Ontoserver

Configuration properties in alphabetical order

Configuration properties for Ontoserver can be used by including them in the (environment) section of the (ontoserver) container, within the (docker-compose.yml) file described here.

atom.preload.syndication (file:///data/preload.xml)

Location/s for Atom feeds whose entries will be fetched into Ontoserver on startup. For more information see Preload Configuration.

atom.preload.syndication.default (classpath:preload/ontoserver-profiles.xml,classpath:preload/ncts-profiles.xml)

Location/s for Atom feeds whose entries will be fetched into Ontoserver on startup as default resources (this includes default profiles for resources). This parameter should be only modified to deliberately exclude the default profiles. For more information see Preload Configuration.

atom.syndication.disableChecksums (false)

If true, tells Ontoserver not to check that the Syndication feed checksums match when obtaining and processing an entry.

atom.syndication.publish.enabled (false)

if true, enables the downstream Syndication endpoint.

atom.syndication.feedLocation (https://api.healthterminologies.gov.au/syndication/v1/syndication.xml)

Comma-separated list of URI-encoded absolute URLs of the upstream Syndication feeds. By default, this points to the Australian NCTS Syndication Service (note that this service requires credentials). Minimum is that embedded , and % characters in the URLs must be %-encoded

atom.syndication.republishUpstreamEntries (false)

If true, and atom.syndication.publish.enabled is also enabled, then includes all the upstream Syndication feed entries in the downstream feed.

atom.syndication.timeout.ms (16000)

How long to wait before aborting the request for the upstream Syndication feed.

atom.validation.feedLocation ()

Location/s for Atom feeds whose StructureDefinition entries may be used to support $validate. By default this is blank and thus no non-local StructureDefinitions will be used for validation.

authentication.basic.endpoint.{n}

Hostname (including protocol, e.g. http:// or https://) for which to provide Basic Auth credentials when requesting content

authentication.basic.endpoint.password.{n}

Basic Auth password for the nth endpoint, as specified in authentication.basic.endpoint.{n}

authentication.basic.endpoint.user.{n}

Basic Auth username for the nth endpoint, as specified in authentication.basic.endpoint.{n}

authentication.oauth.endpoint.{n}

Hostname (including protocol, e.g. http:// or https://) for which to provide OAuth2 credentials when requesting content

authentication.oauth.endpoint.client_id.{n}

OAuth client ID to send when requesting a system token for use in requesting content from authentication.oauth.endpoint.{n}

authentication.oauth.endpoint.client_secret.{n}

Client secret to send when requesting an OAuth2 system token for use in requesting content from authentication.oauth.endpoint.{n}

authentication.oauth.endpoint.scope.{n}

Scope requested when requesting an OAuth2 system token for use in requesting content from authentication.oauth.endpoint.{n}

authentication.oauth.endpoint.strategy.{n}

Strategy (basic_auth or body) to use when requesting an OAuth2 system token for use in requesting content authentication.oauth.endpoint.{n}

authentication.oauth.endpoint.client_id_param_name.{n}

Parameter name in which to pass the authentication.oauth.endpoint.client_id.{n} when making a body request for an OAuth2 system token for content from authentication.oauth.endpoint.{n}

authentication.oauth.endpoint.client_secret_param_name.{n}

Parameter name in which to pass the authentication.oauth.endpoint.client_secret.{n} when making a body request for an OAuth2 system token for content from authentication.oauth.endpoint.{n}

authentication.oauth.endpoint.token_endpoint.{n}

Token endpoint URL for requesting an OAuth token for use in retrieving content from authentication.oauth.endpoint.{n}

conformance.contact[n]. ...

The contact details of the parties responsible for this instance. This is a structured property that mirrors the corresponding structure in the Conformance Resource. For example:

conformance.contact[0].name=Jo Smith
conformance.contact[0].telecom[0].system=email
conformance.contact[0].telecom[0].value=sales@acme.com

conformance.contact[1].name=Maria Martinez
conformance.contact[1].telecom[0].system=email
conformance.contact[1].telecom[0].value=technical@acme.com
conformance.contact[1].telecom[1].system=phone
conformance.contact[1].telecom[1].value=+987 6543 2100

conformance.experimental (true)

Experimental status in the Conformance metadata resource.

conformance.implementation.description (Ontoserver, The Australian e-Health Research Centre, CSIRO)

Implementation description text for the Conformance metadata resource.

conformance.operations

Comma-separated list of Operations to allow in the Conformance metadata resource. If empty (the default), then all supported Operations are advertised. *Note*, excluding implemented Operations from the Conformance metadata resource does NOT disable support for them.

conformance.publisher (The Australian e-Health Research Centre, CSIRO)

Publisher text for the Conformance metadata resource.

