How to Securely Deploy Patient Browser Application by integrating with a Health Data Access Pattern FHIR server
Instructions are provided below for a configuration to securely deploy the Patient Browser Application by integrating with a FHIR server protected by a SMART App Launch authorization server that is built on Keycloak, as per the Health Data Access Reference Implementation. Note that this is a local deployment end to end - with Patient Browser, IBM FHIR server and Keycloak service each running in separate docker containers.
Deploy the Health Data Access Pattern as per here but with the following additional steps carried out within the Keycloak Admin Console;
- Select 'Client' from LHS menu.
- Click on 'inferno' client from Client pane.
- If you don't want additional Consent screen after login screen the first time you try to log into Patient Browser, then set 'Consent Required' to 'OFF' for 'inferno' client.
- Add 'http://127.0.0.1:8081/*' to list of 'Valid Redirect URLs'
- Add 'http://127.0.0.1:8081' to 'Web Origins' list.
Git clone this repository and cd into this directory;
git clone https://github.com/Alvearie/patient-browserRun the following to refresh the build;
npm iModify build/config/default.json5 as follows;
- Set server.url parameter to ‘https://localhost:9443/fhir-server/api/v4'
- Set authEnabled to ‘true’
Start Patient Browser running on node http server locally by running;
npm startURL to access Patient Browser deployment is -> http://127.0.0.1:8081
When prompted for username/password enter fhiruser/change-password