PackagesCanonicalsLogsProblems
    Packages
    io.health-samurai.core.r4b@0.2601.0
    http://health-samurai.io/fhir/core/StructureDefinition/TokenIntrospector
JSONFHIR SchemaOther Versions
description: null
package_name: io.health-samurai.core.r4b
derivation: specialization
name: TokenIntrospector
type: TokenIntrospector
elements:
  type:
    type: string
    short: Specifies the type of token to introspect.
    constraint:
      enum-1007: {human: 'Type must be one of: opaque, jwt, aspxauth', severity: error, expression: '%context.subsetOf(''opaque'' | ''jwt'' | ''aspxauth'')'}
    index: 0
  _source: {type: string, short: System Property. DO NOT USE IT., index: 1}
  jwks_uri: {type: string, short: A URL pointing to a JSON Web Key Set (JWKS). When type is jwt the introspector retrieves public keys from this URI to validate token signatures., index: 2}
  jwt:
    type: BackboneElement
    short: Configuration for local JWT validation used when type is jwt.
    constraint:
      cont-10: {human: Exactly one of jwt.secret or jwt.keys or jwks_uri with jwt.iss MUST be present, severity: error, expression: (%context.secret.exists() xor %context.keys.exists() xor (%context.iss.exists() and %resource.jwks_uri.exists())) and (%context.secret.exists() and %context.keys.exists() and %context.iss.exists() and %resource.jwks_uri.exists()).not()}
    index: 3
    elements:
      iss: {type: string, short: The expected issuer (iss) claim value for JWTs. The TokenIntrospector ensures that tokens it validates come from this issuer., index: 4}
      secret: {type: string, short: A shared secret key or other signing key material used to verify the JWT's signature., index: 5}
      keys:
        type: BackboneElement
        short: The set of keys to use for validation.
        array: true
        index: 6
        elements:
          k: {type: string, short: The symmetric key to use for validation., index: 7}
          pub: {type: string, short: The asymmetric key to use for validation., index: 8}
          kty:
            type: string
            short: The key type to use for validation.
            constraint:
              enum-1160: {human: 'Key type must be one of: RSA, EC, OCT', severity: error, expression: '%context.subsetOf(''RSA'' | ''EC'' | ''OCT'')'}
            index: 9
          alg:
            type: string
            short: The algorithm to use for validation.
            constraint:
              enum-1161: {human: 'Algorithm must be one of: RS256, RS384, ES256, HS256', severity: error, expression: '%context.subsetOf(''RS256'' | ''RS384'' | ''ES256'' | ''HS256'')'}
            index: 10
          format:
            type: string
            short: The format of the key to use for validation. 'plain' for symmetric algs (HS256) and 'PEM' for all asymmetric algs
            constraint:
              enum-1162: {human: 'Format must be one of: PEM, plain', severity: error, expression: '%context.subsetOf(''PEM'' | ''plain'')'}
            index: 11
        required: [kty, alg, format]
  introspection_endpoint:
    type: BackboneElement
    short: Remote introspection endpoint configuration.
    index: 12
    elements:
      url: {type: string, short: The fully qualified URL of the remote introspection endpoint., index: 13}
      authorization: {type: string, short: The authorization header value., index: 14}
  identity_provider:
    type: Reference
    short: Link to Identity provider associated with the token introspector.
    refers: ['http://health-samurai.io/fhir/core/StructureDefinition/IdentityProvider']
    index: 15
package_version: 0.2601.0
class: resource
kind: resource
url: http://health-samurai.io/fhir/core/StructureDefinition/TokenIntrospector
base: http://hl7.org/fhir/StructureDefinition/DomainResource
version: 0.2601.0
required: [type]