Setting the available context
...
Code Block | ||
---|---|---|
| ||
<?xml version="1.0"?> <PrivilegeList xmlns="http://itst.dk/oiosaml/basic_privilege_profile"> <PrivilegeGroup Scope="urn:dk:gov:saml:cvrNumberIdentifier:20921897"> <Constraint Name="urn:dk:gov:saml:sorIdentifier">eeeeeeee-b760-11e9-a2a3-2a2ae2dbcce4</Constraint> <Constraint Name="urn:dk:sundhed:ehealth:careteam">cccccccc-b760-11e9-a2a3-2a2ae2dbcce4</Constraint> <Privilege>urn:dk:sundhed:healthcareehealth:role:futTreatmentResponsiblemonitoring_0_3<assistor</Privilege> <Privilege>urn:dk:sundhed:ehealth:healthcarerole:futMonitoringResponsiblecitizen_0_3<enroller</Privilege> </PrivilegeGroup> <PrivilegeGroup Scope="urn:dk:gov:saml:cvrNumberIdentifier:20921897"> ... </PrivilegeGroup> </PrivilegeList> |
...
- SOR organizations:
- Identified by Constraints with Name attribute = "urn:dk:gov:saml:sorIdentifier" and value = {sor-id}
- Refers to Fhir Organization with Identifier.system = "urn:oid:1.2.208.176.1.1" and Identifier.value = {sor-id}
- Example:
- Constraint:
<Constraint Name="urn:dk:gov:saml:sorIdentifier">950531000016003</Constraint>
- Refers to Organization with:
"Identifier": [{"system": "urn:oid:1.2.208.176.1.1", "value": "950531000016003"}]
- Constraint:
- STS organizations
- Identified by Constraints with Name attribute = "urn:dk:kombit:orgUnit" and value = {sts-id}
- Refers to Fhir Organization with Identifier.system = "https://www.kombit.dk/sts/organisation" and Identifier.value = {sts-id}
- Example:
- Contraint:
<Constraint Name="urn:dk:kombit:orgUnit">eeeeeeee-b760-11e9-a2a3-2a2ae2dbcce4</Constraint>
- Refers to Organization with:
"Identifier": [{"system": "https://www.kombit.dk/sts/organisation", "value": "eeeeeeee-b760-11e9-a2a3-2a2ae2dbcce4"}]
- Contraint:
- SSL organizations
- Identified by Constraints with Name attribute = "urn:dk:sundhed:ehealth:sslOrg"
- Refers to Fhir Organization with Identifier.system = "http://ehealth.sundhed.dk/organization/ssl" and Identifier.value = {ssl-id}
- Example:
- Constraint:
<Constraint Name="urn:dk:sundhed:ehealth:sslOrg">aaaaaaaa-b760-11e9-a2a3-2a2ae2dbcce4</Constraint>
- Refers to Organization with:
"Identifier": [{"system": "http://ehealth.sundhed.dk/organization/ssl", "value": "aaaaaaaa-b760-11e9-a2a3-2a2ae2dbcce4"}]
- Constraint:
...
Privileges:
Allowed privileges, see Tokens, Roles and RBAC/ABAC#Privilege Token Based Security#Privilege-Roles.