conformance.resources

Comma-separated list of Resource Types (from ValueSet, CodeSystem, ConceptMap, OperationDefinition) to allow in the Conformance metadata resource. If empty (the default), then all supported Resource Types are advertised. *Note*, excluding implemented Resource Types from the Conformance metadata resource does NOT disable support for them.

conformance.resource.{resourcetype}.elements

{resourcetype} is one of codesystem, conceptmap, or valueset. Set to Interaction to enable explicit configuration of which REST operations are advertised for the specified Resource Type. See conformance.resource.{resourcetype}.interaction for further details. Other elements include Type, Versioning, ReadHistory, SearchParam

conformance.resource.{resourcetype}.interaction

{resourcetype} is one of codesystem, conceptmap, or valueset. Comma-separated list of RESTful interactions that are supported for the specified Resource Type. Valid values include read, vread, update, delete, history-instance, history-type, create, and search-type See https://www.hl7.org/fhir/STU3/capabilitystatement-definitions.html#CapabilityStatement.rest.resource.interaction for more details. *Note*, excluding implemented Interaction types from the CapabilityStatement metadata resource does NOT disable support for them.

conformance.security.authorize

If SMART-on-FHIR is supported, then this is the absolute URL of the (required) Authorize endpoint.

conformance.security.description

A general description of how security works for the Conformance.security.description element.

conformance.security.kinds

Comma-separated list of values for rest.security.service in the CapabilityStatement metadata resource. May be empty or include any of Basic and SMART-on-FHIR only. See https://www.hl7.org/fhir/STU3/capabilitystatement-definitions.html#CapabilityStatement.rest.security.service for more details.

conformance.security.register

If SMART-on-FHIR is supported, then this is the absolute URL of the (optional) Register endpoint.

conformance.security.token

If SMART-on-FHIR is supported, then this is the absolute URL of the (required) Token endpoint.

conformance.status (ACTIVE)

Status in the Conformance metadata resource. Valid values include ACTIVE, DRAFT, and RETIRED.

cors.allowed.headers (X-FHIR-Starter,Origin,Accept,X-Requested-With,Content-Type,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization,Prefer)

Fine-grained CORS support configuration. See https://github.com/ebay/cors-filter#configuring-cors-filter for more details.

cors.allowed.methods (GET,POST,PUT,DELETE,OPTIONS)

Fine-grained CORS support configuration. See https://github.com/ebay/cors-filter#configuring-cors-filter for more details.

cors.allowed.origins (*)

Fine-grained CORS support configuration. See https://github.com/ebay/cors-filter#configuring-cors-filter for more details.

cors.exposed.headers (Location,Content-Location)

Fine-grained CORS support configuration. See https://github.com/ebay/cors-filter#configuring-cors-filter for more details.

cors.logging.enabled (false)

Fine-grained CORS support configuration. See https://github.com/ebay/cors-filter#configuring-cors-filter for more details.

cors.preflight.maxage (300)

Fine-grained CORS support configuration. See https://github.com/ebay/cors-filter#configuring-cors-filter for more details.

cors.support.credentials (true)

Fine-grained CORS support configuration. See https://github.com/ebay/cors-filter#configuring-cors-filter for more details.

language.refset (32570271000036106,900000000000509007)

Comma-separated list of default Language Reference Sets to use for SNOMED CT Preferred Terms. Default value corresponds to the Australian dialect reference set, and then the US English reference set.

language.refset.{moduleId}

Comma-separated list of Language Reference Sets to use for SNOMED CT Preferred Terms for the Edition corresponding to {moduleId}.

ontoserver.cache.queries.maxSizeMB (500)

The maxiumum size of the query cache in MB.

ontoserver.feature.generic-validation-enabled (false)

Set to true to enable type-level $validate for all FHIR Resource types.

ontoserver.formats.extra (html)

Comma-separated list of response content-types to support in addition to the FHIR JSON and XML formats. Acceptable values are:

html - this is intended for a better web-browser experience. The result is an html-formatted page containing the JSON representation of the result.

ontoserver.fhir.base

Base URL for the FHIR API. Set this explicitly if the auto-detected value is wrong (e.g., when your server is sitting behind an API Gateway / Load Balancer / Proxy Server) This affects Conformance.url as well as full URLs in FHIR responses such as Bundle. It also affects the URLs pointing at this server in the downstream syndication feed (if enabled).

ontoserver.fhir.batch.maxPoolSize

Maximum number of threads to handle queued requests from batch operations. Defaults to number of CPUs available.

ontoserver.fhir.batch.queueSize (10000)

Maximum number of queued requests from batch operations.

ontoserver.fhir.closureTable.max (1000)

Maximum number of closure tables that will be maintained. Set to zero to remove explicit limit.

ontoserver.fhir.closureTable.ttl (30)

Maximum length of time that a closure table will be maintained following initialisation. (Time units configured as below.) Set to zero to remove explicit limit.

ontoserver.fhir.closureTable.ttl.units (DAYS)

