Authorization
This chapter describes how authorization works and what decisions impact the design of a use case.
OAuth2 Scopes and Presentation Definition Mapping
Scope design When designing a system that uses OAuth2, you have to decide how scopes map to resou...
AuthN using Verifiable Credentials
To successfully negotiate an OAuth2 access token, the token issuer (OAuth2 Authorization Server) ...
Credential Trust
Authentication on Nuts heavily depends on trusted credential issuers: any attribute, revelant to ...
OAuth2 Flows and Wallets
Nuts supports a custom OAuth2 flows for acquiring an access token: the service-to-service flow. S...
Access Policy (TODO)
Anti-patterns Bad: "Clients can access /Observation, but the FHIR server has to limit it to /Ob...