Federated Authentication and Authorization for Regional Users

Federated authentication and authorization flow for Regional Users using SEB and regional IdP.

Upon client initiation of an OIDC Authorization Code Flow for a regional user, federation is performed as shown below.

Federation of Authentication and Authorization for Regional Users (return of OIDC Tokens and use of eHealth Infrastructure omitted)

The sequence diagram described for clinicians Client Application Login and Logout to eHealth Infrastructure | Clinical logins explains the order in which the OIDC Authorization Code Flow is redirected to a series of OIOSAML-based AuthNRequest and AuthNResponse.