Is there a way to create a .well-known endpoint for APIGEE?

I'm trying to use APIGEE as my authorisation server as an example shown, how would I set up the .well-known/smart-configuration endpoint? I already have an app and an api for google healthcare FHIR server.

3 3 114

Yes - that is the Health APIX accelerator.  It is available through services engagements from partners. In one of my prior replies I gave a link to one of the services providers that does this work (SoftServe). 

Would Okta work as an authorization server that can do the same?

Okta will act as an Open ID Connect provider, and will expose a "well known endpoint" for OpenID Connect. This is not the same as a well known endpoint that can be used to support FHIR Smart Launch. 

"well known endpoint", is a generic term that describes an HTTP accessible endpoint that returns configuration information - see Wikipedia. Or, IETF RFC 8615 which defines "Well known URI".   The information domain can be "anything", and there are many kinds of well-known endpoints.  for example,  

  • OpenID Connect defines a discovery format, and a well-known endpoint supporting OpenID Connect must deliver a payload that conforms to that specification. 
  • FHIR defines a different format for the configuration information supporting Smart Launch, and a well-known endpoint for FHIR Smart launch must deliver a payload that conforms to THAT specification.
  • Alsoin the domain of Oauth2.0 or  OpenID Connect, but different than the OpenID Connect discovery document, a well-known endpoint os often used to deliver public keys in JWKS format.
  • There's a WKE for the ACME protocol.
  • There's a WKE for Apple Pay.  

 So, Okta will not help you directly with FHIR Smart Launch.