Akhester Platform documentation — AJ FHIR (Apache 2.0) + Jam commercial products. Browse all products →
AJ Consent Manager v1.0 · Apache 2.0 · Port 8082 · 181 tests
FHIR R4 consent lifecycle. Deny-by-default.
Every HAPI FHIR read and write passes through the ConsentEnforcementInterceptor. No Consent resource = no access. GDPR, HIPAA, and DISHA mapped to standard FHIR R4 provision fields. 181 tests. Apache 2.0.
Every access decision is made against a live FHIR R4 Consent resource — not a configuration file.
🔒
Deny-by-default
No Consent resource = no access. Every HAPI FHIR read and write is blocked unless a Consent resource explicitly permits it for that actor, resource type, and purpose.
🔌
ConsentEnforcementInterceptor
Drop-in JAR for any HAPI FHIR JPA server. Fires before every database operation. Two configuration properties. Zero data migration.
📋
GDPR Art. 17 — right to erasure
Close provision.period.end to stop all access. Patient data remains in HAPI (for audit trail) but becomes inaccessible to all actors.
⚕️
HIPAA minimum necessary
provision.class restricts access to specific FHIR resource types. provision.action restricts to read or write. Both checked on every request.
🌏
DISHA (India) support
provision.actor array maps directly to the DISHA consent artefact consentee list. One Consent resource supports multi-actor access control.
🆓
Apache 2.0 · 181 tests
Free to use. 181 unit and integration tests. Spring Boot under the hood. Used in production across Apache 2.0 AJ FHIR deployments worldwide.
Consent as infrastructure, not an afterthought.
Apache 2.0 — add the JAR to your HAPI FHIR server classpath and configure two properties. Every read and write is consent-governed from that moment.