Dit is de consultatie versie van het Twiin Afsprakenstelsel Release 1.2.0

Skip to end of banner
Go to start of banner

Z2.3.5 | BB: IHE ITI-40 | Provide X-User Assertion

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Scope

This transaction is used to add user attributes in the SOAP TTA transactions. The attributes are placed in a SAML-token in the security header of a, for example, ITI-75 transaction.

Use Case Roles

Referenced Standards

  • OASIS http://www.oasis-open.org/committees/security/

  • SAMLCore SAML V2.0 Core standard

  • WSS10 OASIS Standard, "OASIS Web Services Security: SOAP Message Security 1.0 (WS-Security 2004)", March 2004.

  • WSS11 OASIS Standard, "OASIS Web Services Security: SOAP Message Security 1.1 (WS-Security 2004)", February 2006.

  • WSS:SAMLTokenProfile1.0 OASIS Standard, “Web Services Security: SAML Token Profile”, December 2004

  • WSS:SAMLTokenProfile1.1 OASIS Standard, “Web Services Security: SAML Token Profile 1.1”, February 2006

  • XSPA-SAMLv1.0 OASIS Standard, “Cross-Enterprise Security and Privacy Authorization (XSPA) Profile of the Security Assertion Markup Language (SAML) for Healthcare v1.0” , November 2009

  • SAML 2.0 Profile For XACML 2.0 OASIS Standard, February 2005

Informative -- assist with understanding or implementing this transaction

Messages
Provide X-User Assertion

For more technical specification, see the original document: https://profiles.ihe.net/ITI/TF/Volume2/ITI-40.html

Twiin implementation

The SAML token is only valid for 10 minutes. The SAML token has the following attributes (in addition to the required attributes from the SAML-standard)

Element

Opt.

DataType

urn:nl:otv:names:tc:1.0:subject:mandated

C

HL7 V3 II

urn:ihe:iti:xua:2017:subject:provider-identifier

R

HL7 V3 II

urn:oasis:names:tc:xacml:2.0:subject:role

R

HL7 V3 CE

urn:ihe:iti:appc:2016:document-entry:event-code

O

HL7 V3 CV

urn:nl:otv:names:tc:1.0:subject:provider-institution

R

HL7 V3 II

urn:oasis:names:tc:xspa:1.0:subject:purposeofuse

R

HL7 V3 CV

The SAML token is only required in the transactions between GtK (external traffic).

Identification Raadpleger

Name:

urn:nl:otv:names:tc:1.0:subject:mandated

Type:

urn:hl7-org:v3:II

Example:

extension="123456789" root="2.16.528.1.1007.3.1" assigningAuthorityName="CIBG"

Opt.:

Conditional, required if the person is mandated by the verantwoordelijke-id.

Identification Verantwoordelijke

Name:

urn:ihe:iti:xua:2017:subject:provider-identifier

Type:

urn:hl7-org:v3:II

Example:

extension="123456782" root="2.16.528.1.1007.3.1" assigningAuthorityName="CIBG"

Opt.:

Required, UZI-nummer verantwoordelijke.

Rolcode verantwoordelijke healthcare provider

Name:

urn:oasis:names:tc:xacml:2.0:subject:role

Type:

urn:hl7-org:v3:CE

Example:

code="01.013" codeSystem="2.16.840.1.113883.2.4.15.111" codeSystemName="RoleCodeNL" displayName="Arts v. maag-darm-leverziekten"

Opt.:

Required, UZI rolcode

Data category

Name:

urn:ihe:iti:appc:2016:document-entry:event-code

Type:

urn:hl7-org:v3:CV

Example:

code="GGC007" codeSystem="2.16.840.1.113883.2.4.3.111.5.10.1"

Opt.:

Optional

Identification verantwoordelijke provider

Name:

urn:nl:otv:names:tc:1.0:subject:provider-institution

Type:

urn:hl7-org:v3:II

Example:

<AttributeValue DataType="urn:hl7-org:v3#II" > <InstanceIdentifier xmlns="urn:hl7-org:v3" extension="00014332" root="2.16.528.1.1007.3.3" /></AttributeValue>

Opt.:

Required, URA

Purpose of use

Name:

urn:oasis:names:tc:xspa:1.0:subject:purposeofuse

Type:

urn:hl7-org:v3#CV

Example:

<AttributeValue DataType=" urn:hl7-org:v3#CV">
<CodedValue xmlns="urn:hl7-org:v3" code="TREAT" codeSystem="2.16.840.1.113883.1.11.20448" displayName="treatment" />
</AttributeValue>

Opt.:

Required

  • No labels