Skip to main content

Authentication and Authorization

HealthShare® Health Connect supports a wide variety of authentication mechanisms. Authentication determines if users are who they say they are. Additionally, HealthShare® Health Connect supports a robust role-based authorization system, which determines an authenticated user can create, use, view, change, or delete.

Get acquainted

video iconUsers and roles in InterSystems IRISOpens in a new window

documentation iconAuthentication introduction

documentation iconAuthorization: Controlling User Access

Try it

interactive iconFirst Look: Role-based access control

Read all about it

documentation iconLDAP

The lightweight directory access protocol

documentation iconKerberos

The Kerberos network authentication system

documentation iconOS-based authentication

Using operating system credentials

documentation iconInstance authentication

The Health Connect built-in authentication system

documentation iconDelegated authentication

Using your own authentication system and tying in Health Connect

documentation iconAssets and resources

The system, database, and service resources that protect assets such as an InterSystems IRIS database

documentation iconPrivileges and permissions

Combining permissions and resources to create privileges

documentation iconRoles

Using roles, which are collections of privileges

documentation iconUsers

Managing users, including predefined users

Match authentication with authorization

Your authentication mechanism determines what authorization mechanism you can use.

Authentication mechanism Authorization mechanisms
LDAP InterSystems authorization
LDAP
Kerberos InterSystems authorization
Delegated authorization
OS-based InterSystems authorization
Delegated authorization
LDAP
Instance authentication InterSystems authorization
Delegated authentication InterSystems authorization
Delegated authorization

Two-factor authentication

Health Connect supports both SMS text authentication and time-based one-time password (TOTP) authentication.

documentation iconTwo-factor authentication

External authorization systems

documentation icondelegated authorization (authorization only)

documentation icondelegated authentication (authorization and authentication)

Match authorization with authentication

You can use each authorization/role-assignment mechanism only with certain authentication mechanisms.

Authorization/role-assignment mechanism Authentication mechanism(s)
InterSystems authorization All authentication systems
Delegated authorization Delegated authentication
OS-based
Kerberos
LDAP LDAP
OS-based
Delegated authentication (can also perform authorization) Delegated authentication

Explore more

Navigation iconSecurity

Navigation iconTLS

FeedbackOpens in a new window