This How-to Guide shows you how to configure the authorization settings for the Medical Imaging Server for DICOM through Azure. To complete this configuration, you will:
- Update a resource application in Azure AD: This resource application will be a representation of the Medical Imaging Server for DICOM that can be used to authorization and obtain tokens. The application registration will need to be updated to create appRoles.
- Assign the application roles in Azure AD: Client application registrations, users, and groups need to be assigned the roles defined on the application registration.
- Provide configuration to your Medical Imaging Server for DICOM: Once the resource application is updated, you will set the authorization settings of your Medical Imaging Server for DICOM App Service.
- Complete the authentication configuration: Instructions for enabling authentication can be found in the Azure Active Directory Authentication article.
The current authorization settings exposed in configuration are the following:
{
"DicomServer" : {
"Security": {
"Authorization": {
"Enabled": true,
"RolesClaim": "role",
"Roles": [
<DEFINED IN ROLES.JSON>
]
}
}
}
}
Element | Description |
---|---|
Authorization:Enabled | Whether or not the server has any authorization enabled. |
Authorization:RolesClaim | Identifies the jwt claim that contains the assigned roles. This is set automatically by the DevelopmentIdentityProvider . |
Authorization:Roles | The defined roles. The roles are defined via the roles.json . Additional information can be found here |
The instructions for adding app roles to an AAD application can be found in this documentation article. This documentation also optionally shows you how to assign an app role to an application.
The app roles created need to match the name of the roles found in the roles.json
.
This can be accomplished via the Azure Portal or via a PowerShell cmdlet.
- Make sure that you have deployed the
roles.json
to your web application - Update the configuration to have the following two settings
DicomServer:Security:Authorization:Enabled
=true
DicomServer:Security:Authorization:RolesClaim
="role"
In this How-to Guide, you learned how to configure the authorization settings for the Medical Imaging Server for DICOM through Azure.