0
0

Written by

Scott Roth
Sr Application Development Analyst at The Ohio State University Wexner Medical Center
Follow
Question Scott Roth · Jul 1, 2024

Best Practice Question - Connecting to REST API's outside of the network

#HealthShare #InterSystems IRIS for Health #Health Connect #API #FHIR #Interoperability #REST API #Security #SSL

Up until recently, I have been toying around with REST/FHIR capabilities but only internally. Now I have a request to make REST API calls outside of our Network. 

I am using an RSA 4096 key, because Microsoft Active Directory Services which generates the signed certificate could not handle the Elliptical Key (ECC) when I put the request in.

  • Others in the Healthcare industry, how have you handled this when there isn't an API manager involved?
  • Do you connect directly through the Interoperability Engine using a TLS key?
  • How have you ensured that the TLS is enough to keep it secure and not expose the Interoperability Engine to the world?
  • Is RSA 4096 really enough?
$ZV: IRIS for UNIX (Red Hat Enterprise Linux 8 for x86-64) 2024.1 (Build 267_2U) Tue Apr 30 2024 16:06:39 EDT [HealthConnect:3.5.0-1.m1]
Discussion (0)0
Log in or sign up to continue