Search Results

Scope design When designing a system that uses OAuth2, you have to decide how scopes map to resources that the client will attempt to access. "Resource access" is typically a specific REST-style HTTP operation on a specific URL, e.g. POST /products/staplers/1....

Nuts supports a custom OAuth2 flows for acquiring an access token: the service-to-service flow. Service-to-Service flow Credentials that are presented during this flow are subject to legal organizations (e.g. registered care organizations). This flow uses a cu...

To successfully negotiate an OAuth2 access token, the token issuer (OAuth2 Authorization Server) will ask the client to present Verifiable Credentials. Nuts uses DIF Presentation Exchange for requesting and presenting credentials during authentication. It's us...

Authentication on Nuts heavily depends on trusted credential issuers: any attribute, revelant to the security model of the use case should be verifiable. E.g., if a party claims to be a care organization, it should be able to present a Verifiable Credential to...

A party often exchanges data through its API endpoints. If a client only has the party's name or identifier, it needs to find the API endpoints. Service Discovery via the Nuts node let clients find involved parties and additional information, like API endpoint...

Anti-patterns Bad: "Clients can access /Observation, but the FHIR server has to limit it to /Observation?patient=XYZ" Requires transformation of the HTTP request at the Policy Enforcement Point. Better: TODO Bad: "Clients can update the FHIR resource at /Ta...

A use case writer supplements you with a number of artifacts, that need to be configured: Service Discovery definitions Policy definitions This page details how to configure each artifact. Warning: do not alter these artifacts after receiving them, as they s...

To access APIs secured through Nuts, callers need an access token issued by the OAuth2 Authorization Server of the API owner. This page describes how to acquire an access token. Requesting Service Access Token This section describes which value(s) need to be s...

After configuring the Nuts node with the required artifacts, the use case can be activated for a subject. This means activating the related Discovery Service for the subject, making them discoverable. Pre-requisites: You have created a subject for the organiz...

This page lists examples of Presentation Definitions using the X509Credential. Shared Care Planning Discovery Service Definition Policy Definition

TODO

Discovery of Organizations and Endpoints Once organizations have activated themselves for a use case (covered in previous chapters), they become discoverable. This chapter focuses exclusively on how clients find organizations and their service endpoints using ...

1. Doelen 1.1. PoC: LSPxNuts 1.2. Uitfaseren gRPC netwerk Het Nuts gRPC netwerk, onderdeel van Nuts spec v1, vormt al langere tijd een duurzaamheidsrisico vanwege de complexiteit. Daarom maakt Nuts spec. v2 hier geen gebruik meer van. Het doel is om alle zorgt...