Ontoserver

Configuration properties in alphabetical order

Configuration properties for Ontoserver can be used by including them in the (environment) section of the (ontoserver) container, within the (docker-compose.yml) file described here.

atom.preload.feedLocation (file:///data/preload.xml)

Location/s for Atom feeds whose entries will be fetched into Ontoserver on startup. For more information see Preload Configuration.

atom.preload.feedLocation.default (classpath:preload/ontoserver-profiles.xml,classpath:preload/ncts-profiles.xml)

Location/s for Atom feeds whose entries will be fetched into Ontoserver on startup as default resources (this includes default profiles for resources). This parameter should be only modified to deliberately exclude the default profiles. For more information see Preload Configuration.

atom.preload.schedule.cron ()

If set to a valid cron expression, the server will re-execute preload at the schedule specified by the cron expression. If this property is not present the schedule is disabled, which is the default.

Crontab expression are a list of six single space-separated fields: representing second, minute, hour, day, month, weekday. Month and weekday names can be given as the first three letters of the English names.

Example expressions
"0 0 * * * *"	The top of every hour of every day.
"/10 * * * *"	Every ten seconds.
"0 0 8-10 * * *"	8, 9 and 10 o'clock of every day.
"0 0 6,19 * * *"	6:00 AM and 7:00 PM every day.
"0 0/30 8-10 * * *"	8:00, 8:30, 9:00, 9:30, 10:00 and 10:30 every day.
"0 0 9-17 * * MON-FRI"	on the hour nine-to-five weekdays
"0 0 0 25 12 ?"	every Christmas Day at midnight

atom.syndication.disableChecksums (false)

If true, tells Ontoserver not to check that the Syndication feed checksums match when obtaining and processing an entry.

atom.syndication.excludeLength (false)

If true then omit the length attribute from the link elements (for locally generated entries) of the Syndication Feed. If your feed includes large Resources, then this can speed up feed generation time.

atom.syndication.excludeXml (false)

If true, then omit XML versions of locally syndicated FHIR Resources from the downstream feed. If your feed includes large Resources, then this can significantly speed up feed generation time.

atom.syndication.publish.enabled (false)

if true, enables the downstream Syndication endpoint.

atom.syndication.publish.feedTitle (Ontoserver® Syndication Feed)

Title to use for the downstream Syndication feed.

atom.syndication.feedLocation (https://api.healthterminologies.gov.au/syndication/v1/syndication.xml)

Comma-separated list of URI-encoded absolute URLs of the upstream Syndication feeds. By default, this points to the Australian NCTS Syndication Service (note that this service requires credentials). Minimum is that embedded , and % characters in the URLs must be %-encoded

atom.syndication.publish.fhir.enabled (false)

If downstream syndication is also enabled, then true will ensure that all FHIR Terminology Resources are included in the downstream feed, or selected will mean that all resources will be included that have been marked for syndication using /synd/setSyndicationStatus

atom.syndication.publish.fhir.secureSyndicated (false)

Setting this config to true will require SYND_WRITE (in addition to FHIR_WRITE) in order to update or delete a FHIR resource that has been selected for syndication using setSyndicationStatus.

atom.syndication.publish.index.enabled (selected)

If downstream syndication is also enabled, then true will ensure that all CodeSystem binary indexes are included in the downstream feed, or selected will mean that all indexes will be included that have been marked for syndication using /synd/setSyndicationStatus

atom.syndication.republishUpstreamEntries (false)

If true, and atom.syndication.publish.enabled is also enabled, then includes all the upstream Syndication feed entries in the downstream feed.

atom.syndication.republishUpstreamFeeds

If specified, entries from these feeds will be republished instead of entries from atom.syndication.feedLocation. This option is only considered if atom.syndication.publish.enabled and atom.syndication.republishUpstreamEntries are both enabled.

atom.syndication.timeout.ms (16000)

How long to wait before aborting the request for the upstream Syndication feed.

atom.syndication.client.connectTimeout (10000)

Sets the connection timeout for downloading feeds and data from syndication feeds

atom.syndication.client.requestTimeout (10000)

Sets the request timeout for downloading feeds and data from syndication feeds

atom.syndication.client.socketTimeout (10000)

Sets the socket timeout for downloading feeds and data from syndication feeds

atom.validation.feedLocation ()

Location/s for Atom feeds whose StructureDefinition entries may be used to support $validate. By default this is blank and thus no non-local StructureDefinitions will be used for validation.

