Used documentation
General information
The user chooses a profile/a mandate when he is authenticated in the CSAM portal and identified in the IDP and the AA.
It is possible to manage the mandates via the following application referred to as Self Service Mandates delivered by the Federal Public Service of the Finance. It enables to
- Create the mandates with limited or unlimited duration
- Revoke the mandates
- Transfer a mandate from a mandated user to an other one
Basic flow
Flow | Specification | ||
---|---|---|---|
Use case ID | ATH-UC-25-BF | ||
Use case name | Revoke a mandate from a HCP and check the access right to the data | ||
Actors |
| ||
Short Description | In order to check the access right of the HCP when trying to use a mandate, we propose to revoke a mandate from a HCP. Then, the HCP is logged in and he is supposed not to find the revoked mandate. we try to login | ||
Priority | 1 (High) Must have: The system must implement this goal/ assumption to be accepted. | ||
Pre-Conditions |
| ||
Post-Conditions |
| ||
Steps (basic flow) | 1 | The user connects via the mobile application | |
2 | The mobile application sends an openID connect authorization request to the IAM connect | ||
3 | The IAM connects redirects the message to the eHealth IDP in a browser | ||
4 | The IDP detects that there is not an open session with the NISS and the name of the user | ||
5 | The IDP redirects the request to the CSAM in order to open a session | ||
6 | The user selects the authentication way (i.e. itsme, eID, TOTP) | ||
7 | The user is authenticated and CSAM returns a SAML assertion to the IDP regarding the user | ||
8 | The user selects a profile. | ||
9 | The user searches the revoked mandate and he/she does not find it. | ||
Exceptions (exception flows) | |||
Frequency |
|