Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Using the provided SAML attributes, the infrastructure searches for a Patient resource that corresponds to the citizen. If found, the infrastructure automatically sets the Patient context in the access token and the user_id is set to the Patient resource reference. The citizen cannot switch context and can access only Patient data being scoped to that Patient context.

In case no Patient is found, the access token user_id is set to a UUID instead of a Patient resource reference. This design ensures that federated NemLogin can be verified without blocking the citizen from accessing the platform. When no Patient is found, the citizen is accessing the infrastructure before having been enrolled (created as a Patient) by an employee through https://docs.ehealth.sundhed.dk/latest-released/igfhir/OperationDefinition-ehealth-patient-create.html .

Note

A Citizen Solution shall handle user_id not set to a Patient resource reference, for instance, by warning the citizen that she/he has not yet been enrolled.

...