Endpoint Access Control Mechanism Code System

active

ContentcompleteURL

http://hl7.org/fhir/us/ndh/CodeSystem/EndpointAccessControlMechanismCS

Version

1.0.0

Concepts15Date2025-04-10T13:37:10+00:00PublisherHL7 International / Patient AdministrationDescription

Endpoint Access Control Mechanism

Concepts

Select a concept to view details

{
  "description" : "Endpoint Access Control Mechanism",
  "date" : "2025-04-10T13:37:10+00:00",
  "publisher" : "HL7 International / Patient Administration",
  "jurisdiction" : [ {
    "coding" : [ {
      "system" : "urn:iso:std:iso:3166",
      "code" : "US",
      "display" : "United States of America"
    } ]
  } ],
  "content" : "complete",
  "property" : null,
  "name" : "EndpointAccessControlMechanismCS",
  "experimental" : false,
  "resourceType" : "CodeSystem",
  "title" : "Endpoint Access Control Mechanism Code System",
  "extension" : [ {
    "valueCode" : "pa",
    "url" : "http://hl7.org/fhir/StructureDefinition/structuredefinition-wg"
  }, {
    "valueCode" : "trial-use",
    "url" : "http://hl7.org/fhir/StructureDefinition/structuredefinition-standards-status",
    "_valueCode" : {
      "extension" : [ {
        "valueCanonical" : "http://hl7.org/fhir/us/ndh/ImplementationGuide/hl7.fhir.us.ndh",
        "url" : "http://hl7.org/fhir/StructureDefinition/structuredefinition-conformance-derivedFrom"
      } ]
    }
  }, {
    "extension" : [ {
      "valueString" : "concept",
      "url" : "path"
    }, {
      "url" : "count",
      "valueInteger" : 15
    } ],
    "url" : "http://health-samurai.io/extensions/excised-data"
  }, {
    "url" : "http://health-samurai.io/extensions/source",
    "valueCode" : "db"
  } ],
  "status" : "active",
  "id" : "EndpointAccessControlMechanismCS",
  "count" : 15,
  "url" : "http://hl7.org/fhir/us/ndh/CodeSystem/EndpointAccessControlMechanismCS",
  "caseSensitive" : true,
  "version" : "1.0.0",
  "contact" : [ {
    "name" : "HL7 International / Patient Administration",
    "telecom" : [ {
      "system" : "url",
      "value" : "http://www.hl7.org/Special/committees/pafm"
    }, {
      "system" : "email",
      "value" : "pafm@lists.hl7.org"
    } ]
  } ],
  "text" : {
    "div" : "<div xmlns=\"http://www.w3.org/1999/xhtml\"><p class=\"res-header-id\"><b>Generated Narrative: CodeSystem EndpointAccessControlMechanismCS</b></p><a name=\"EndpointAccessControlMechanismCS\"> </a><a name=\"hcEndpointAccessControlMechanismCS\"> </a><a name=\"EndpointAccessControlMechanismCS-en-US\"> </a><p>This case-sensitive code system <code>http://hl7.org/fhir/us/ndh/CodeSystem/EndpointAccessControlMechanismCS</code> defines the following codes:</p><table class=\"codes\"><tr><td style=\"white-space:nowrap\"><b>Code</b></td><td><b>Display</b></td><td><b>Definition</b></td></tr><tr><td style=\"white-space:nowrap\">public<a name=\"EndpointAccessControlMechanismCS-public\"> </a></td><td>Public</td><td>Public access without any specific access control.</td></tr><tr><td style=\"white-space:nowrap\">OAuth<a name=\"EndpointAccessControlMechanismCS-OAuth\"> </a></td><td>OAuth</td><td>OAuth (unspecified version see oauth.net).</td></tr><tr><td style=\"white-space:nowrap\">SMART-on-FHIR<a name=\"EndpointAccessControlMechanismCS-SMART-on-FHIR\"> </a></td><td>SMART-on-FHIR</td><td>OAuth2 using SMART-on-FHIR profile (see http://docs.smarthealthit.org/).</td></tr><tr><td style=\"white-space:nowrap\">NTLM<a name=\"EndpointAccessControlMechanismCS-NTLM\"> </a></td><td>NTLM</td><td>Microsoft NTLM Authentication.</td></tr><tr><td style=\"white-space:nowrap\">basic<a name=\"EndpointAccessControlMechanismCS-basic\"> </a></td><td>Basic</td><td>Basic authentication defined in HTTP specification.</td></tr><tr><td style=\"white-space:nowrap\">Kerberos<a name=\"EndpointAccessControlMechanismCS-Kerberos\"> </a></td><td>Kerberos</td><td>see http://www.ietf.org/rfc/rfc4120.txt.</td></tr><tr><td style=\"white-space:nowrap\">Certificates<a name=\"EndpointAccessControlMechanismCS-Certificates\"> </a></td><td>Certificates</td><td>SSL where client must have a certificate registered with the server.</td></tr><tr><td style=\"white-space:nowrap\">opaque-access-token<a name=\"EndpointAccessControlMechanismCS-opaque-access-token\"> </a></td><td>Opaque Access Token</td><td>Uses an opaque token for access control, which is a token whose structure is not visible or meaningful to the client.</td></tr><tr><td style=\"white-space:nowrap\">jwt-access-token<a name=\"EndpointAccessControlMechanismCS-jwt-access-token\"> </a></td><td>JWT Access Token</td><td>Uses a JSON Web Token (JWT) for access control, which is a compact, URL-safe means of representing claims to be transferred between two parties.</td></tr><tr><td style=\"white-space:nowrap\">mutual-tls<a name=\"EndpointAccessControlMechanismCS-mutual-tls\"> </a></td><td>Mutual TLS</td><td>Uses mutual Transport Layer Security (TLS) where both client and server authenticate each other using certificates.</td></tr><tr><td style=\"white-space:nowrap\">wss-saml-token<a name=\"EndpointAccessControlMechanismCS-wss-saml-token\"> </a></td><td>WSS SAML Token</td><td>Uses a Security Assertion Markup Language (SAML) token within the Web Services Security (WSS) framework for access control.</td></tr><tr><td style=\"white-space:nowrap\">wss-username-token<a name=\"EndpointAccessControlMechanismCS-wss-username-token\"> </a></td><td>WSS User Name Token</td><td>Uses a username token within the WSS framework for access control.</td></tr><tr><td style=\"white-space:nowrap\">wss-kerberos-token<a name=\"EndpointAccessControlMechanismCS-wss-kerberos-token\"> </a></td><td>WSS Kerberos Token</td><td>Uses a Kerberos token within the WSS framework for access control.</td></tr><tr><td style=\"white-space:nowrap\">wss-x509-token<a name=\"EndpointAccessControlMechanismCS-wss-x509-token\"> </a></td><td>WSS X509 Token</td><td>Uses an X.509 certificate token within the WSS framework for access control.</td></tr><tr><td style=\"white-space:nowrap\">wss-custom-token<a name=\"EndpointAccessControlMechanismCS-wss-custom-token\"> </a></td><td>WSS Custom Token</td><td>Uses a custom token within the WSS framework for access control.</td></tr></table></div>",
    "status" : "generated"
  }
}

