Skip to main content

Authenticating health organizations

Version 2025-07-04
Status draft

Introduction

This technical agreement descibes how health organizations should be authenticated in the context of data exchanges.

Agreements

Decision

Health organizations are authenticated using a X509credential based on a UZI-servercertificate.

Rationale

  1. UZI-servercertificate is issued by a public organization (CIBG)
  2. URA-number is contained as attribute in the UZI-servercertificaat, CPS: https://www.uziregister.nl/over-het-register/certificeringsbeleid/archief-certification-practice-statement
  3. The URA-number can securely be contained in a X509credential using the open source software did:x509 and X509Credential Toolkit