Additional settings for Azure API for FHIR
In this how-to guide, we will review the additional settings you may want to set in your Azure API for FHIR. There are additional pages that drill into even more details.
Configure Database settings
Azure API for FHIR uses database to store its data. Performance of the underlying database depends on the number of Request Units (RU) selected during service provisioning or in database settings after the service has been provisioned.
Throughput must be provisioned to ensure that sufficient system resources are available for your database at all times. How many RUs you need for your application depends on operations you perform. Operations can range from simple read and writes to more complex queries.
For more information on how to change the default settings, see configure database settings.
The Azure API for FHIR will only allow authorized users to access the FHIR API. You can configure authorized users through two different mechanisms. The primary and recommended way to configure access control is using Azure role-based access control (Azure RBAC), which is accessible through the Access control (IAM) blade. Azure RBAC only works if you want to secure data plane access using the Azure Active Directory tenant associated with your subscription. If you wish to use a different tenant, the Azure API for FHIR offers a local FHIR data plane access control mechanism. The configuration options are not as rich when using the local RBAC mechanism. For details, choose one of the following options:
- Azure RBAC for FHIR data plane. This is the preferred option when you are using the Azure Active Directory tenant associated with your subscription.
- Local FHIR data plane access control. Use this option only when you need to use an external Azure Active Directory tenant for data plane access control.
Enable diagnostic logging
You may want to enable diagnostic logging as part of your setup to be able to monitor your service and have accurate reporting for compliance purposes. For details on how to set up diagnostic logging, see our how-to-guide on how to set up diagnostic logging, along with some sample queries.
Use custom headers to add data to audit logs
In the Azure API for FHIR, you may want to include additional information in the logs, which comes from the calling system. To do including this information, you can use custom headers.
You can use custom headers to capture several types of information. For example:
- Identity or authorization information
- Origin of the caller
- Originating organization
- Client system details (electronic health record, patient portal)
To add this data to your audit logs, see the Use Custom HTTP headers to add data to Audit Logs how-to-guide.
In this how-to guide, you set up additional settings for the Azure API for FHIR.
Next check out the series of tutorials to create a web application that reads FHIR data.