description: null package_name: io.health-samurai.core.r5 derivation: specialization name: Client type: Client elements: scopes: type: BackboneElement short: Detailed scope configurations with associated policies. array: true index: 19 elements: policy: type: Reference short: Reference to an AccessPolicy resource for this scope. refers: ['http://health-samurai.io/fhir/core/StructureDefinition/AccessPolicy'] index: 20 parameters: {short: Parameters to be applied with the scope's policy., index: 21} description: {type: string, short: A description of the client application for administrative purposes., index: 2} jwks: type: BackboneElement short: JSON Web Key Set for client authentication and/or verification. array: true index: 22 elements: kid: {type: string, short: Key ID that identifies this key., index: 23} kty: type: string short: Key type. constraint: enum-1150: {human: Key type must be RSA, severity: error, expression: '%context.subsetOf(''RSA'')'} index: 24 alg: type: string short: Algorithm used with this key. constraint: enum-1151: {human: Algorithm must be RS384, severity: error, expression: '%context.subsetOf(''RS384'')'} index: 25 e: {type: string, short: Exponent value for RSA key., index: 26} n: {type: string, short: Modulus value for RSA key., index: 27} use: type: string short: Key usage. constraint: enum-1149: {human: Use must be sig, severity: error, expression: '%context.subsetOf(''sig'')'} index: 28 allowed_origins: {type: uri, short: Allowed Origins are URLs that will be allowed to make requests., array: true, index: 18} fhir-base-url: {type: string, short: Base URL of the FHIR server this client interacts with., index: 14} first_party: {type: boolean, short: Indicates whether this is a first-party client., index: 4} name: {type: string, short: Human-readable name of the client application., index: 9} trusted: {type: boolean, short: Indicates whether this client is trusted and given special privileges., index: 5} allowedIssuers: {type: string, short: List of authorized token issuers for this client., array: true, index: 16} type: {type: string, short: The type of client application., index: 7} grant_types: type: string short: OAuth 2.0 grant types this client is authorized to use. constraint: enum-1152: {human: 'Grant type must be one of: basic, authorization_code, code, password, client_credentials, implicit, refresh_token, urn:ietf:params:oauth:grant-type:token-exchange', severity: error, expression: '%context.subsetOf(''basic'' | ''authorization_code'' | ''code'' | ''password'' | ''client_credentials'' | ''implicit'' | ''refresh_token'' | ''urn:ietf:params:oauth:grant-type:token-exchange'')'} array: true index: 17 scope: {type: string, short: List of scopes this client is authorized to request., array: true, index: 6} auth: type: BackboneElement short: Authentication configuration for different OAuth flows. index: 30 elements: client_credentials: type: BackboneElement short: Configuration for the client credentials grant type. index: 31 elements: token_format: type: string short: Format of the access token. constraint: enum-client_credentials_token_format: {human: Token format must be jwt, severity: error, expression: '%context.subsetOf(''jwt'')'} index: 32 access_token_expiration: {type: integer, short: Expiration time for access tokens in seconds., index: 33} refresh_token_expiration: {type: integer, short: Expiration time for refresh tokens in seconds., index: 34} audience: {type: string, short: Intended audience for issued tokens., array: true, index: 35} refresh_token: {type: boolean, short: Whether to issue refresh tokens with this grant type., index: 36} client_assertion_types: type: string short: Supported client assertion types. constraint: enum-1153: {human: 'Client assertion type must be urn:ietf:params:oauth:client-assertion-type:jwt-bearer', severity: error, expression: '%context.subsetOf(''urn:ietf:params:oauth:client-assertion-type:jwt-bearer'')'} array: true index: 37 authorization_code: type: BackboneElement short: Configuration for the authorization code grant type. index: 38 elements: token_format: type: string short: Format of the access token. constraint: enum-1556: {human: Token format must be jwt, severity: error, expression: '%context.subsetOf(''jwt'')'} index: 39 refresh_token_expiration: {type: integer, short: Expiration time for refresh tokens in seconds., index: 45} default_identity_provider: type: Reference