Skip to main content

Designing a Nuts Use Case

A Nuts use case enables organizations to that don't directly trust each other, but rely on trusted third parties, to find each other and securely exchange data. The use case specifies which data is exchanged, on which authorization grounds and how API endpoints can be found.

This book is meant for those who want to understand what decisions need to be made when designing a use case, and how to build the artefacts (e.g. Presentation Definitions) that are required by those that run the use case.

Note: this guide is not intended for use case implementors, who should refer to Implementing a Nuts Use Case instead.

Service Discovery

A party often exchanges data through its API endpoints. If a client only has the party's name or ...

Authorization

This chapter describes how authorization works and what decisions impact the design of a use case.

OAuth2 Scopes and Presentation Definition Mapping

Scope design When designing a system that uses OAuth2, you have to decide how scopes map to resou...

AuthN using Verifiable Credentials

To successfully negotiate an OAuth2 access token, the token issuer (OAuth2 Authorization Server) ...

Credential Trust

Authentication on Nuts heavily depends on trusted credential issuers: any attribute, revelant to ...

OAuth2 Flows and Wallets

Nuts supports a custom OAuth2 flows for acquiring an access token: the service-to-service flow. S...

Access Policy (TODO)

Anti-patterns Bad: "Clients can access /Observation, but the FHIR server has to limit it to /Ob...

Designing Step-by-Step

This chapter puts the principles together by working towards the artefacts required for implement...

Case Study: ???
Back to top