| Table of Contents |
|---|
Used documentation
| Cookbook/ materials | Version | Location |
|---|---|---|
| Technical specifications Identity & Authorization Management (I.AM) - Identity Provider (IDP) | 1.0 | https://www.ehealth.fgov.be/ehealthplatform/file/view/91d9a7f7978b8a4e4d90087f83d66883?filename=ehealth_i.am_-_idp_v1.0.pdf |
| Mandates | - | |
| MANDATS - |
| Jira | ||||||
|---|---|---|---|---|---|---|
|
| Jira | ||||||
|---|---|---|---|---|---|---|
|
General information
A user may have one or multiple profiles of the following types:
- Citizen: for the principal with the basic authentication if the user wants to identify himself as a natural person. This is the default profile when a user authenticates on the eHealth IDP.
- Quality: for the principals that identify the user as a professional (eg DOCTOR)
- Organization: for the principals that identify the user as a representative of an organization he belongs to.
- Mandate: for the principals that identify the user as the mandatary of another person or organization from whom he has received a mandate to act on their behalf in a specific context.
| Création et gestion de mandats (en tant que mandant) | 2.0 | https://www.ehealth.fgov.be/ehealthplatform/file/view/e10eedbd5795348a84bee1edd56ad38a?filename=ehealth_mandates_mandate_giver_v2.0_-_fr.pdf |
| MANDATS - Création et gestion de mandats (en tant que mandataire) | 2.0 | https://www.ehealth.fgov.be/ehealthplatform/file/view/8030a1023173e75d8059e048c96a590f?filename=ehealth_mandates_mandate_holder_v2.0_-_fr.pdf |
| Présentation eMandate CIN 3.0 | 3.0 | https://www.ehealth.fgov.be/ehealthplatform/file/view/f460ea807fd4ce8518e0c9576456f4ec?filename=presentation_emandate_3.0.pptx |
| Présentation Medattest 1.0 | 1.7 | https://www.ehealth.fgov.be/file/view/AWgN5lfogwvToiwBkfyW?filename=eMandate%20dans%20le%20cadre%20de%20Medattest%20v1.7.pptx |
General information
The user chooses a profile/a mandate The user choose a profile when he is authenticated in the CSAM portal and identified in the IDP and the AA.
It is possible to manage the mandates via the following application referred to as Self Service Mandates delivered by the Federal Public Service of the Finance. It enables to
- Create the mandates with limited or unlimited duration
- Revoke the mandates
- Transfer a mandate from a mandated user to an other one
Basic flow
| Flow | Specification | ||
|---|---|---|---|
| Use case ID | ATH-UC-23-BF | |
Use case name | Consult and choose | ||
a |
mandate | ||
Actors |
| |
| ||
Short Description | In order to consult and choose a | |
| mandate, the user should find the list of the |
| mandates in the IDP in a web browser. This list is updated every time the user is authenticated and identified in the IDP from the authentic data sources. | ||
| Priority | 1 (High) Must have: The system must implement this goal/ assumption to be accepted. | |
Pre-Conditions |
| |
Post-Conditions |
| |
Steps (basic flow) | 1 | The user connects via the mobile |
| application | ||
2 | The mobile application sends an openID connect authorization request to the IAM connect | |
| 3 | The IAM connects redirects the message to the eHealth IDP in a browser | |
4 | The IDP detects that there is not an open session with the NISS and the name of the user | |
| 5 | The IDP redirects the request to the CSAM in order to open a session | |
6 | The user selects the authentication way (i.e. itsme, eID, TOTP) | |
7 | The user is authenticated and CSAM returns a SAML assertion to the IDP regarding the user | |
| 8 | The user selects a profile and |
| a mandate. The IDP returns the selected profile and mandate to the IAM connect | ||
| 9 | The IAM connect creates an access token JWT with the selected profile - mandate and returns it to the |
| client | ||
| 10 | The user is authenticated and accesses to the permitted services in the mobile application with respect to his/her profile and the selected mandate | |
Exceptions (exception flows) | ||
Frequency |
| |