You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/healthcare-apis/configure-azure-rbac.md
+3-3Lines changed: 3 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -16,19 +16,19 @@ In this article, you will learn how to use [Azure Role Based Access Control (RBA
16
16
17
17
To use Azure RBAC, your Azure API for FHIR must be configured to use your Azure subscription tenant for data plane and there should be no assigned identity object IDs. You can verify your settings by inspecting the **Authentication** blade of your Azure API for FHIR:
The **Authority** should be set to the Azure Active directory tenant associated with your subscription and there should be no GUIDs in the box labeled **Allowed object IDs**. You will also notice that the box is disabled and a label indicates that Azure RBAC should be used to assign data plane roles.
22
22
23
23
## Assign roles
24
24
25
25
To grant users, service principals or groups access to the FHIR data plane, click **Access control (IAM)**, then click **Role assignments** and click **+ Add**:
26
26
27
-
27
+
:::image type="content" source="media/rbac/add-azure-rbac-role-assignment.png" alt-text="Add Azure RBAC role assignment":::
28
28
29
29
In the **Role** selection, search for one of the built-in roles for the FHIR data plane:
30
30
31
-
31
+
:::image type="content" source="media/rbac/built-in-fhir-data-roles.png" alt-text="Built-in FHIR data roles":::
Copy file name to clipboardExpand all lines: articles/healthcare-apis/fhir-paas-portal-quickstart.md
+5-5Lines changed: 5 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -26,29 +26,29 @@ Open the [Azure portal](https://portal.azure.com) and click **Create a resource*
26
26
27
27
You can find Azure API for FHIR by typing "FHIR" into the search box:
28
28
29
-
29
+
:::image type="content" source="media/quickstart-paas-portal/portal-search-healthcare-apis.png" alt-text="Search for Healthcare APIs":::
30
30
31
31
## Create Azure API for FHIR account
32
32
33
33
Select **Create** to create a new Azure API for FHIR account:
34
34
35
-
35
+
:::image type="content" source="media/quickstart-paas-portal/portal-create-healthcare-apis.png" alt-text="Create Azure API for FHIR account":::
36
36
37
37
## Enter account details
38
38
39
39
Select an existing resource group or create a new one, choose a name for the account, and finally click **Review + create**:
40
40
41
-
41
+
:::image type="content" source="media/quickstart-paas-portal/portal-new-healthcareapi-details.png" alt-text="New healthcare api details":::
42
42
43
43
Confirm creation and await FHIR API deployment.
44
44
45
45
## Additional settings (optional)
46
46
47
47
You can also click **Next: Additional settings** to view the authentication settings. The default configuration for the Azure API for FHIR is to [use Azure RBAC for assigning data plane roles](configure-azure-rbac.md). When configured in this mode, the "Authority" for the FHIR service will be set to the Azure Active Directory tenant of the subscription:
Notice that the box for entering allowed object IDs is greyed, since we use Azure RBAC for configuring role assignments in this case.
51
+
Notice that the box for entering allowed object IDs is grayed out, since we use Azure RBAC for configuring role assignments in this case.
52
52
53
53
If you wish to configure the FHIR service to use an external or secondary Azure Active Directory tenant, you can change the Authority and enter object IDs for user and groups that should be allowed access to the server. For more information, see the [local RBAC configuration](configure-local-rbac.md) guide.
0 commit comments