authentication.basic.endpoint.{n}

Hostname (including protocol, e.g. http:// or https://) for which to provide Basic Auth credentials when requesting content

authentication.basic.endpoint.password.{n}

Basic Auth password for the nth endpoint, as specified in authentication.basic.endpoint.{n}

authentication.basic.endpoint.user.{n}

Basic Auth username for the nth endpoint, as specified in authentication.basic.endpoint.{n}

authentication.oauth.endpoint.{n}

Hostname (including protocol, e.g. http:// or https://) for which to provide OAuth2 credentials when requesting content

authentication.oauth.endpoint.client_id.{n}

OAuth client ID to send when requesting a system token for use in requesting content from authentication.oauth.endpoint.{n}

authentication.oauth.endpoint.client_secret.{n}

Client secret to send when requesting an OAuth2 system token for use in requesting content from authentication.oauth.endpoint.{n}

authentication.oauth.endpoint.scope.{n}

Scope requested when requesting an OAuth2 system token for use in requesting content from authentication.oauth.endpoint.{n}

authentication.oauth.endpoint.strategy.{n}

Strategy (basic_auth or body) to use when requesting an OAuth2 system token for use in requesting content authentication.oauth.endpoint.{n}

authentication.oauth.endpoint.client_id_param_name.{n}

Parameter name in which to pass the authentication.oauth.endpoint.client_id.{n} when making a body request for an OAuth2 system token for content from authentication.oauth.endpoint.{n}

authentication.oauth.endpoint.client_secret_param_name.{n}

Parameter name in which to pass the authentication.oauth.endpoint.client_secret.{n} when making a body request for an OAuth2 system token for content from authentication.oauth.endpoint.{n}

authentication.oauth.endpoint.token_endpoint.{n}

Token endpoint URL for requesting an OAuth token for use in retrieving content from authentication.oauth.endpoint.{n}

conformance.contact[n]. ...

The contact details of the parties responsible for this instance. This is a structured property that mirrors the corresponding structure in the Conformance Resource. For example:

conformance.contact[0].name=Jo Smith
conformance.contact[0].telecom[0].system=email
conformance.contact[0].telecom[0].value=sales@acme.com

conformance.contact[1].name=Maria Martinez
conformance.contact[1].telecom[0].system=email
conformance.contact[1].telecom[0].value=technical@acme.com
conformance.contact[1].telecom[1].system=phone
conformance.contact[1].telecom[1].value=+987 6543 2100

conformance.description (An instance of Ontoserver® implementing the HL7® FHIR® terminology server specification.)

Description text for the Conformance metadata resource.

conformance.experimental (true)

Experimental status in the Conformance metadata resource.

conformance.implementation.description (Ontoserver, The Australian e-Health Research Centre, CSIRO)

Implementation description text for the Conformance metadata resource.

conformance.operations

Comma-separated list of Operations to allow in the Conformance metadata resource. If empty (the default), then all supported Operations are advertised. *Note*, excluding implemented Operations from the Conformance metadata resource does NOT disable support for them.

conformance.publisher (The Australian e-Health Research Centre, CSIRO)

Publisher text for the Conformance metadata resource.

conformance.resources

Comma-separated list of Resource Types (from ValueSet, CodeSystem, ConceptMap, OperationDefinition) to allow in the Conformance metadata resource. If empty (the default), then all supported Resource Types are advertised. *Note*, excluding implemented Resource Types from the Conformance metadata resource does NOT disable support for them.

conformance.resource.{resourcetype}.elements

{resourcetype} is one of codesystem, conceptmap, or valueset. Set to Interaction to enable explicit configuration of which REST operations are advertised for the specified Resource Type. See conformance.resource.{resourcetype}.interaction for further details. Other elements include Type, Versioning, ReadHistory, SearchParam

conformance.resource.{resourcetype}.interaction

{resourcetype} is one of codesystem, conceptmap, or valueset. Comma-separated list of RESTful interactions that are supported for the specified Resource Type. Valid values include read, vread, update, delete, history-instance, history-type, create, and search-type See https://www.hl7.org/fhir/R4/capabilitystatement-definitions.html#CapabilityStatement.rest.resource.interaction for more details. *Note*, excluding implemented Interaction types from the CapabilityStatement metadata resource does NOT disable support for them.

conformance.security.authorize

If SMART-on-FHIR is supported, then this is the absolute URL of the (required) Authorize endpoint.

conformance.security.description

A general description of how security works for the Conformance.security.description element.

conformance.security.kinds

Comma-separated list of values for rest.security.service in the CapabilityStatement metadata resource. May be empty or include any of Basic and SMART-on-FHIR only. See https://www.hl7.org/fhir/R4/capabilitystatement-definitions.html#CapabilityStatement.rest.security.service for more details.

