Configuration properties in alphabetical order
Configuration properties for Ontoserver can be used by including them in the (environment
) section of the (ontoserver
) container, within the (docker-compose.yml
) file described here.
- atom.preload.feedLocation (
file:///data/preload.xml
) - Location/s for Atom feeds whose entries will be fetched into Ontoserver on startup. For more information see Preload Configuration.
- atom.preload.feedLocation.default (
classpath:preload/ontoserver-profiles.xml,classpath:preload/ncts-profiles.xml
) - Location/s for Atom feeds whose entries will be fetched into Ontoserver on startup as default resources (this includes default profiles for resources). This parameter should be only modified to deliberately exclude the default profiles. For more information see Preload Configuration.
- atom.preload.schedule.cron ()
- If set to a valid cron expression, the server will re-execute preload at the schedule specified by the cron expression. If this property is not present the schedule is disabled, which is the default.
Crontab expression are a list of six single space-separated fields: representing second, minute, hour, day, month, weekday. Month and weekday names can be given as the first three letters of the English names.
Example expressions "0 0 * * * *" The top of every hour of every day. "*/10 * * * * *" Every ten seconds. "0 0 8-10 * * *" 8, 9 and 10 o'clock of every day. "0 0 6,19 * * *" 6:00 AM and 7:00 PM every day. "0 0/30 8-10 * * *" 8:00, 8:30, 9:00, 9:30, 10:00 and 10:30 every day. "0 0 9-17 * * MON-FRI" on the hour nine-to-five weekdays "0 0 0 25 12 ?" every Christmas Day at midnight - atom.syndication.disableChecksums (
false
) - If
true
, tells Ontoserver not to check that the Syndication feed checksums match when obtaining and processing an entry. - atom.syndication.excludeLength (
false
) - If true then omit the
length
attribute from the link elements (for locally generated entries) of the Syndication Feed. If your feed includes large Resources, then this can speed up feed generation time. - atom.syndication.excludeXml (
false
) - If true, then omit XML versions of locally syndicated FHIR Resources from the downstream feed. If your feed includes large Resources, then this can significantly speed up feed generation time.
- atom.syndication.publish.enabled (
false
) - if
true
, enables the downstream Syndication endpoint. - atom.syndication.publish.feedTitle (
Ontoserver® Syndication Feed
) - Title to use for the downstream Syndication feed.
- atom.syndication.feedLocation (
https://api.healthterminologies.gov.au/syndication/v1/syndication.xml
) - Comma-separated list of URI-encoded absolute URLs of the upstream Syndication feeds. By default, this points to the Australian NCTS Syndication Service (note that this service requires credentials). Minimum is that embedded
,
and%
characters in the URLs must be %-encoded - atom.syndication.publish.fhir.enabled (
false
) - If downstream syndication is also enabled, then
true
will ensure that all FHIR Terminology Resources are included in the downstream feed, orselected
will mean that all resources will be included that have been marked for syndication using/synd/setSyndicationStatus
- atom.syndication.publish.fhir.secureSyndicated (
false
) -
Setting this config to
true
will require SYND_WRITE (in addition to FHIR_WRITE) in order to update or delete a FHIR resource that has been selected for syndication usingsetSyndicationStatus
. - atom.syndication.publish.index.enabled (
selected
) - If downstream syndication is also enabled, then
true
will ensure that all CodeSystem binary indexes are included in the downstream feed, orselected
will mean that all indexes will be included that have been marked for syndication using/synd/setSyndicationStatus
- atom.syndication.republishUpstreamEntries (
false
) - If
true
, andatom.syndication.publish.enabled
is also enabled, then includes all the upstream Syndication feed entries in the downstream feed. - atom.syndication.republishUpstreamFeeds
- If specified, entries from these feeds will be republished instead of entries from
atom.syndication.feedLocation
. This option is only considered ifatom.syndication.publish.enabled
andatom.syndication.republishUpstreamEntries
are both enabled. - atom.syndication.timeout.ms (
16000
) - How long to wait before aborting the request for the upstream Syndication feed.
