Test 3: Trusted dynamic client registration

After clicking Start, the client application retrieves metadata from the following FHIR server and performs UDAP Trusted Dynamic Client registration at its registration endpoint by submitting a software statement signed with the private key corresponding to the app's UDAP test certificate.

FHIR Base URL: https://test.udap.org/fhir/r4/stage

Test 5: Client Authentication using client_secret (authorization code flow)

After clicking Start, the client application redirects the user's agent to the authorization endpoint for the following FHIR server using the client_id obtained during manual registration, then exchanges the authorization code for an access token using the client_secret obtained during manual registration. Note: This test covers only basic OAuth 2.0 functionality for authorization code flow for apps that do not yet support UDAP Dynamic Client Registration or UDAP JWT-Based Client Authentication. If you do not already have a client_id and client_secret, click here to manually register your app.

FHIR Base URL: https://test.udap.org/fhir/r4/stage
Sign In Username: udapuser
Sign In Password: udapudap

Test 7: JWT-Based Client Authentication (authorization code flow)

After clicking Start, the client application redirects the user's agent to the authorization endpoint for the following FHIR server using the client_id obtained in Test 3, then exchanges the authorization code for an access token per UDAP JWT-Based Client Authentication by submitting an Authentication Token signed with the private key corresponding to the app's UDAP test certificate.

FHIR Base URL: https://test.udap.org/fhir/r4/stage
Sign In Username: udapuser
Sign In Password: udapudap

Test 9: JWT-Based Client Authentication (client credentials flow)

FHIR Base URL: https://test.udap.org/fhir/r4/stage

Test 16: Trusted Dynamic Client Registration

After clicking Start, the Test Tool retrieves metadata from the FHIR server entered above and attempts UDAP Trusted Dynamic Client registration at the identified registration endpoint by submitting a software statement signed with the private key corresponding to the Test Tool's UDAP test certificate. The Test Tool also attempts registration with various invalid or untrusted software statements to confirm these are rejected by the server.

Test 18: Client Authentication (Authorization Code Flow)

After clicking Start, the Test Tool retrieves metadata from the FHIR server entered above and performs UDAP DCR to obtain a client_id for use with the authorization code flow. If a client_id is obtained, the Test Tool makes various invalid requests to the authorization endpoint before initiating a valid authorization request in a new browser window. After the user completes the sign-in and authorization in the new window, the Authorization Server should redirect the user agent back to the redirection URI with a valid authorization code. The Test Tool will then attempt to exchange the code for an access token as per the UDAP JWT-Based Client Authentication profile.

Test 20: Client Authentication (Client Credentials Flow)

After clicking Start, the Test Tool retrieves metadata from the FHIR server entered above and performs UDAP DCR to obtain a client_id for use with the client credentials flow. If a client_id is obtained, the Test Tool makes various invalid requests to the token endpoint before making a valid token request as per the UDAP JWT-Based Client Authentication profile.