interopiO™ Gateway Creation
Before registering a cds service set, a gateway needs to be created. This gateway will be the one on which the desired cds services will be accessible. Information about the gateway will be needed in the security prerequisite.
Please read through and understand the official CDS Hooks security specification (https://cds-hooks.org/specification/1.0/#security-and-safety). The issuer that you will need to give to the CDS service provider will be the url of the gateway created earlier. If the provider requires a JWK set up front, it can be found in the second step of the registration wizard at the JKU endpoint (see Registration). If the gateway will be proxying calls from an external client (such as an EHR), the JWK Set associated with the private keys that will be used for signing all JWTs forwarded to the gateway will need to be provided to interopiO™. Please add this set as follows:
- In InterpIO Admin, navigate to the details page of the gateway created earlier.
- Click the "Cds Service Auth" tab at the top of the screen.
- Click the pencil icon at the top of the white box.
- Paste the jwk set object in the text field and click "Save".
Now that the appropriate arrangements are in place, you may now register the cds service set:
- Click on "CDS Hooks" link on left side of screen or the CDS Hooks widget if you're on the environment home page.
- Click "Add CDS Service Set"
- Provide information in steps 1 and 2:
- Step 1: Provide "Display Name", id (which is auto generated but can be manually changed), and "Description" (optional). Click "Next"
- Step 2:
- The "JKU Endpoint" field displays a url which points to interopiO's JWK set. The provider will need to trust interopiO before continuing (see Security Prerequisites).
- Provide the cds discovery endpoint in the text field. Click on the send button to the right. If the call is successful, a list of the available cds services will appear below.
- Click "Next"
- Review that all information is accurate, then click "Add Cds Service Set"
Now that the CDS service set has been registered, it must now be activated on the gateway created earlier:
- Navigate to the cds service set to be activated. Click on the "Activations" tab at the top of the screen.
- At the top right of the box, click "Add Activation".
- Provide name and select gateway.
- At this point, a list of available services are shown. The check box to the left of each service allows for individual activation/inactivation of each service. An "ID Override" can be provided to give a different path to that service. In the case that multiple services with the same id are activated on the same gateway, override ids are automatically generated but can be modified.
- Click "Add Activation".