- atom.syndication.client.connectTimeout (10000)
- Sets the connection timeout for downloading feeds and data from syndication feeds
- atom.syndication.client.requestTimeout (10000)
- Sets the request timeout for downloading feeds and data from syndication feeds
- atom.syndication.client.socketTimeout (10000)
- Sets the socket timeout for downloading feeds and data from syndication feeds
- atom.validation.feedLocation ()
- Location/s for Atom feeds whose StructureDefinition entries may be used to support
$validate
. By default this is blank and thus no non-local StructureDefinitions will be used for validation. - authentication.basic.endpoint.{n}
- Hostname (including protocol, e.g. http:// or https://) for which to provide Basic Auth credentials when requesting content
- authentication.basic.endpoint.password.{n}
- Basic Auth password for the nth endpoint, as specified in
authentication.basic.endpoint.{n}
- authentication.basic.endpoint.user.{n}
- Basic Auth username for the nth endpoint, as specified in
authentication.basic.endpoint.{n}
- authentication.oauth.endpoint.{n}
- Hostname (including protocol, e.g. http:// or https://) for which to provide OAuth2 credentials when requesting content
- authentication.oauth.endpoint.client_id.{n}
- OAuth client ID to send when requesting a system token for use in requesting content from
authentication.oauth.endpoint.{n}
- authentication.oauth.endpoint.client_secret.{n}
- Client secret to send when requesting an OAuth2 system token for use in requesting content from
authentication.oauth.endpoint.{n}
- authentication.oauth.endpoint.scope.{n}
- Scope requested when requesting an OAuth2 system token for use in requesting content from
authentication.oauth.endpoint.{n}
- authentication.oauth.endpoint.strategy.{n}
- Strategy (
basic_auth
orbody
) to use when requesting an OAuth2 system token for use in requesting contentauthentication.oauth.endpoint.{n}
- authentication.oauth.endpoint.client_id_param_name.{n}
- Parameter name in which to pass the
authentication.oauth.endpoint.client_id.{n}
when making abody
request for an OAuth2 system token for content fromauthentication.oauth.endpoint.{n}
- authentication.oauth.endpoint.client_secret_param_name.{n}
- Parameter name in which to pass the
authentication.oauth.endpoint.client_secret.{n}
when making abody
request for an OAuth2 system token for content fromauthentication.oauth.endpoint.{n}
- authentication.oauth.endpoint.token_endpoint.{n}
- Token endpoint URL for requesting an OAuth token for use in retrieving content from
authentication.oauth.endpoint.{n}
- conformance.contact[n]. ...
- The contact details of the parties responsible for this instance. This is a structured property that mirrors the corresponding structure in the Conformance Resource. For example:
conformance.contact[0].name=Jo Smith conformance.contact[0].telecom[0].system=email conformance.contact[0].telecom[0].value=sales@acme.com conformance.contact[1].name=Maria Martinez conformance.contact[1].telecom[0].system=email conformance.contact[1].telecom[0].value=technical@acme.com conformance.contact[1].telecom[1].system=phone conformance.contact[1].telecom[1].value=+987 6543 2100
- conformance.description (
An instance of Ontoserver® implementing the HL7® FHIR® terminology server specification.
) - Description text for the Conformance metadata resource.
- conformance.experimental (
true
) - Experimental status in the Conformance metadata resource.
- conformance.implementation.description (
Ontoserver, The Australian e-Health Research Centre, CSIRO
) - Implementation description text for the Conformance metadata resource.
- conformance.operations
- Comma-separated list of Operations to allow in the Conformance metadata resource. If empty (the default), then all supported Operations are advertised. *Note*, excluding implemented Operations from the Conformance metadata resource does NOT disable support for them.
- conformance.publisher (
The Australian e-Health Research Centre, CSIRO
) - Publisher text for the Conformance metadata resource.
