Azure Health Data Services
An Azure offering that provides a suite of purpose-built technologies for protected health information in the cloud.
154 questions
Configure Azure Health External Identity Providers
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 7.000000000000001%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELS%3C/text%3E%3C/svg%3E)
Lodewijk Sioen
20
Reputation points
According to the documentation it should be possible to bring our own Identity Provider as long as we can build a correct JWT token.
This is how the provider is configured in the portal:
- Authority Field: https://[redacted].azurewebsites.net
- Client ID: sandbox-ls
- Audience: api-m2m
This is how my (decoded) token looks like:
{
"alg": "RS256",
"kid": "717BA263BF10CE3AD327817F9E3C1E11",
"typ": "at+jwt"
}.{
"nbf": 1718878423,
"exp": 1718882023,
"iss": "https://[redacted].azurewebsites.net",
"aud": "api-m2m",
"client_id": "33c7aa88-e639-427a-86be-160f684aa8d7",
"azp": "sandbox-ls",
"roles": "smartUser",
"tenant": "local",
"scp": "system/*.read",
"jti": "68B004F13DB528D57BAF1FA0ADB61B23",
"iat": 1718878423
}.[Signature]
However, I keep getting the following response:
HTTP/1.1 403 Forbidden
{
"resourceType": "OperationOutcome",
"id": "edcd3518cdd00773b8d23ae8e0433ba6",
"meta": {
"lastUpdated": "2024-06-20T10:16:19.663928+00:00"
},
"issue": [
{
"severity": "error",
"code": "forbidden",
"diagnostics": "Authorization failed."
}
]
}
What am I doing wrong in creating my token? Why is it not valid for the FHIR service? If run the open source version on my machine, the token is accepted and everything works.