conformance.security.register

If SMART-on-FHIR is supported, then this is the absolute URL of the (optional) Register endpoint.

conformance.security.token

If SMART-on-FHIR is supported, then this is the absolute URL of the (required) Token endpoint.

conformance.status (ACTIVE)

Status in the Conformance metadata resource. Valid values include ACTIVE, DRAFT, and RETIRED.

cors.allowed.headers (X-FHIR-Starter,Origin,Accept,X-Requested-With,Content-Type,Access-Control-Request-Method,Access-Control-Request-Headers,Authorization,Prefer,Pragma,If-Match,If-None-Match)

Fine-grained CORS support configuration. See https://github.com/ebay/cors-filter#configuring-cors-filter for more details.

cors.allowed.methods (GET,POST,PUT,DELETE,PATCH,OPTIONS)

Fine-grained CORS support configuration. See https://github.com/ebay/cors-filter#configuring-cors-filter for more details.

cors.allowed.origins (*)

Fine-grained CORS support configuration. See https://github.com/ebay/cors-filter#configuring-cors-filter for more details.

cors.exposed.headers (Location,Content-Location)

Fine-grained CORS support configuration. See https://github.com/ebay/cors-filter#configuring-cors-filter for more details.

cors.logging.enabled (false)

Fine-grained CORS support configuration. See https://github.com/ebay/cors-filter#configuring-cors-filter for more details.

cors.preflight.maxage (300)

Fine-grained CORS support configuration. See https://github.com/ebay/cors-filter#configuring-cors-filter for more details.

cors.support.credentials (true)

Fine-grained CORS support configuration. See https://github.com/ebay/cors-filter#configuring-cors-filter for more details.

language.refset (32570271000036106,900000000000509007)

Comma-separated list of default Language Reference Sets to use for SNOMED CT Preferred Terms. Default value corresponds to the Australian dialect reference set, and then the US English reference set.

language.refset.{moduleId}

Comma-separated list of Language Reference Sets to use for SNOMED CT Preferred Terms for the Edition corresponding to {moduleId}.

ontoserver.cache.queries.maxSizeMB (500)

The maxiumum size of the query cache in MB.

ontoserver.cluster.name (ontoserver)

The cluster name to use when operating in scaled mode. This is used in the auto-discovery process. Changing this allows for the deployment of independent scaled clusters on the same network.

ontoserver.deployment.readOnly (false)

Operate Ontoserver in readonly mode. All state-modify operations will be rejected other than /synd/redoPreload and /synd/fetchSyndicatedContentEntry. Preload on startup and scheduled preloads are also supported.

ontoserver.deployment.scaled (false)

Operate Ontoserver in scaled mode. This also implies readonly mode regardless of the value of ontoserver.deployment.readOnly. In scaled mode, Ontoserver will auto-discover other instances with the same cluster name.

ontoserver.expand.spellingCorrection.disabled (false)

If set to true, spelling correction will not be attempted for filter terms where the expansion originally returned no results.

ontoserver.feature.adminUI (true)

Whether or not the base URL should do a SMART Launch redirect to OntoCommand (https://ontoserver.csiro.au/ui).

ontoserver.feature.generic-validation-enabled (false)

Set to true to enable type-level $validate for all FHIR Resource types.

ontoserver.feature.identifier-resolition-enabled (false)

Whether or not the identifiers of a ValueSet will be considered when resolving a reference to a ValueSet's URI.

ontoserver.feature.postcoordination (false)

Set to true to enable support for SNOMED CT post-coordinated expressions.

ontoserver.feature.compat.lookupTypedValue (false)

If <true, include old-style parts in $lookup property parts with a part-name of the form value[X] matching the part-value (eg part.name = "valueString").

ontoserver.formats.extra (html,csv,tsv,scsv)

Comma-separated list of response content-types to support in addition to the FHIR JSON and XML formats. Acceptable values are:

html - this is intended for a better web-browser experience. The result is an html-formatted page containing the JSON representation of the result. * csv - this applies only for ValueSet response types. The result is a Comma-Separated Values (CSV) document for ValueSet.expansion.contents. * scsv - this applies only for ValueSet response types. The result is a SemiColon-Separated Values (SCSV) document for ValueSet.expansion.contents. * tsv - this applies only for ValueSet response types. The result is a Tab-Separated Values (TSV) document for ValueSet.expansion.contents.

ontoserver.formats.html.base (https://ontoserver.csiro.au)

