Table of Contents |
---|
Used documentation
Cookbook/ materials | Version | Location |
---|---|---|
Technical specifications Identity & Authorization Management (I.AM) - Identity Provider (IDP) | 1.0 | https://www.ehealth.fgov.be/ehealthplatform/file/view/91d9a7f7978b8a4e4d90087f83d66883?filename=ehealth_i.am_-_idp_v1.0.pdf |
Mandates | - | |
MANDATS - Création et gestion de mandats (en tant que mandant) | 2.0 | https://www.ehealth.fgov.be/ehealthplatform/file/view/e10eedbd5795348a84bee1edd56ad38a?filename=ehealth_mandates_mandate_giver_v2.0_-_fr.pdf |
MANDATS - Création et gestion de mandats (en tant que mandataire) | 2.0 | https://www.ehealth.fgov.be/ehealthplatform/file/view/8030a1023173e75d8059e048c96a590f?filename=ehealth_mandates_mandate_holder_v2.0_-_fr.pdf |
Présentation eMandate CIN 3.0 | 3.0 | https://www.ehealth.fgov.be/ehealthplatform/file/view/f460ea807fd4ce8518e0c9576456f4ec?filename=presentation_emandate_3.0.pptx |
Présentation Medattest 1.0 | 1.7 | https://www.ehealth.fgov.be/file/view/AWgN5lfogwvToiwBkfyW?filename=eMandate%20dans%20le%20cadre%20de%20Medattest%20v1.7.pptx |
General information
The user chooses a profile/a mandate when he is authenticated in the CSAM portal and identified in the IDP and the AA.
...
- Create the mandates with limited or unlimited duration
- Revoke the mandates
- Transfer a mandate from a mandated user to an other one
Basic flow
Flow | Specification | ||
---|---|---|---|
Use case ID | ATH-UC-24-BF | ||
Use case name | Change a mandate of a user | ||
Actors |
| ||
Short Description | In order to change a mandate, the user should do a global logout and should authenticate him/herself a second time. | ||
Priority | 1 (High) Must have: The system must implement this goal/ assumption to be accepted. | ||
Pre-Conditions |
| ||
Post-Conditions |
| ||
Steps (basic flow) | 0 | The user has an open session in the IDP with the old mandate | |
1 | The user does a global logout in order to close the session | ||
2 | The user reconnects via the mobile application in order to change the mandate | ||
3 | The mobile application sends an openID connect authorization request to the IAM connect | ||
4 | The IAM connects redirects the message to the eHealth IDP in a browser | ||
5 | The IDP detects that there is not an open session with the NISS and the name of the user | ||
6 | The IDP redirects the request to the CSAM in order to open a session | ||
7 | The user selects the authentication way (i.e. itsme, eID, TOTP) | ||
8 | The user is authenticated and CSAM returns a SAML assertion to the IDP regarding the user | ||
9 | The user selects a profile and a new mandate and the IDP returns the selected profile - mandate to the IAM connect | ||
10 | The IAM connect creates an access token JWT with the new profile and mandate and returns it to the client | ||
11 | The user is authenticated and accesses to the permitted services in the mobile application with respect to the new profile and mandate | ||
Exceptions (exception flows) | |||
Frequency |
|
...