Skip to content
Search to learn about InterSystems products and solutions, career opportunities, and more.

Advisory: Additional Configuration to Consider for External Credentials in Personal Community

This problem affects the following products:

  • HealthShare Personal Community 2020.1, 2020.2, 2021.2

Personal Community's external credentials feature allows Personal Community to integrate with an external identity provider (IdP) over OAuth 2.0.
Prior to going live with the external credentials, organizations should evaluate the following default workflow for Personal Community:

  1. Patient selects the “Sign-in with IdP” button, is redirected to the IdP to authenticate, and accesses Personal Community.
  2. After using the Personal Community application, the patient signs out of Personal Community.
  3. Without closing the browser, the patient immediately selects the “Sign-in with IdP” button again.

Because the patient has an active session accessible from the IdP, they are not prompted to authenticate again and are able to access Personal Community.

Some sites may wish to enforce that a patient is always prompted to authenticate with the IdP when they select the “Sign-in with IdP” button in Personal Community.

Provided the IdP supports this, this can be enforced by adding ?prompt=login to the end of the authorization endpoint. This can be updated in the Personal Community Management Portal by navigating to System Administration > Security > OAuth2.0 > Client and selecting the Issuer Endpoint for this connection.

If you have any questions regarding this advisory, please contact the Worldwide Response Center (WRC) and refer to HSPC-12755.


Latest Alerts & Advisories

Sign Up Today

Receive notifications on support alerts, critical issues,
fixes, and product releases.
*Required Fields
Highlighted fields are required
*Required Fields
Highlighted fields are required
By submitting this form, you give consent to receive notifications concerning support alerts, critical issues, important updates, fixes, and product releases via email. In addition, you consent to your business contact information being entered into our CRM solution that is hosted in the United States, but maintained consistent with applicable data protection laws.
**By clicking here, you give consent to be contacted for news, updates and other marketing purposes related to existing and future InterSystems products, offerings, and events.