Broken LinksNotebooks
# Table of contents
Aidbox FHIR platform documentation
Getting Started
Tutorials
CRUD, Search Tutorials
Bulk API Tutorials
Security & Access Control Tutorials
RBAC
Terminology Tutorials
Validation Tutorials
Upload FHIR Implementation Guide
Aidbox UI
Integration Toolkit Tutorials
Other tutorials
## Overview
Aidbox user portal
Aidbox UI
## Configuration
## API
REST API
CRUD
Search
Custom Search Parameter
SearchParameter types
Search parameters list
Other
Other
Bulk API
Other APIs
Plan API
Provider Directory API
Archive/Restore API
## Modules
Profiling and validation
FHIR Schema Validator
Security & Access Control
Authentication
Access to AidboxUI
External identity providers
Authentication Flows
Access Control
Attribute-based Access Control (ABAC)
Label-based Access Control
SMART on FHIR
SMART Client Authorization
SMART Client Authentication
SMART (deprecated)
SMART on FHIR
Multitenancy
Patient data access API
Audit
Technical reference
Observability
Getting started
Logs
How-to guides
Tutorials
Technical reference
Metrics
How-to guides
Technical reference
Traces
Subscriptions
Aidbox topic-based subscriptions
Aidbox Forms
Aidbox UI Builder
Form creation
How-to guides
Printing forms
Embedding
Aidbox Code Editor (deprecated)
Define extensions
Custom Resources
Migrate to FHIR Schema
Aidbox terminology module
Concept
ValueSet
CodeSystem
Import external terminologies
SQL on FHIR
Integration toolkit
C-CDA / FHIR Converter
List of supported templates
HL7 v2 Integration
Analytics
Email Providers integration
SMARTbox | FHIR API for EHRs
Get started
The B11 Decision Support Interventions
How-to guides
Background information
Other modules
MDM
## Storage
AidboxDB
Other
S3-compatible storages
## Deployment and maintenance
Deploy Aidbox
Run Aidbox on Kubernetes
Backup and Restore
Indexes
## App development
Aidbox SDK
## Reference
Settings reference
Environment variables
Email Providers reference
Aidbox Forms reference
## Deprecated
Deprecated
Zen-related
RPC reference
aidbox
mdm
Aidbox configuration project
Aidbox Configuration project reference
US Core IG
Workflow Engine
Task
Workflow
FHIR conformance Deprecated guides
How to enable US Core IG
Terminology Deprecated Tutorials
zen-lang validator
FHIR topic-based subscriptions
API Reference
🏗️ FHIR Terminology Repository
Create an FTR instance
Entity / Attribute
Other
App Development Deprecated Tutorials
Receive logs from your app
Other Deprecated Tutorials

Audit Logging in Forms

Overview

Audit Logging is central part for system observability - providing the ability to track and monitor system activity for security, compliance, and operational insights. Through audit logging, administrators can review actions performed within the system, identify potential issues, and ensure that operations comply with relevant regulations.

Audit Logging in Aidbox

Aidbox supports Audit Logging and acts as Audit Record repository. Audit Logging disabled by default and should be enabled via configuration.

Audit Logging in Aidbox Forms Module

The Aidbox Forms module is a critical component for capturing information. This module also supports Audit Logging to capture and review user interactions and system events related to form construction and usage. Audit Logging in Forms module will be enabled at the same time as in Aidbox.

Logged Events

In addition to Aidbox's default events for CRUD operations on

  • Questionnaire
  • QuestionnaireResponse

Aidbox Forms module records additional ones

  • populateLogs what form was populated with data, including the patient related to response
  • populatelinkRecords a form name that was populated and the response saved as a result
  • generateformtokenTracks token creation for anonimous access to response
  • generateformlinkRecords link creation for anonimous access to response
  • updateresponseTracks modifications made to existing responses,
  • amendresponseRecords response amendemnt, including the user amended the form
  • submitresponseCaptures details of form submissions, including the user submitting the form
  • assembleformLogs whenever a complex form is assembled, including user and timestamp

Events Customization

There are 2 customization options accessible for the user:

  • usertokenJWT token, for loggedin user (not anonimous)
  • appnameapplication name in which forms are embedded

user-token

user-token - JWT token from external identity provider, which will be used for authorization in Aidbox Forms and AuditLogging.

by default anonimous user is used when someone use links generated by generate-link/populatelink operations.

Example

yaml
POST /fhir/Questionnaire/[id]/$populatelink
content-type: text/yaml
accept: text/yaml

resourceType: Parameters
parameter:
- name: subject
  valueReference:
    reference: Patient/pt-1
- name: app-name
  valueString: forms-app

For using user-token you should setup TokenIntrospector or External identity providers for validating this token.

User from token will be used in AuditEvent as

yaml
agent:
  - who:
      type:
        coding:
          - system: "urn:system:aidbox"
            code: "external-user-id"
            display: "External User ID"
      identifier:
        system: iss
        value: sub

iss - identity provider identifiers (Auth 2.0 / OpenID) sub - user identifier in provider (Auth 2.0 / OpenID)

app-name

Application name in which forms are embedded - this is usefull when someone wants to embed forms in several applications and want to identify application from which user filling the form

This is can be done via adding app-name parameter to populate-link / generate-link operations

Example

yaml
POST /fhir/Questionnaire/[id]/$populatelink
content-type: text/yaml
accept: text/yaml

resourceType: Parameters
parameter:
- name: subject
  valueReference:
    reference: Patient/pt-1
- name: app-name
  valueString: forms-app