description: null
package_name: io.health-samurai.core.r3
derivation: specialization
name: IdentityProvider
type: IdentityProvider
elements:
  scopes: {type: string, short: OAuth scopes that should be requested during authentication., array: true, index: 4}
  introspection_endpoint: {type: string, short: The URL of the token introspection endpoint., index: 18}
  system: {type: string, short: System identifier for the identity provider., index: 10}
  userinfo_endpoint: {type: string, short: The URL of the userinfo endpoint., index: 14}
  authorize_endpoint: {type: string, short: The URL of the authorization endpoint., index: 6}
  base_url: {type: uri, short: Base URL for the identity provider., index: 5}
  kid: {type: string, short: Key identifier used for token verification., index: 9}
  isScim: {type: boolean, short: Indicates whether this provider supports SCIM protocol., index: 12}
  toScim: {short: Mapping rules for transforming identity provider data., index: 11}
  client:
    type: BackboneElement
    short: Client configuration for this identity provider.
    index: 22
    elements:
      id: {type: string, short: Client identifier used for authentication with the identity provider., index: 23}
      redirect_uri: {type: uri, short: URI where the provider will redirect after authentication., index: 24}
      auth-method:
        type: string
        short: Client authentication method.
        constraint:
          enum-auth-method: {human: 'Auth method must be one of: symmetric, asymmetric', severity: error, expression: '%context.subsetOf(''symmetric'' | ''asymmetric'')'}
        index: 25
      secret: {type: string, short: Client secret for symmetric authentication., index: 26}
      private-key: {type: string, short: Private key for asymmetric authentication., index: 27}
      certificate: {type: string, short: Client certificate for authentication., index: 28}
      certificate-thumbprint: {type: string, short: Certificate thumbprint., index: 29}
      creds-ts: {type: string, short: Credentials timestamp., index: 30}
  type:
    type: string
    short: The type of identity provider.
    constraint:
      enum-1325: {human: 'Type must be one of: aidbox, github, google, OIDC, OAuth, az-dev, yandex, okta, apple', severity: error, expression: '%context.subsetOf(''aidbox'' | ''github'' | ''google'' | ''OIDC'' | ''OAuth'' | ''az-dev'' | ''yandex'' | ''okta'' | ''apple'')'}
    index: 2
  organizations: {type: string, short: Organizations associated with this identity provider., array: true, index: 20}
  title: {type: string, short: A human-readable name for the identity provider., index: 3}
  registration_endpoint: {type: string, short: The URL of the registration endpoint., index: 16}
  isEmailUniqueness: {type: boolean, short: Indicates whether email uniqueness should be enforced for this provider., index: 13}
  revocation_endpoint: {type: string, short: The URL of the token revocation endpoint., index: 17}
  active: {type: boolean, short: Indicates whether this identity provider is active and can be used for authentication., index: 0}
  team_id: {type: string, short: Team ID (for Apple)., index: 8}
  token_endpoint: {type: string, short: The URL of the token endpoint., index: 7}
  _source: {type: string, short: System Property. DO NOT USE IT., index: 1}
  jwks_uri: {type: string, short: URI where the provider's JSON Web Key Set can be retrieved., index: 19}
  userinfo_header: {type: string, short: Header to be used when calling the userinfo endpoint., index: 15}
  userinfo-source:
    type: string
    short: Source of userinfo details.
    constraint:
      enum-1326: {human: 'Source must be one of: id-token, userinfo-endpoint', severity: error, expression: '%context.subsetOf(''id-token'' | ''userinfo-endpoint'')'}
    index: 21
package_version: 0.2601.0
class: resource
kind: resource
url: http://health-samurai.io/fhir/core/StructureDefinition/IdentityProvider
base: http://hl7.org/fhir/StructureDefinition/DomainResource
version: 0.2601.0