Admin UI (front-end)
The administrative front-end UI service
Service Angular 8066:80 CPU: 50m-500m RAM: 256Mi-1Gi
Overview
The Admin UI is an Angular-based front-end application that provides a comprehensive interface for managing the Link platform, configuring tenants, and monitoring report generation and submission workflows.
System-wide Functionality
- User Management: Allows administrators to manage user accounts, including creation, editing, and deletion. Currently, the system supports a single “admin” role for platform-wide access.
- Measure Management: Upload and manage FHIR-based measure definitions. Administrators can upload measure bundles in JSON format and explore related artifacts.
- Validation Profile (IG) Management: Supports the management of FHIR Implementation Guides (IGs). Administrators can upload IGs as
.tgzpackages and view their terminology dependencies and package details. - Terminology Management: Allows for viewing and filtering terminology resources, such as CodeSystems and ValueSets, that are utilized by the platform’s terminology service.
- Integration Testing Support: Offers tools to initiate and track integration tests, enabling administrators to validate service connectivity and workflow correctness within the environment.
Tenant Configuration
- Basic Configuration: Administrators can define tenant-specific settings, including Facility IDs, names, and timezones.
- Census Scheduling and Acquisition Methods: Supports configuring how patient census data is acquired, including defining schedules and enabling/disabling automated census retrieval.
- Measure Association & Scheduling: Enables associating specific measures with a tenant and configuring automated reporting schedules (Daily, Weekly, or Monthly cadences).
- Data Sources & Acquisition:
- FHIR Query Config: Configuration of FHIR-based data acquisition parameters.
- FHIR List Config: Management of patient list-based acquisition settings.
- Query Plans: Definition and management of query plans used to retrieve clinical data from data sources.
- Normalization Operations: Configuration of transformation rules and operations applied to data during the normalization phase.
Tenant & Report Viewing
- Tenant Dashboard: Provides a high-level view of a tenant’s configuration and a list of all reports generated for that tenant.
- Report Details:
- Report Summary: Visual representation of report status using donut charts for Measure IP counts, Reporting Status, and Submission Status.
- Patient List: A detailed table of all patients included in a report, showing individual reporting and submission statuses.
- Pre-qualification (Validation): Detailed access to validation results, categorized by issue type (e.g., missing profiles or terminology warnings), allowing for quick identification of data quality issues.
- Report Downloading: Enables download of generated report packages for manual delivery, archival, or verification once a report has been submitted.
Data Acquisition Log Analysis
- Log Access: Integration with data acquisition logs allows administrators to analyze acquisition statistics and troubleshoot data retrieval issues directly from the report view.
- Analysis Tools: Provides insights into the success and failure rates of data acquisition steps for a given report.
Generating Adhoc Reports
- On-demand Generation: Allows administrators to manually trigger report generation for a specific facility, reporting period, and set of measures.
- Patient Scoping: Supports restricting adhoc reports to a specific cohort by manually entering patient IDs or uploading a CSV file of patient identifiers.
- Submission Control: Includes an option to bypass automatic submission, enabling administrators to generate and review reports before they are sent to external entities.
Volumes
| Volume | Mount Path | Sub-path |
|---|---|---|
| Azure Storage Account | /usr/share/nginx/html/assets/app.config.local.json | app.config.local.json |
Configuration
An app.config.local.json file is used to configure the Admin UI service at deployment time, overriding the defaults in app.config.json.
{ "baseApiUrl": "<ADMIN-BFF-BASE-URL>/api", "authRequired": true, "oauth2": { "enabled": true, "issuer": "...", "clientId": "...", "scope": "openid profile email", "responseType": "code" }}This configuration file can be customized at deployment time and mounted in the /assets folder, or it can be overridden by ENV variables in a docker deployment.
Authentication
The Admin UI supports authentication using:
- OAuth2 via an identity provider (e.g., Azure AD, Keycloak), enabling secure login with centralized identity and access management.
- Token Generation via AdminBFF /api/login, which provides session tokens for downstream API access when deployed in a simplified or standalone context.
Environment Variables
| ENV variable | JSON Property | Description | Default Value | Required |
|---|---|---|---|---|
| LINK_BASE_API_URL | baseApiUrl | The base URL for the Admin BFF API. | http://localhost | Yes |
| LINK_AUTH_REQUIRED | authRequired | Indicates whether authentication is required for the Admin UI. | true | Yes |
| LINK_OAUTH2_ENABLED | oauth2.enabled | Indicates whether OAuth2 authentication is enabled. | false | Yes |
| LINK_OAUTH2_ISSUER | oauth2.issuer | The issuer URL for the OAuth2 provider. | null | If oauth2 enabled |
| LINK_OAUTH2_CLIENT_ID | oauth2.clientId | The client ID for the OAuth2 application. | null | If oauth2 enabled |
| LINK_OAUTH2_SCOPE | oauth2.scope | The scope for the OAuth2 application. | openid profile email | If oauth2 enabled |
| LINK_OAUTH2_RESPONSE_TYPE | oauth2.responseType | The response type for the OAuth2 application. | code | If oauth2 enabled |
| GRAFANA_URL | grafanaUrl | URL for the Grafana UI. | http://localhost:3000 | Yes |
| KAFKA_URL | kafkaUrl | URL for the Kafka UI. | http://localhost:9095 | If Kafka UI is available |
Local Development with Proxy Configuration
To facilitate local development and testing, the Admin UI can be configured to proxy API requests to a local or remote instance of the Admin BFF service. This is achieved by setting up a proxy configuration file.
{ "/api": { "target": "http://localhost:5218", "secure": false, "changeOrigin": true, "logLevel": "debug" }}To use the proxy configuration, start the Angular development server with the following command:
ng serve --proxy-config proxy.conf.json --configuration=development