RBAC routes configuration file
RBAC routes configuration file allows to manage access to Kodjin endpoints. Current configuration file provides three level of access:
- access is allowed without token or scope
- access is allowed with active and valid token but no scope is required
- access is allowed only with proper scope and valid token
Example of the rbac-routes.json file
{
"routes": [
{
"method": [
"POST"
],
"path": "/$apply-fhirpath",
"mode": "token_only"
},
{
"method": [
"GET",
"POST"
],
"path": "/$versions",
"mode": "public"
},
{
"method": [
"*"
],
"regex": "/metadata(\\?)*[A-Za-z]*",
"mode": "public"
},
{
"method": [
"GET"
],
"path": "/fhir-base-url",
"mode": "public"
}
]
}
How to read and use file:
methodis an array, where any kinds of interactions should be mentioned, for example POST, GET. If all kinds of interactions should be used, then*(wildcard) could be used instead. Method is required in the file.pathorregexis a string, where endpoint should be added. Path is an exact match string. Regex allows regex patterns for route path. Path and regex is oneOf element - either path, or regex shall be used.modeis a string, where only two variant could be used. Any routes that are not mentioned in this file require proper scope for access. Mode is required in the file. Mode variants are:- "public" - access without token or scope
- "token_only" - access with active and valid token but no scope is required