Search Results

Achtergrond Het Notified Pull (NP) communicatiepatroon stelt een initiatiefnemer in staat gegevens gericht aan te bieden aan een raadpleger. De raadpleger wordt hiervan op de hoogte gebracht via een notificatie. De Pull operatie kan meerdere keren worden uitge...

This document is in DRAFT Purpose The purpose of the hackathon is to demonstrate a simple implementation of Nuts Zorginzage in Nuts V6. The present Nuts Zorginzage 2022 spec uses Nuts V5, but has several limitations, which is why the intention is to make use o...

Anti-patterns Bad: "Clients can access /Observation, but the FHIR server has to limit it to /Observation?patient=XYZ" Requires transformation of the HTTP request at the Policy Enforcement Point. Better: TODO Bad: "Clients can update the FHIR resource at /Ta...

A use case writer supplements you with a number of artifacts, that need to be configured: Service Discovery definitions Policy definitions This page details how to configure each artifact. Warning: do not alter these artifacts after receiving them, as they s...

To access APIs secured through Nuts, callers need an access token issued by the OAuth2 Authorization Server of the API owner. This page describes how to acquire an access token. Requesting Service Access Token This section describes which value(s) need to be s...

After configuring the Nuts node with the required artifacts, the use case can be activated for a subject. This means activating the related Discovery Service for the subject, making them discoverable. Pre-requisites: You have created a subject for the organiz...

The configuration below show a minimal nuts.json config file: did:nuts disabled, did:web enabled discovery refresh of 1 minute for faster discovery during development default mappings for discovery and policy files (mounts required) SQLite will be used as DB...

The first thing you need to do is create some public/private key material for your subjects. We use the term subjects for everything related to vendors, tenants, organizations and clients. Behind every subject there can be multiple DIDs (decentralized identifi...

After you created a subject with some DID documents, it's time to give meaning to these identifiers. Without Verifiable Credentials, DIDs are just useless identifiers. They receive meaning when another party issues credentials to one of those DIDs. Attestation...

Before another party can interact with you, they will first need to find your endpoints. The discovery service in the Nuts node can help you. The Nuts node can act as both server and client. From a use case definition you'll receive the following information/f...

You can find participants of a use case via their registered services. A use case defines the service identifier and which credentials are required through the presentation definition. Any constraint in the presentation definition with an identifier can also b...

After finding a service endpoint to interact with, it's time to request an access token. You can request one via your own Nuts node: POST /internal/auth/v2/my_subject_identifier/request-service-access-token { "authorization_server": "https://example.com/oau...

When a request comes in at your resource endpoint, an access token should be available in the HTTP Authorization header. You can validate the token by calling: POST /internal/auth/v2/accesstoken/introspect token=ciOiJSUzI1NiIsInR5cCI6Ikp Note: the content-ty...

Abstract This proposal describes a method for issuing Verifiable Credentials by leveraging the existing chains of trust provided by X.509 certificates. Status of this document This document is in draft. Introduction With the introduction of the Self Sovereign ...