- conformance.resources
- Comma-separated list of Resource Types (from
ValueSet
,CodeSystem
,ConceptMap
,OperationDefinition
) to allow in the Conformance metadata resource. If empty (the default), then all supported Resource Types are advertised. *Note*, excluding implemented Resource Types from the Conformance metadata resource does NOT disable support for them. - conformance.resource.{resourcetype}.elements
- {resourcetype} is one of
codesystem
,conceptmap
, orvalueset
. Set toInteraction
to enable explicit configuration of which REST operations are advertised for the specified Resource Type. Seeconformance.resource.{resourcetype}.interaction
for further details. Other elements includeType
,Versioning
,ReadHistory
,SearchParam
- conformance.resource.{resourcetype}.interaction
- {resourcetype} is one of
codesystem
,conceptmap
, orvalueset
. Comma-separated list of RESTful interactions that are supported for the specified Resource Type. Valid values includeread
,vread
,update
,delete
,history-instance
,history-type
,create
, andsearch-type
See https://www.hl7.org/fhir/R4/capabilitystatement-definitions.html#CapabilityStatement.rest.resource.interaction for more details. *Note*, excluding implemented Interaction types from the CapabilityStatement metadata resource does NOT disable support for them. - conformance.security.authorize
- If SMART-on-FHIR is supported, then this is the absolute URL of the (required) Authorize endpoint.
- conformance.security.description
- A general description of how security works for the
Conformance.security.description
element. - conformance.security.kinds
- Comma-separated list of values for
rest.security.service
in the CapabilityStatement metadata resource. May be empty or include any ofBasic
andSMART-on-FHIR
only. See https://www.hl7.org/fhir/R4/capabilitystatement-definitions.html#CapabilityStatement.rest.security.service for more details. - conformance.security.register
- If SMART-on-FHIR is supported, then this is the absolute URL of the (optional) Register endpoint.
- conformance.security.token
- If SMART-on-FHIR is supported, then this is the absolute URL of the (required) Token endpoint.
- conformance.status (
ACTIVE
) - Status in the Conformance metadata resource. Valid values include
ACTIVE
,DRAFT
, andRETIRED
. - cors.allowed.headers (
X-FHIR-Starter,Origin,Accept,X-Requested-With,Content-Type,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization,Prefer,Pragma,If-Match,If-None-Match
) - Fine-grained CORS support configuration. See https://github.com/ebay/cors-filter#configuring-cors-filter for more details.
- cors.allowed.methods (
GET,POST,PUT,DELETE,PATCH,OPTIONS
) - Fine-grained CORS support configuration. See https://github.com/ebay/cors-filter#configuring-cors-filter for more details.
- cors.allowed.origins (
*
) - Fine-grained CORS support configuration. See https://github.com/ebay/cors-filter#configuring-cors-filter for more details.
- cors.exposed.headers (
Location,Content-Location
) - Fine-grained CORS support configuration. See https://github.com/ebay/cors-filter#configuring-cors-filter for more details.
- cors.logging.enabled (
false
) - Fine-grained CORS support configuration. See https://github.com/ebay/cors-filter#configuring-cors-filter for more details.
- cors.preflight.maxage (
300
) - Fine-grained CORS support configuration. See https://github.com/ebay/cors-filter#configuring-cors-filter for more details.
- cors.support.credentials (
true
) - Fine-grained CORS support configuration. See https://github.com/ebay/cors-filter#configuring-cors-filter for more details.
- language.refset (
32570271000036106,900000000000509007
) - Comma-separated list of default Language Reference Sets to use for SNOMED CT Preferred Terms. Default value corresponds to the Australian dialect reference set, and then the US English reference set.
- language.refset.{moduleId}
- Comma-separated list of Language Reference Sets to use for SNOMED CT Preferred Terms for the Edition corresponding to {moduleId}.
