Use Case Activation / Discoverability

After configuring the Nuts node with the required artifacts, the use case can be activated for a subject. This means activating the related Discovery Service for the subject, making them discoverable.

Pre-requisites:

Acquiring credentials

The definition specifies which Verifiable Credentials the subject needs to register on the Discovery Service. These are often a combination of, but not limited to, the following credentials: NutsOrganizationCredential, NutsUraCredential, and/or DiscoveryRegistrationCredential.

These need to be issued by a trusted party, which depends on the use case. In development or test environments, parties are typically allowed to issue the credentials to themselves. In acceptance or production environments, they're normally issued by a trusted third party.

Self-issuance

In case, the use case allows self-issuance of credentials (e.g., because there's no trusted third party), you can issue the credential yourself.

To issue or load a credential, you need to choose one of the subject's DIDs. Use the following API call to list the DIDs of a subject (replace <subjectID> with the ID of the subject):

GET http://<internal Nuts API>/internal/vdr/v2/subject/<subjectID>

Then, you can issue the credential:

POST http://<internal Nuts API>/internal/vcr/v2/issuer/vc
Content-Type: application/json

{
  "issuer": "did:web:example.com",
  "type": "NutsOrganizationCredential",
  "expirationDate": "2020-12-09T16:09:53+00:00",
  "credentialSubject": {
    "id": "did:web:example.com",
    "organization": {
      "name": "Because we care B.V.",
      "city": "Arnhem"
    }
  }
}

Make sure you provide the proper values for the credential fields:

Note: alternatively, you can issue credentials through the Nuts Admin application.

After issuing, you need to load the credential into the subject's wallet. See the next section, "Trusted third party", for how to do this.

Trusted third party

A third party issues a Verifiable Credential to one of the subject's DIDs using an out-of-band mechanism.

The issuer can share the Verifiable Credential in any applicable way to the receiving party, including chat or e-mail. They can then be loaded into the subject's wallet using the following API call:

POST http://<internal Nuts API>/internal/vcr/v2/holder/<did>/vc
Content-Type: application/json

<Verifiable Credential>

Discovery Service Activation

To make a subject discoverable, activate the particular Discovery Service. The following example activates a service, supplying an additional FHIR endpoint to be used for the use case.

POST http://<internal Nuts API>/internal/discovery/v1/<serviceID>/<subjectID>
Content-Type: application/json

{
  "registrationParameters": {
    "fhir": "https://example.com/fhir"
  }
}

Note that if the subject doesn't have the required credentials in its wallet, the call might succeed, but actual registration won't happen until the required credentials are present. In this case, the call returns status 202 (Created), with a message detailing what failed. This is also the case if the Discovery Service is unreachable.


Revision #6
Created 11 September 2024 04:53:06 by Rein Krul
Updated 18 September 2024 11:49:11 by Wout Slakhorst