Skip to content
Effettua una ricerca per conoscere i prodotti e le soluzioni di InterSystems, le opportunità di carriera e altro ancora.

Advisory: Additional Configuration to Consider for External Credentials in Personal Community

This problem affects the following products:

  • HealthShare Personal Community 2020.1, 2020.2, 2021.2

Personal Community's external credentials feature allows Personal Community to integrate with an external identity provider (IdP) over OAuth 2.0.
Prior to going live with the external credentials, organizations should evaluate the following default workflow for Personal Community:

  1. Patient selects the “Sign-in with IdP” button, is redirected to the IdP to authenticate, and accesses Personal Community.
  2. After using the Personal Community application, the patient signs out of Personal Community.
  3. Without closing the browser, the patient immediately selects the “Sign-in with IdP” button again.

Because the patient has an active session accessible from the IdP, they are not prompted to authenticate again and are able to access Personal Community.

Some sites may wish to enforce that a patient is always prompted to authenticate with the IdP when they select the “Sign-in with IdP” button in Personal Community.

Provided the IdP supports this, this can be enforced by adding ?prompt=login to the end of the authorization endpoint. This can be updated in the Personal Community Management Portal by navigating to System Administration > Security > OAuth2.0 > Client and selecting the Issuer Endpoint for this connection.

If you have any questions regarding this advisory, please contact the Worldwide Response Center (WRC) and refer to HSPC-12755.

RELATED TOPICS

Latest Alerts & Advisories

15 Aug 2024
InterSystems has corrected a defect that can cause database corruption or errors with multi-volume databases under extremely rare circumstances. Only databases that have been truncated are at risk.
24 Jul 2024
There are four alerts in the HS2024-03 Alert Communication. A summary of each alert is shown below. Details for each alert are contained in the linked document.
24 Jun 2024
Broadcom recently announced a problem that can cause data consistency errors in database applications. The Broadcom article is available here:
30 May 2024
Beginning with the release of InterSystems IRIS® data platform 2022.3, InterSystems corrected the license enforcement mechanism to include REST and SOAP requests. Due to this change, environments with non-core-based licenses that use REST or SOAP may experience greater license utilization after upgrading. To determine if this advisory applies to your InterSystems license, follow the instructions in the FAQ linked below.
01 May 2024
InterSystems has corrected an issue that can cause a small number of SQL queries to return incorrect results. See below for the specifics on impacted queries.
08 Apr 2024
InterSystems has encountered a defect that causes some upgrades of HealthShare® Health Connect to fail. This only affects instances that are not licensed for the use of FHIR® and that have interoperability-enabled namespaces. Under these conditions, the upgrade fails with an error.
19 Mar 2024
In evaluating an IBM Support notification, InterSystems has determined a potential impact for our customers. The notification in question is:
27 Feb 2024
There is 1 alert in the HealthShare HS2024-limited Alert communication. An alert summary for the issue is shown is in the table below. Details for the alert are contained in the attached document: HS2024 Limited Communication.
01 Feb 2024
There are 2 alerts in the HealthShare HS2024-02 Alert communication. An alert summary for each issue is shown is in the table below. Details for each alert are contained in the attached document: HS2024-02-Communication.