Authenticating health organizations
Version | 2025-07-04 |
Status | draft |
Introduction
This technical agreement descibes how health organizations should be authenticated in the context of data exchanges.
Agreements
Decision
Health organizations are authenticated using a X509credential based on a UZI-servercertificate.
Rationale
- UZI-servercertificate is issued by a public organization (CIBG)
- URA-number is contained as attribute in the UZI-servercertificaat, CPS: https://www.uziregister.nl/over-het-register/certificeringsbeleid/archief-certification-practice-statement
- The URA-number can securely be contained in a X509credential using the open source software did:x509 and X509Credential Toolkit