Authenticating health organizations

Version 
 2025-07-04 
 
 
 Status 
 draft 
 
 
 
 Introduction 
 This technical agreement descibes how health organizations should be authenticated in the context of data exchanges. 
 Agreements 
 Decision 
 Health organizations are authenticated using a X509credential based on a UZI-servercertificate. 
 Rationale 
 
 UZI-servercertificate is issued by a public organization (CIBG) 
 URA-number is contained as attribute in the UZI-servercertificaat, CPS: https://www.uziregister.nl/over-het-register/certificeringsbeleid/archief-certification-practice-statement 
 The URA-number can securely be contained in a X509credential using the open source software did:x509 and X509Credential Toolkit