Netherlands - Generic Functions for data exchange Implementation Guide - Local Development build (v0.3.0) built by the FHIR (HL7® FHIR® Standard) Build Tools. See the Directory of published versions

Credential Catalog

Page standards status: Draft

Credential Catalog

This section describes the various types of verifiable credentials used in the authentication framework. Each credential type represents a specific set of claims about an entity within the healthcare ecosystem.

Credentials defined here use identifiers that are specified by the Generic Function Identification.

Profile

Unless specified otherwise, every credential uses the following Verifiable Credential traits:

• Data model: W3C Verifiable Credentials Data Model 1.1
• Proof type: JWT
• Signature algorithm: ES256, RS256 or PS256
• Revocation method: Bitstring Status List v1.0
• Proof of Possession: presenter is holder: the identifier of the presenter must equal the credential subject identifier.

Credentials

This IG defined the following credential types.

Credential	Description	Status
HealthcareProviderRoleTypeCredential	Establishes the category or type of healthcare services a provider organization is authorized to offer.	draft
DeziIDTokenCredential	Wraps a Dezi OIDC ID-Token to assert the identity of a healthcare worker and their employment relationship.	draft
X509Credential	Represents attributes from an X.509 certificate, anchored in a trusted CA through the did:x509 DID method.	production use

Credential type status

• draft: the credential is being developed and meant to be prototyped in non-production environments.
• trial use: the credential can be used in small scale pilots and production environments. Future changes might not be backwards compatible.
• production use: the credential is standardized and can be used in production environments. Future changes will be backwards compatible.