Code	Display	Definition
public	Public	Public access without any specific access control.
OAuth	OAuth	OAuth (unspecified version see oauth.net).
SMART-on-FHIR	SMART-on-FHIR	OAuth2 using SMART-on-FHIR profile (see http://docs.smarthealthit.org/).
NTLM	NTLM	Microsoft NTLM Authentication.
basic	Basic	Basic authentication defined in HTTP specification.
Kerberos	Kerberos	see http://www.ietf.org/rfc/rfc4120.txt.
Certificates	Certificates	SSL where client must have a certificate registered with the server.
opaque-access-token	Opaque Access Token	Uses an opaque token for access control, which is a token whose structure is not visible or meaningful to the client.
jwt-access-token	JWT Access Token	Uses a JSON Web Token (JWT) for access control, which is a compact, URL-safe means of representing claims to be transferred between two parties.
mutual-tls	Mutual TLS	Uses mutual Transport Layer Security (TLS) where both client and server authenticate each other using certificates.
wss-saml-token	WSS SAML Token	Uses a Security Assertion Markup Language (SAML) token within the Web Services Security (WSS) framework for access control.
wss-username-token	WSS User Name Token	Uses a username token within the WSS framework for access control.
wss-kerberos-token	WSS Kerberos Token	Uses a Kerberos token within the WSS framework for access control.
wss-x509-token	WSS X509 Token	Uses an X.509 certificate token within the WSS framework for access control.
wss-custom-token	WSS Custom Token	Uses a custom token within the WSS framework for access control.