Base URL relative to which various image, javascript and CSS assets will be loaded from using the HTML rendering. This would not normally be changed.

ontoserver.formats.html.branding (CSIRO Logo)

HTML-fragment suitable for branding in top-right corner of HTML-formatted responses.

ontoserver.fhir.base

Base URL for the FHIR API. Set this explicitly if the auto-detected value is wrong (e.g., when your server is sitting behind an API Gateway / Load Balancer / Proxy Server) This affects Conformance.url as well as full URLs in FHIR responses such as Bundle. It also affects the URLs pointing at this server in the downstream syndication feed (if enabled).

ontoserver.fhir.batch.addBundle (false)

If set to true then a Collection-typed Bundle that is POSTed to the FHIR root (i.e., as per the transaction/batch operation) will be interpreted as a collection of Resources to be individually added to the server.

ontoserver.fhir.batch.maxPoolSize

Maximum number of threads to handle queued requests from batch operations. Defaults to number of CPUs available.

ontoserver.fhir.batch.queueSize (10000)

Maximum number of queued requests from batch operations.

ontoserver.fhir.closureTable.max (1000)

Maximum number of closure tables that will be maintained. Set to zero to remove explicit limit.

ontoserver.fhir.closureTable.ttl (30)

Maximum length of time that a closure table will be maintained following initialisation. (Time units configured as below.) Set to zero to remove explicit limit.

ontoserver.fhir.closureTable.ttl.units (DAYS)

Units for closure table maximum life. Valid values are as for Java's java.util.concurrent.TimeUnit and include: DAYS, HOURS, MINUTES, and SECONDS.

ontoserver.fhir.max.results (50000)

Maxiumum number of results to return during an $expand.

ontoserver.fhir.paging.defaultSize (1000)

Default page size when returning a Bundle.

ontoserver.fhir.paging.maxSize (1000000)

Maximum supported page size when returning a Bundle.

ontoserver.fhir.too.costly.threshold (50000)

If the number of $expand results requested exceeds this value then return a Too Costly error.

ontoserver.logging.logUser (true)

Include user identity information from requests with Authorization credentials (the user_name field from the JWT token) in request logging.

ontoserver.profiles.code.system.definition.default (https://healthterminologies.gov.au/fhir/StructureDefinition/complete-code-system-4)

When Resource validation is performed, and the CodeSystem Resource doesn't claim conformance to any specific Profile, then validate against this Profile.

ontoserver.profiles.concept.map.definition.default (https://healthterminologies.gov.au/fhir/StructureDefinition/general-concept-map-4)

When Resource validation is performed, and the ConceptMap Resource doesn't claim conformance to any specific Profile, then validate against this Profile.

ontoserver.profiles.value.set.definition.default (https://healthterminologies.gov.au/fhir/StructureDefinition/composed-value-set-4)

When Resource validation is performed, and the ValueSet Resource doesn't claim conformance to any specific Profile, then validate against this Profile.

ontoserver.profiles.value.set.expansion.default (https://healthterminologies.gov.au/fhir/StructureDefinition/expanded-value-set-4)

Currently unused.

ontoserver.reporting.sourceIdentifierName

The name of the source in AuditEvents generated for Ontoserver's aggregated activity reports.

ontoserver.reporting.endpoints

A comma-separated list of FHIR endpoints to which activity AuditEvents should be sent.

ontoserver.reporting.enabled false

Whether or not Ontoserver should generate activity summaries as AuditEvent resources.

ontoserver.reporting.minimumFrequency 100

Minimum number of occurrences for an expand filter term to appear in Ontoserver's aggregated activity report.

ontoserver.reporting.minimumSearchTermLength 3

Minimum length for an expand filter term to appear in Ontoserver's aggregated activity report.

ontoserver.reporting.topThresholdCountSearchTerms 100

Maximum number of expand filter terms to include in Ontoserver's aggregated activity report.

ontoserver.reporting.minimumCodeSelectionFrequency 5

Minimum number of occurrences for a code selection to appear in Ontoserver's aggregated activity reports.

ontoserver.reporting.minimumCodeSelectionSearchFrequency 3

Minimum number of occurrences for a code selection from a given search term to appear in Ontoserver's aggregated activity reports.

ontoserver.search.summary true

Whether Ontoserver should return summary resources (true or unspecified) or complete resources (false) in response to search requests.

