 18 2021 at 20:56):
If you wanted to, you could continue to use conman - the current instance will remain up indefinitely...
Tone Southerland (May 18 2021 at 21:24):
Thanks @Julie Maas for posting the link. As a client/consumer app we (OneRecord) are interested in ongoing testing and usage opportunities beyond specific connectathon testing events and the idea is this will help to unite those of us interested across the community.
@David Hay we actually discussed that a bit and decided to leverage both to see which will work better as UDAP is still in early phases of implementation. Additionally, conman seems to be more well suited for specific testing events as opposed to an ongoing deployment and availability tracker.
David Hay (May 18 2021 at 21:57):
no worries...
Julie Maas (May 19 2021 at 16:50):
Hello UDAP enthusiasts! We had an extended check-in this morning with a UDAP overview then deep dive on UDAP Tiered OAuth and group discussion on cross-organization identity considerations including patient matching and patient access to data absent credentials on the data holder system. If this topic interests you, please check out the recording later or comments/discussion is welcome in this stream! Direct agenda link is here
Julie Maas (Jul 14 2021 at 16:08):
Just added kick-off dial in details for the FAST Security & Identity track, tomorrow at Noon Eastern: https://global.gotomeeting.com/join/169309581
A recording will be posted later that day on the track page.
Also, please join this stream in its new home at: FAST Security or FAST Identity thank you!
Julie Maas (Aug 10 2021 at 15:58):
Note that this topic has moved to 2 new streams for FAST Identity and FAST Security. Hope you'll join us at the new location if you haven't already. Details for the upcoming September 2021 connectathon have just been posted.
Last updated: Apr 12 2022 at 19:14 UTC