Units for closure table maximum life. Valid values are as for Java's java.util.concurrent.TimeUnit and include: DAYS, HOURS, MINUTES, and SECONDS.

ontoserver.fhir.max.results (50000)

Maxiumum number of results to return during an $expand

ontoserver.fhir.paging.defaultSize (1000)

Default page size when returning a Bundle.

ontoserver.fhir.paging.maxSize (1000000)

Maximum supported page size when returning a Bundle.

ontoserver.fhir.too.costly.threshold (50000)

If the number of $expand results requested exceeds this value then return a Too Costly error.

ontoserver.profiles.code.system.definition.default (https://healthterminologies.gov.au/fhir/StructureDefinition/complete-code-system-2)

When Resource validation is performed, and the CodeSystem Resource doesn't claim conformance to any specific Profile, then validate against this Profile.

ontoserver.profiles.concept.map.definition.default (https://healthterminologies.gov.au/fhir/StructureDefinition/general-concept-map-2)

When Resource validation is performed, and the ConceptMap Resource doesn't claim conformance to any specific Profile, then validate against this Profile.

ontoserver.profiles.value.set.definition.default (https://healthterminologies.gov.au/fhir/StructureDefinition/composed-value-set-2)

When Resource validation is performed, and the ValueSet Resource doesn't claim conformance to any specific Profile, then validate against this Profile.

ontoserver.profiles.value.set.expansion.default (https://healthterminologies.gov.au/fhir/StructureDefinition/expanded-value-set-2)

Currently unused.

ontoserver.profiles

Comma-separated list of Profiles for Ontoserver to load and have available for validation. Default list includes:

ontoserver.reporting.sourceIdentifierName

The name of the source in AuditEvents generated for Ontoserver's aggregated activity reports.

ontoserver.reporting.endpoints

A comma-separated list of FHIR endpoints to which activity AuditEvents should be sent.

ontoserver.reporting.enabled false

Whether or not Ontoserver should generate activity summaries as AuditEvent resources.

ontoserver.reporting.minimumFrequency 100

Minimum number of occurrences for an expand filter term to appear in Ontoserver's aggregated activity report.

ontoserver.reporting.minimumSearchTermLength 3

Minimum length for an expand filter term to appear in Ontoserver's aggregated activity report.

ontoserver.reporting.topThresholdCountSearchTerms 100

Maximum number of expand filter terms to include in Ontoserver's aggregated activity report.

ontoserver.reporting.minimumCodeSelectionFrequency 5

Minimum number of occurrences for a code selection to appear in Ontoserver's aggregated activity reports.

ontoserver.reporting.minimumCodeSelectionSearchFrequency 3

Minimum number of occurrences for a code selection from a given search term to appear in Ontoserver's aggregated activity reports.

ontoserver.security.enabled (false)

If true, enables role-based security on the various Ontoserver API families. Each of the api, fhir, and synd endpoints has separate READ and WRITE roles.

ontoserver.security.hsts (true)

If false, then the Strict-Transport-Security header will not be sent for HTTPS responses.

ontoserver.security.readOnly.api (false)

If true, and role-based security is enabled, then all users (including unauthenticated users) get minimum of READ access to the api endpoint.

ontoserver.security.readOnly.fhir (false)

If true, and role-based security is enabled, then all users (including unauthenticated users) get minimum of READ access to the fhir endpoint.

ontoserver.security.readOnly.synd (false)

If true, and role-based security is enabled, then all users (including unauthenticated users) get minimum of READ access to the synd endpoint.

ontoserver.security.token.secret

The secret signing key for the JWT tokens that allows Ontoserver to trust the tokens produced by your authorization server. See the Security Configuration page for more detail.

ontoserver.security.verify.certs (true)

If false, turns off checking of SSL certificates.

ontoserver.synd.base

Base URL for the downstream Syndication API. Set this explicitly if the auto-detected value is wrong (e.g., when your server is sitting behind an API Gateway / Load Balancer / Proxy Server) This affects syndication.xml as well as full URLs in for downloading binary indexes (URLs for downloading syndicated FHIR resources are affected by ontoserver.fhir.base.

snomed.default.edition (32506021000036107)

Default SNOMED CT Edition to use when a SNOMED CT version is not supplied. 32506021000036107 corresponds to the Australian Edition of SNOMED CT

server.port (8080)

The port that the server is running on.

server.ssl.keyAlias (ontoserver)

Alias that identifies the key in the key store. For example, ontoserver.

server.ssl.key-password

Password used to access the key within the key store.

server.ssl.key-store (/keystore.p12)

Path to the key store that holds the SSL certificate (typically a p12 or jks file). For example: classpath:ontoserverkeystore.p12.

server.ssl.key-store-password

Password used to access the key store.

server.ssl.keyStoreType (PKCS12)

Type of the key store. For example, PKCS12. Other possible values include JKS, PKCS11 and JCEKS.