short: Default IdentityProvider that will be used instead of Aidbox login. refers: ['http://health-samurai.io/fhir/core/StructureDefinition/IdentityProvider'] index: 48 client_assertion_types: type: string short: Supported client assertion types. constraint: enum-1153: {human: 'Client assertion type must be urn:ietf:params:oauth:client-assertion-type:jwt-bearer', severity: error, expression: '%context.subsetOf(''urn:ietf:params:oauth:client-assertion-type:jwt-bearer'')'} array: true index: 47 refresh_token: {type: boolean, short: Whether to issue refresh tokens with this grant type., index: 46} secret_required: {type: boolean, short: Whether client secret is required for token exchange., index: 41} pkce: {type: boolean, short: Whether PKCE (Proof Key for Code Exchange) is required., index: 42} audience: {type: string, short: Intended audience for issued tokens., array: true, index: 40} access_token_expiration: {type: integer, short: Expiration time for access tokens in seconds., index: 44} redirect_uri: {type: url, short: Redirect URI for the authorization code flow., index: 43} password: type: BackboneElement short: Configuration for the password grant type. index: 49 elements: secret_required: {type: boolean, short: Whether client secret is required for password grant., index: 50} audience: {type: string, short: Intended audience for issued tokens., array: true, index: 51} refresh_token: {type: boolean, short: Whether to issue refresh tokens with this grant type., index: 52} redirect_uri: {type: url, short: 'If present, turn on redirect protection', index: 53} token_format: type: string short: Format of the access token. constraint: enum-1155: {human: Token format must be jwt, severity: error, expression: '%context.subsetOf(''jwt'')'} index: 54 access_token_expiration: {type: integer, short: Expiration time for access tokens in seconds., index: 55} refresh_token_expiration: {type: integer, short: Expiration time for refresh tokens in seconds., index: 56} implicit: type: BackboneElement short: Configuration for the implicit grant type. index: 57 elements: redirect_uri: {type: url, short: Redirect URI for the implicit flow., index: 58} token_format: type: string short: Format of the access token. constraint: enum-1154: {human: Token format must be jwt, severity: error, expression: '%context.subsetOf(''jwt'')'} index: 59 audience: {type: string, short: Intended audience for issued tokens., array: true, index: 60} access_token_expiration: {type: integer, short: Expiration time for access tokens in seconds., index: 61} token_exchange: type: BackboneElement short: Configuration for the token exchange grant type. index: 62 elements: token_format: type: string short: Format of the access token. constraint: enum-1557: {human: Token format must be jwt, severity: error, expression: '%context.subsetOf(''jwt'')'} index: 63 access_token_expiration: {type: integer, short: Expiration time for access tokens in seconds., index: 64} refresh_token_expiration: {type: integer, short: Expiration time for refresh tokens in seconds., index: 65} audience: {type: string, short: Intended audience for issued tokens., array: true, index: 66} refresh_token: {type: boolean, short: Whether to issue refresh tokens with this grant type., index: 67} secret: {short: Hashed client secret for authentication., index: 3} details: {short: Additional client details or configuration options., index: 8} active: {type: boolean, short: Indicates whether this client is active and can be used for authentication., index: 0} smart: type: BackboneElement short: SMART on FHIR configuration for this client. index: 10 elements: launch_uri: {type: string, short: URI to launch the SMART app., index: 11} name: {type: string, short: Name of the SMART app., index: 12} description: {type: string, short: Description of the SMART app., index: 13} allowed-scopes: type: Reference short: References to specific Scope resources this client is allowed to request. refers: ['http://health-samurai.io/fhir/core/StructureDefinition/Scope'] array: true index: 15 _source: {type: string, short: System Property. DO NOT USE IT., index: 1} jwks_uri: {type: url, short: URI where the client's JSON Web Key Set can be retrieved., index: 29} package_version: 0.2601.0 class: resource kind: resource url: http://health-samurai.io/fhir/core/StructureDefinition/Client base: http://hl7.org/fhir/StructureDefinition/DomainResource version: 0.2601.0