Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »


Description: This workflow describes how the IL will provide a mechanism to allow single-sign-on (SSO) to be enables for the user of the management application for the HIE registries (Note: This does not include user from the PoS applications, these application will be responsible for managing their users locally).

Sponsor:  Ryan Crichton, with the IL community

Status:  proposed

Last Modified:  19/02/2014

Referenced Standards and APIs:


  • MoH - This actor represents the authority that controls access to the HIE. This is likely a Ministry of Health or a Department of Health.
  • User - a user of the management application in question
  • Some management application - an application that manages one of the registries that make up the HIE
  • IL - the interoperability layer that provides the SSO service


Open Questions

  • Do the management applications control their own user authorisation lists or should this be something that the IL does?

Technical details


RefInteractionEndpointDataTransaction Specification
1Determines that the user should have access to manage a registry policy 
2Registers the user with the IL via the web UI The users details (email, name, department, job title)Via the Web UI
3Send an email allowing them to complete registration and set a password A registration linkemail
4User visits the management application to login  OpenID
5The application redirects the user to the IL to login  OpenID
6The user logs into using the IL  OpenID
7The IL redirects the user back to the management application with an access token  OpenID
8The uses accesses the managment application using the access token  OpenID
  • No labels