- ontoserver.cache.queries.maxSizeMB (
500
) - The maxiumum size of the query cache in MB.
- ontoserver.cluster.name (
ontoserver
) - The cluster name to use when operating in scaled mode. This is used in the auto-discovery process. Changing this allows for the deployment of independent scaled clusters on the same network.
- ontoserver.deployment.readOnly (
false
) - Operate Ontoserver in readonly mode. All state-modify operations will be rejected other than
/synd/redoPreload
and/synd/fetchSyndicatedContentEntry
. Preload on startup and scheduled preloads are also supported. - ontoserver.deployment.scaled (
false
) - Operate Ontoserver in scaled mode. This also implies readonly mode regardless of the value of
ontoserver.deployment.readOnly
. In scaled mode, Ontoserver will auto-discover other instances with the same cluster name. - ontoserver.expand.spellingCorrection.disabled (
false
) - If set to
true
, spelling correction will not be attempted forfilter
terms where the expansion originally returned no results. - ontoserver.feature.identifier-resolition-enabled (
false
) - Whether or not the identifiers of a ValueSet will be considered when resolving a reference to a ValueSet's URI.
- ontoserver.feature.adminUI (
true
) - Whether or not the base URL should do a SMART Launch redirect to OntoCommand (https://ontoserver.csiro.au/ui).
- ontoserver.feature.generic-validation-enabled (
false
) - Set to true to enable type-level
$validate
for all FHIR Resource types. - ontoserver.feature.postcoordination (
false
) - Set to true to enable support for SNOMED CT post-coordinated expressions.
- ontoserver.formats.extra (
html,csv,tsv,scsv
) - Comma-separated list of response content-types to support in addition to the FHIR JSON and XML formats. Acceptable values are:
html
- this is intended for a better web-browser experience. The result is an html-formatted page containing the JSON representation of the result. *csv
- this applies only for ValueSet response types. The result is a Comma-Separated Values (CSV) document forValueSet.expansion.contents
. *scsv
- this applies only for ValueSet response types. The result is a SemiColon-Separated Values (SCSV) document forValueSet.expansion.contents
. *tsv
- this applies only for ValueSet response types. The result is a Tab-Separated Values (TSV) document forValueSet.expansion.contents
.
- ontoserver.formats.html.base (
https://ontoserver.csiro.au
) - Base URL relative to which various image, javascript and CSS assets will be loaded from using the HTML rendering. This would not normally be changed.
- ontoserver.formats.html.branding (
CSIRO Logo
) - HTML-fragment suitable for branding in top-right corner of HTML-formatted responses.
- ontoserver.fhir.base
- Base URL for the FHIR API. Set this explicitly if the auto-detected value is wrong (e.g., when your server is sitting behind an API Gateway / Load Balancer / Proxy Server) This affects Conformance.url as well as full URLs in FHIR responses such as Bundle. It also affects the URLs pointing at this server in the downstream syndication feed (if enabled).
- ontoserver.fhir.batch.addBundle (
false
) - If set to
true
then a Collection-typed Bundle that is POSTed to the FHIR root (i.e., as per the transaction/batch operation) will be interpreted as a collection of Resources to be individually added to the server. - ontoserver.fhir.batch.maxPoolSize
- Maximum number of threads to handle queued requests from batch operations. Defaults to number of CPUs available.
- ontoserver.fhir.batch.queueSize (
10000
) - Maximum number of queued requests from batch operations.
- ontoserver.fhir.closureTable.max (
1000
) - Maximum number of closure tables that will be maintained. Set to zero to remove explicit limit.
- ontoserver.fhir.closureTable.ttl (
30
) - Maximum length of time that a closure table will be maintained following initialisation. (Time units configured as below.) Set to zero to remove explicit limit.
