Versions Compared

Old Version 3

changes.mady.by.user Rami Sellami

Saved on

compared with

New Version Current

changes.mady.by.user Unknown User (fabian.steels@cetic.be)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

Used documentation

Cookbook/ materialsVersionLocation
Technical specifications Identity & Authorization Management (I.AM) - Identity Provider (IDP)1.0https://www.ehealth.fgov.be/ehealthplatform/file/view/91d9a7f7978b8a4e4d90087f83d66883?filename=ehealth_i.am_-_idp_v1.0.pdf
Mandates-

https://www.ehealth.fgov.be/fr/esante/acceder-au-portail-esante/mandats

MANDATS - Création et gestion de mandats (en tant que mandant)2.0https://www.ehealth.fgov.be/ehealthplatform/file/view/e10eedbd5795348a84bee1edd56ad38a?filename=ehealth_mandates_mandate_giver_v2.0_-_fr.pdf
MANDATS - Création et gestion de mandats (en tant que mandataire)2.0https://www.ehealth.fgov.be/ehealthplatform/file/view/8030a1023173e75d8059e048c96a590f?filename=ehealth_mandates_mandate_holder_v2.0_-_fr.pdf
Présentation eMandate CIN 3.03.0https://www.ehealth.fgov.be/ehealthplatform/file/view/f460ea807fd4ce8518e0c9576456f4ec?filename=presentation_emandate_3.0.pptx
Présentation Medattest 1.01.7https://www.ehealth.fgov.be/file/view/AWgN5lfogwvToiwBkfyW?filename=eMandate%20dans%20le%20cadre%20de%20Medattest%20v1.7.pptx
Issue 3 in JIRA-

Jira
serverimec Validation Lab
serverIdac11aa92-3976-3161-9ddb-5020cc76f1c7
keyMHEH-3

Issue 7 in JIRA -

Jira
serverimec Validation Lab
serverIdac11aa92-3976-3161-9ddb-5020cc76f1c7
keyMHEH-7

Issue 39 in JIRA -

Jira
serverimec Validation Lab
serverIdac11aa92-3976-3161-9ddb-5020cc76f1c7
keyMHEH-39

General information

The user chooses a profile/a mandate when he is authenticated in the CSAM portal and identified in the IDP and the AA.

...

  • Create the mandates with limited or unlimited duration
  • Revoke the mandates
  • Transfer a mandate from a mandated user to an other one

Basic flow

FlowSpecification






Image Added


Use case ID

ATH-UC-

23

25-BF

Use case name

Revoke a mandate from a HCP and check the access right to the data

Actors

  • HCP

Short Description

In order to check the access right of the HCP when trying to use a mandate, we propose to revoke a mandate from a HCP. Then, the HCP is logged in and he is supposed  not to find the revoked mandate. we try to login

Priority

1 (High)

Must have: The system must implement this goal/ assumption to be accepted.

Pre-Conditions

  • The
user has not an active session in the IDP 
  • mandate must be deleted beforehand through the application "Self Service Mandates"
  • The user is logged out globally

Post-Conditions

  • The user

has an open session with the chosen profile 

  • does not find the revoked mandate

Steps (basic flow)

1

The user connects via the mobile application

2

The mobile application sends an openID connect authorization request to the IAM connect


3The IAM connects redirects the message to the eHealth IDP in a browser

4

The IDP detects that there is not an open session with the NISS and the name of the user

5The IDP redirects the request to the CSAM in order to open a session 

6

The user selects the authentication way (i.e. itsme, eID, TOTP)


7

The user is authenticated and CSAM returns a SAML assertion to the IDP regarding the user


8The user selects a profile
and a mandate. The IDP returns the selected profile and mandate to the IAM connect

9The
IAM connect creates an access token JWT with the selected profile - mandate and returns it to the client10The user is authenticated and accesses to the permitted services in the mobile application with respect to his/her profile and the selected mandate
user searches the revoked mandate and he/she does not find it.

Exceptions (exception flows)


Frequency

  • Every time
the user is authenticated and needs to access to the services of the eHealth platform
  • a mandate is revoked