Setting the available context
In order to set the available context, the AS can be requested with a base64 encoded PrivilegeList xml document. This is enabled on a special test client with id "oio_mock".
Pararmeter name | Description |
---|---|
client_id | Required. The OAuth2 client id |
grant_type | Required. Fixed to the value of the of ‘refresh_token’ |
refresh_token | Required. The refresh token of the current session |
oio_bpp (available context) | Optional. Base 64 encode PrivilegeList xml document |
practitioner_upn (available context) | Optional. An unique identifier of a Practitioner. Maps to a FHIR Practitioner resource. |
practitioner_name (available context) | Optianal. The name of the pratitioner. Sets the name of the FHIR Practitioner. |
practitioner_email (available context) | Optional. The email of the practitioner. |
care_team_id (context) | Optional. A valid absolute FHIR URI pointing to a Careteam resource. This adds implicit organization context given the organization constraint in the OIO BPP structure |
organization_id (context) | Optional. A valid absolute FHIR URI pointing to an Organization resource |
episode_of_care_id (context) | Optional. This adds implicit patient context. A valid absolute FHIR URI pointing to an Episode of Care resource |
patient_id (context) | Optional. A valid absolute FHIR URI pointing to a Patient resource |
Exaples of PrivilegeList:
<?xml version="1.0"?> <PrivilegeList xmlns="http://itst.dk/oiosaml/basic_privilege_profile"> <PrivilegeGroup Scope="urn:dk:gov:saml:cvrNumberIdentifier:20921897"> <Constraint Name="urn:dk:gov:saml:sorIdentifier">eeeeeeee-b760-11e9-a2a3-2a2ae2dbcce4</Constraint> <Constraint Name="urn:dk:sundhed:ehealth:careteam">cccccccc-b760-11e9-a2a3-2a2ae2dbcce4</Constraint> <Privilege>urn:dk:healthcare:futTreatmentResponsible_0_3</Privilege> <Privilege>urn:dk:healthcare:futMonitoringResponsible_0_3</Privilege> </PrivilegeGroup> <PrivilegeGroup Scope="urn:dk:gov:saml:cvrNumberIdentifier:20921897"> ... </PrivilegeGroup> </PrivilegeList>
A PrivilegeList must contain at least one PrivilegeGroup with Scope = "urn:dk:gov:saml:cvrNumberIdentifier:<some number>".
Each PrivilegeGroup must contain either a constraint with Name = "urn:dk:gov:saml:sorIdentifier" or Name = "urn:dk:kombit:orgUnit", but not both.
A Privilige group may also contain a constraint with Name "urn:dk:sundhed:ehealth:careteam".
Each PrivilegeGroup must contain at least one Privilege.
Allowed privileges:
urn:dk:healthcare:futTreatmentResponsible_0_3
urn:dk:healthcare:futMonitoringResponsible_0_3
urn:dk:healthcare:futMonitoringDelegate_0_3
urn:dk:healthcare:futClinicalContentDefiner_0_3
urn:dk:healthcare:futRequestEffectuator_0_3