Set up SSO with Auth0

This guide explains how to set up single sign-on features (SSO) with Auth0

This guide expands Set up SMARTbox.

Create an application in Auth0

To create an application:

  • Login to the Auth0
  • Open the Applications page
  • Press the Create Application button
  • Give the name of the application
  • Choose the type of application. Consider, Native type
  • Press the Create button

After the app is created add the details:

  • Application callback URLs: http://localhost:8888/tenant/my-clinic/patient/auth/callback/?
  • Press the Save Changes button

Open the Advanced settings of the application and copy:

  • OAuth Authorization URL
  • OAuth Token URL
  • OAuth User Info URL

Create a user in Auth0

To create a new user:

  • Open the Users page
  • Press the Create User button
  • Provide email and password
  • Press the Create button

Copy the user_id. It looks like auth0|6310e2d143b66b669906d775

Create a Tenant in Aidbox Portal

As the administrator of the Portal create an Tenant resource. Please, see What is Tenant for more details.

id: my-clinic
resourceType: Tenant
name: My Clinic Name
logoUrl: https://example.com/my-clinic-logo.png
identityProvider:
  scopes:
    - user
    - read:org
    - openid
    - profile
  system: aidbox:tenant:my-clinic
  userinfo_endpoint: https://dev-nei1uq73.us.auth0.com/userinfo
  authorize_endpoint: https://dev-nei1uq73.us.auth0.com/authorize
  token_endpoint: https://dev-nei1uq73.us.auth0.com/oauth/token
  client:
    id: ziW...lv0
    secret: 7HoQ...gvb

The URLs copied from the Auth0 are used here:

  • OAuth Authorization URL as authorize_endpoint
  • OAuth Token URL as token_endpoint
  • OAuth User Info URL as userinfo_endpoint

It's important to provide the system attribute

Create a user in Aidbox Portal

The user should be linked to a Patient to be able to launch SMART Apps. And at the same time, it should be related to the Auth0 user. Please, see What is Tenant for more details.

id: test-user-1
resourceType: User
identifier:
  - value: auth0|6310e2d143b66b669906d775
    system: aidbox:tenant:my-clinic
fhirUser:
  id: test-pt-1
  resourceType: Patient
roles:
  - type: patient
active: true
meta:
  tenant:
    id: my-clinic
    resourceType: Tenant

1. identifier contains the link to the Auth0 user 2. fhirUser links the user to the Patient

Checking it works together

  • Open the link https://f81a-5-161-99-84.ngrok.io/tenant/my-clinic/patient/portal in the Invisible (Stealth) mode
  • Click the Sign In link
  • Enter email and password of the user, we created in the Auth0
  • Press the Login button

Launch the Growth Chart

  • On the SMARTbox page Applications
  • Press the Launch button against the Growth Chart application
  • Press the Allow button on the consent screen
  • Get the Growth Chart works