Access to data in the the eHealth Infrastructure is governed by its provided Authorization Server (AS). The AS is responsible for handing out tokens that are properly signed with the correct level of detail embedded. Without a token, no access is provided. The eHealth Infrastructure is by intend and design not part of any other existing infrastructure such as the NSP - instead, it integrates to a range of services (among these is services on the NSP).
The eHealth Infrastructure does not provide provides an IdP meaning that no users by design exist in the infrastructure. Instead for SSL (Service & Support Logistics) users that are not part of the clinical domain nor the citizen domain (not depicted below). For the clinical and citizen domain, the AS is federated with two services that provide the identity of the users:
...