ontoserver.security.audience

The audience to use when validating JWT tokens. Particularly useful when one authorisation server/realm with a single signing key is used across multiple Ontoserver instances. In that instance audience validation allows Ontoserver instances to determine whether a presented token (and its contained claims) are intended for that specific Ontoserver instance or not. The default value if not set is blank, which means that the aud claim will not be checked. If set, requests will be rejected if the aud claim of the presented JWT token does not match this value. The usual convention for this value is the base URL or host name of the Ontoserver instance.

ontoserver.security.enabled (false)

If true, enables role-based security on the various Ontoserver API families. Each of the api, fhir, and synd endpoints has separate READ and WRITE roles.

ontoserver.security.hsts (true)

If false, then the Strict-Transport-Security header will not be sent for HTTPS responses.

ontoserver.security.readOnly.api (false)

If true, and role-based security is enabled, then all users (including unauthenticated users) get minimum of READ access to the api endpoint.

ontoserver.security.readOnly.fhir (false)

If true, and role-based security is enabled, then all users (including unauthenticated users) get minimum of READ access to the fhir endpoint.

ontoserver.security.readOnly.synd (false)

If true, and role-based security is enabled, then all users (including unauthenticated users) get minimum of READ access to the synd endpoint.

ontoserver.security.token.secret

The secret signing key for the JWT tokens that allows Ontoserver to trust the tokens produced by your authorization server. See the Security Configuration page for more detail.

ontoserver.security.verify.certs (true)

If false, turns off checking of SSL certificates.

ontoserver.synd.base

Base URL for the downstream Syndication API. Set this explicitly if the auto-detected value is wrong (e.g., when your server is sitting behind an API Gateway / Load Balancer / Proxy Server) This affects syndication.xml as well as full URLs in for downloading binary indexes (URLs for downloading syndicated FHIR resources are affected by ontoserver.fhir.base.

ontoserver.well-known.openid-configuration

URL for openid-configuration details. May be set to point to the openid-configuration endpoint for an OpenID server so that Ontoserver will pass on the contents when .well-known/smart-configuration is requested.

snomed.default.edition (32506021000036107)

Default SNOMED CT Edition to use when a SNOMED CT version is not supplied. 32506021000036107 corresponds to the Australian Edition of SNOMED CT

snomed.implicit.map[n]. ...

Allows specification of metadata to enable SNOMED CT simple map reference sets as FHIR implicit ConceptMaps. To respond to ConceptMap $translate requests FHIR requires relationship types (equivalent, relatedto etc), and a target code system URI in responses. However SNOMED CT's simple map reference set does not include either of these pieces of required information, relying on users of the simple map type reference sets to know these details from documentation or implicitly. Therefore to support implicit ConceptMap $translate operations, Ontoserver provides configuration parameters to supply this information, and if supplied will enable implicit ConceptMap $translate operations for the specified reference set identifier.

Ontoserver includes the following configuration for two simple map type reference sets in its base configuration:

# Implicit maps - CTV3
snomed.implicit.map[0].refset=900000000000497000
snomed.implicit.map[0].equivalence=equivalent
snomed.implicit.map[0].target-column=0
snomed.implicit.map[0].system=http://read.info/ctv3

# Implicit maps - Inactivation indicator
snomed.implicit.map[1].refset=900000000000489007
snomed.implicit.map[1].equivalence=relatedto
snomed.implicit.map[1].target-column=0
snomed.implicit.map[1].system=http://snomed.info/sct

These can serve as templates for adding configuration for additional simple map reference sets. Note that this configuration may only be completely restated starting from index 0, it cannot be appended to starting from index 2. I.e. if adding configuration it must start with snomed.implicit.map[0] and restate the above two sets of configuration if retaining support for these simple map type reference sets is desired.

snomed.refset.fieldNames.{refsetId} ...

Allows specification of metadata to document the additional column fieldNames as used in the RF2 file for the specified reference set. That is, columns 7 and greater.

For example, the following would specify the field names of the SubstanceToSnomedCtauMappingSubstance to SNOMED CT-AU mapping reference set.

snomed.refset.fieldNames.281000036105=mapType,targetSnomedCtSubstance

server.port (8080)

The port that the server is running on.

server.ssl.keyAlias (ontoserver)

Alias that identifies the key in the key store. For example, ontoserver.

server.ssl.key-password

Password used to access the key within the key store.

server.ssl.key-store (/keystore.p12)

Path to the key store that holds the SSL certificate (typically a p12 or jks file). For example: classpath:ontoserverkeystore.p12.

server.ssl.key-store-password

Password used to access the key store.

server.ssl.keyStoreType (PKCS12)

Type of the key store. For example, PKCS12. Other possible values include JKS, PKCS11 and JCEKS.