- ontoserver.fhir.closureTable.ttl.units (
DAYS
) - Units for closure table maximum life. Valid values are as for Java's
java.util.concurrent.TimeUnit
and include:DAYS
,HOURS
,MINUTES
, andSECONDS
. - ontoserver.fhir.max.results (
50000
) - Maxiumum number of results to return during an
$expand
. - ontoserver.fhir.paging.defaultSize (
1000
) - Default page size when returning a Bundle.
- ontoserver.fhir.paging.maxSize (
1000000
) - Maximum supported page size when returning a Bundle.
- ontoserver.fhir.too.costly.threshold (
50000
) - If the number of
$expand
results requested exceeds this value then return a Too Costly error. - ontoserver.logging.logUser (
true
) - Include user identity information from requests with Authorization credentials (the
user_name
field from the JWT token) in request logging. - ontoserver.profiles.code.system.definition.default (
https://healthterminologies.gov.au/fhir/StructureDefinition/complete-code-system-4
) - When Resource validation is performed, and the CodeSystem Resource doesn't claim conformance to any specific Profile, then validate against this Profile.
- ontoserver.profiles.concept.map.definition.default (
https://healthterminologies.gov.au/fhir/StructureDefinition/general-concept-map-4
) - When Resource validation is performed, and the ConceptMap Resource doesn't claim conformance to any specific Profile, then validate against this Profile.
- ontoserver.profiles.value.set.definition.default (
https://healthterminologies.gov.au/fhir/StructureDefinition/composed-value-set-4
) - When Resource validation is performed, and the ValueSet Resource doesn't claim conformance to any specific Profile, then validate against this Profile.
- ontoserver.profiles.value.set.expansion.default (
https://healthterminologies.gov.au/fhir/StructureDefinition/expanded-value-set-4
) - Currently unused.
- ontoserver.reporting.sourceIdentifierName
- The name of the source in AuditEvents generated for Ontoserver's aggregated activity reports.
- ontoserver.reporting.endpoints
- A comma-separated list of FHIR endpoints to which activity AuditEvents should be sent.
- ontoserver.reporting.enabled
false
- Whether or not Ontoserver should generate activity summaries as AuditEvent resources.
- ontoserver.reporting.minimumFrequency
100
- Minimum number of occurrences for an expand filter term to appear in Ontoserver's aggregated activity report.
- ontoserver.reporting.minimumSearchTermLength
3
- Minimum length for an expand filter term to appear in Ontoserver's aggregated activity report.
- ontoserver.reporting.topThresholdCountSearchTerms
100
- Maximum number of expand filter terms to include in Ontoserver's aggregated activity report.
- ontoserver.reporting.minimumCodeSelectionFrequency
5
- Minimum number of occurrences for a code selection to appear in Ontoserver's aggregated activity reports.
- ontoserver.reporting.minimumCodeSelectionSearchFrequency
3
- Minimum number of occurrences for a code selection from a given search term to appear in Ontoserver's aggregated activity reports.
- ontoserver.search.summary
true
- Whether Ontoserver should return summary resources (true or unspecified) or complete resources (false) in response to search requests.
- ontoserver.security.audience
- The audience to use when validating JWT tokens. Particularly useful when one authorisation server/realm with a single signing key is used across multiple Ontoserver instances. In that instance audience validation allows Ontoserver instances to determine whether a presented token (and its contained claims) are intended for that specific Ontoserver instance or not. The default value if not set is blank, which means that the
aud
claim will not be checked. If set, requests will be rejected if theaud
claim of the presented JWT token does not match this value. The usual convention for this value is the base URL or host name of the Ontoserver instance. - ontoserver.security.enabled (
false
) - If
true
, enables role-based security on the various Ontoserver API families. Each of the api, fhir, and synd endpoints has separate READ and WRITE roles. - ontoserver.security.hsts (
true
) - If
false
, then theStrict-Transport-Security
header will not be sent for HTTPS responses. - ontoserver.security.readOnly.api (
false
) - If
true
, and role-based security is enabled, then all users (including unauthenticated users) get minimum of READ access to the api endpoint. - ontoserver.security.readOnly.fhir (
false
) - If
true
, and role-based security is enabled, then all users (including unauthenticated users) get minimum of READ access to the fhir endpoint. - ontoserver.security.readOnly.synd (
false
) - If
true
, and role-based security is enabled, then all users (including unauthenticated users) get minimum of READ access to the synd endpoint. - ontoserver.security.token.secret
- The secret signing key for the JWT tokens that allows Ontoserver to trust the tokens produced by your authorization server. See the Security Configuration page for more detail.
- ontoserver.security.verify.certs (
true
) - If
false
, turns off checking of SSL certificates. - ontoserver.synd.base
- Base URL for the downstream Syndication API. Set this explicitly if the auto-detected value is wrong (e.g., when your server is sitting behind an API Gateway / Load Balancer / Proxy Server) This affects syndication.xml as well as full URLs in for downloading binary indexes (URLs for downloading syndicated FHIR resources are affected by
ontoserver.fhir.base
. - ontoserver.well-known.openid-configuration
- URL for openid-configuration details. May be set to point to the openid-configuration endpoint for an OpenID server so that Ontoserver will pass on the contents when
.well-known/smart-configuration
is requested. - snomed.default.edition (
32506021000036107
) - Default SNOMED CT Edition to use when a SNOMED CT version is not supplied.
32506021000036107
corresponds to the Australian Edition of SNOMED CT - snomed.implicit.map[n]. ...
- Allows specification of metadata to enable SNOMED CT simple map reference sets as FHIR implicit ConceptMaps. To respond to ConceptMap
$translate
requests FHIR requires relationship types (equivalent, relatedto etc), and a target code system URI in responses. However SNOMED CT's simple map reference set does not include either of these pieces of required information, relying on users of the simple map type reference sets to know these details from documentation or implicitly. Therefore to support implicit ConceptMap$translate
operations, Ontoserver provides configuration parameters to supply this information, and if supplied will enable implicit ConceptMap$translate
operations for the specified reference set identifier.Ontoserver includes the following configuration for two simple map type reference sets in its base configuration:
# Implicit maps - CTV3 snomed.implicit.map[0].refset=900000000000497000 snomed.implicit.map[0].equivalence=equivalent snomed.implicit.map[0].target-column=0 snomed.implicit.map[0].system=http://read.info/ctv3 # Implicit maps - Inactivation indicator snomed.implicit.map[1].refset=900000000000489007 snomed.implicit.map[1].equivalence=relatedto snomed.implicit.map[1].target-column=0 snomed.implicit.map[1].system=http://snomed.info/sct
These can serve as templates for adding configuration for additional simple map reference sets. Note that this configuration may only be completely restated starting from index 0, it cannot be appended to starting from index 2. I.e. if adding configuration it must start with
snomed.implicit.map[0]
and restate the above two sets of configuration if retaining support for these simple map type reference sets is desired. - snomed.refset.fieldNames.{refsetId} ...
- Allows specification of metadata to document the additional column fieldNames as used in the RF2 file for the specified reference set. That is, columns 7 and greater.
For example, the following would specify the field names of the
SubstanceToSnomedCtauMappingSubstance to SNOMED CT-AU mapping
reference set.snomed.refset.fieldNames.281000036105=mapType,targetSnomedCtSubstance
- server.port (
8080
) - The port that the server is running on.
- server.ssl.keyAlias (
ontoserver
) - Alias that identifies the key in the key store. For example,
ontoserver
. - server.ssl.key-password
- Password used to access the key within the key store.
- server.ssl.key-store (
/keystore.p12
) - Path to the key store that holds the SSL certificate (typically a p12 or jks file). For example:
classpath:ontoserverkeystore.p12
. - server.ssl.key-store-password
- Password used to access the key store.
- server.ssl.keyStoreType (
PKCS12
) - Type of the key store. For example,
PKCS12
. Other possible values includeJKS
,PKCS11
andJCEKS
.